Last active
April 18, 2019 21:15
-
-
Save jmarcil/5aa3ddb5b23d51760cbd5ff228a26978 to your computer and use it in GitHub Desktop.
Revisions
-
jmarcil revised this gist
Jan 29, 2018 . 1 changed file with 4 additions and 4 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -6,9 +6,6 @@ agent "Steal cryptocurrency" as steal agent "Manipulate the market" as market agent "Invade privacy" as privacy agent "Expose their spending habits" as spy privacy --> spy agent "View their transactions on blockchain" as blockchain @@ -17,6 +14,9 @@ spy --> blockchain agent "Gain wallet access" as wallet steal --> wallet agent "**I**nternet **C**on **O**peration" as con steal --> con agent "Steal physical wallet\nand password" as phys agent "Find wallet seed" as seed agent "Gain access to\nlocal software wallet" as accesswallet @@ -70,4 +70,4 @@ xkeys --> anotherthree 'spy --> xaccess 'spy --> wallet @enduml -
Jan 28, 2018 . 1 changed file with 29 additions and 51 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -3,85 +3,62 @@ skinparam monochrome true skinparam defaultTextAlignment center agent "Steal cryptocurrency" as steal agent "Manipulate the market" as market agent "Invade privacy" as privacy agent "**I**nternet **C**on **O**peration" as con steal --> con agent "Expose their spending habits" as spy privacy --> spy agent "View their transactions on blockchain" as blockchain spy --> blockchain agent "Gain wallet access" as wallet steal --> wallet agent "Steal physical wallet\nand password" as phys agent "Find wallet seed" as seed agent "Gain access to\nlocal software wallet" as accesswallet agent "Gain access to\n web based wallet" as webwallet wallet --> phys wallet --> accesswallet wallet --> webwallet accesswallet --> seed agent "Weak seeding algo" as weakseed seed --> weakseed agent "Malware" as malware accesswallet --> malware agent "Gain remote access\nto local API" as api agent "Authentication bypass" as lackauth agent "DNS rebinding attack" as dnsrebind accesswallet --> api interface "and" as and api --> and and --> lackauth and --> dnsrebind agent "Gain exchange access" as xaccess agent "Steal account" as xaccount 'agent "Compromise network" as xnetwork agent "API access" as xapi agent "Steal API keys" as xkeys agent "Authentication bypass" as xauthbypass steal --> xaccess xaccess ---> xaccount 'xaccess --> xnetwork xaccess --> xapi xapi --> xkeys xapi --> xauthbypass xapi --> xaccount agent "Denial of service" as dos market --> dos market --> xaccess 'market -> steal cloud "**···**" as another xaccount --> another @@ -90,6 +67,7 @@ cloud "**···**" as anotherthree xauthbypass --> anothertwo xkeys --> anotherthree 'spy --> xaccess 'spy --> wallet @enduml -
Jan 26, 2018 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,95 @@ @startuml skinparam monochrome true skinparam defaultTextAlignment center agent "Steal cryptocurrency" as steal agent "Money laundering" as launder agent "Make someone mesirable" as misere agent "Manipulate the market" as market agent "Gain wallet access" as wallet steal --> wallet agent "Offline attacks" as offline wallet --> offline agent "Steal physical wallet" as phys agent "Find wallet seed" as seed agent "Gain access to the wallet software" as accesswallet offline --> phys offline --> seed offline ---> accesswallet seed --> accesswallet agent "Weak seeding algo" as weakseed seed --> weakseed agent "Malware" as malware accesswallet --> malware agent "View data in memory" as mem agent "The computer has a CPU" as cpu accesswallet --> mem mem --> cpu agent "Gain access to exposed API" as api agent "Lack of authentication" as lackauth agent "DNS rebinding" as dnsrebind accesswallet --> api interface "and" as and api --> and and --> lackauth and --> dnsrebind agent "Online attacks" as online wallet --> online node "Regular everyday\nwebsite hacking" as linkedtree ' agent "Regular everyday\nwebsite hacking" as linkedtree online --> linkedtree agent "**I**nternet **C**on **O**peration" as con agent "Expose their spending habits" as spy agent "Gain exchange access" as xaccess agent "Steal account" as xaccount agent "Compromise network" as xnetwork agent "API access" as xapi agent "Steal API keys" as xkeys agent "Auth bypass" as xauthbypass xaccess --> xaccount xaccess --> xnetwork xaccess --> xapi xapi --> xkeys xapi --> xauthbypass steal --> xaccess online --> xaccess launder --> wallet launder --> con xapi --> xaccount misere --> con misere --> spy agent "View their transactions on blockchain" as blockchain spy --> blockchain misere --> wallet agent "Denial of service" as dos market ---> dos market ----> xaccess market -> steal cloud "**···**" as another xaccount --> another cloud "**···**" as anothertwo cloud "**···**" as anotherthree xauthbypass --> anothertwo xkeys --> anotherthree @enduml