Attack Tree Analysis for alibaba/sentinel

Objective: Degrade/Disable Application, Bypass Flow Control, or Leak Config

Attack Tree Visualization

                                 [[Attacker's Goal]]
                                                    |
                                                    |
                  [[1. Bypass Sentinel's Protection]]
                                    |
            -------------------------------------------------
            |						|

[[1.1 Rule Manipulation]] [1.3 Client-Side Bypass] (If client-side is used) | | --------------------- | | | | [[1.1.1 Modify Rules]] [[1.1.2 Delete Rules]] | via Dashboard/API]] via Dashboard/API]] [1.3.1 Manipulate Client]

Attack Tree Path: Path 1

Attacker's Goal ===> 1. Bypass Sentinel's Protection ===> 1.1 Rule Manipulation ===> 1.1.1 Modify Rules via Dashboard/API

Attack Tree Path: Path 2

Attacker's Goal ===> 1. Bypass Sentinel's Protection ===> 1.1 Rule Manipulation ===> 1.1.2 Delete Rules via Dashboard/API

Attack Tree Path: Path 3

Attacker's Goal ===> 1. Bypass Sentinel's Protection ===> 1.3 Client-Side Bypass ===> 1.3.1 Manipulate Client (If client-side is used)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

attack-tree.md

attack-tree.md

Attack Tree Analysis for alibaba/sentinel

Attack Tree Visualization

Attack Tree Path: Path 1

Attack Tree Path: Path 2

Attack Tree Path: Path 3

Files

attack-tree.md

Latest commit

History

attack-tree.md

File metadata and controls

Attack Tree Analysis for alibaba/sentinel

Attack Tree Visualization

Attack Tree Path: Path 1

Attack Tree Path: Path 2

Attack Tree Path: Path 3