Skip to content

codethor0/creativity-exploit-engine

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
.github/workflows
.github/workflows
 
 
docs
docs
 
 
examples
examples
 
 
src/creativity_engine
src/creativity_engine
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
pyproject.toml
pyproject.toml
 
 

Repository files navigation

creativity-exploit-engine

CI License: MIT Python 3.10+

Code Signature

Author: Thor Thor Email: codethor@gmail.com GitHub: https://github.com/codethor0 Project: creativity-exploit-engine

Reference Article

This PoC implements the framework described in:

"The Creativity Exploit: Toward an Algorithmic Framework for Security Imagination"
(Canonical URL to be added when published.)

Overview

The Creativity Engine scores threat scenarios by novelty and value using embeddings and approximate nearest neighbor search. It can generate creative variations for threat modeling and red teaming via a simple evolutionary search over artifact combinations.

  • Novelty: How different a scenario is from known ones (cosine distance in embedding space)
  • Value: Domain heuristic for security relevance (critical assets, risky entry points, advanced techniques)
  • Surprise: Optional hook for generative models (default disabled)

Installation

# Local development (with dev dependencies: pytest, mypy, ruff)
pip install -e ".[dev]"

# Or install from GitHub
pip install "creativity-exploit-engine @ git+https://github.com/codethor0/creativity-exploit-engine.git"

Usage

Minimal code example

from creativity_engine import Artifact, CreativityEngine, SentenceTransformerEmbedder

# For offline/testing: use DummyEmbedder instead (set CRE_ENGINE_DUMMY=1)
embedder = SentenceTransformerEmbedder()
engine = CreativityEngine(embedder=embedder)

artifact = Artifact(
    asset="domain controller",
    entry_point="VPN gateway",
    technique="password spraying",
    constraint="assume EDR present",
)
scores = engine.score(artifact)
print(scores)  # {"novelty": ..., "value": ..., "surprise": ..., "creativity": ...}

CLI: seeds-demo

Runs a short evolutionary search with hard-coded seed artifacts:

python -m creativity_engine.cli seeds-demo

For offline mode (no model download, uses deterministic embedder):

CRE_ENGINE_DUMMY=1 python -m creativity_engine.cli seeds-demo

Score a single scenario

python -m creativity_engine.cli score-once \
  --asset "domain controller" \
  --entry-point "vpn gateway" \
  --technique "password spraying" \
  --constraint "assume edr present"

Limitations

  • This is a Proof of Concept, not a replacement for human threat modeling
  • The surprise term is currently a hook only (gamma default 0)
  • Value heuristic is simple and may not capture all domain nuances

Documentation

  • Overview - Technical summary of novelty, value, and evolutionary search
  • API - API reference for Artifact, embedders, and CreativityEngine
  • Examples - Sample seeds-demo output (no install required)

Releases

Releases are tagged on GitHub. See Releases.

git tag -a v0.1.0 -m "Initial PoC: Creativity Exploit Engine"
git push origin v0.1.0

Development

pip install -e ".[dev]"
pytest
mypy src/creativity_engine tests
ruff check src/creativity_engine tests

License

MIT

About

Algorithmic creativity engine for security threat scenarios: scores NOVELTY + VALUE using embeddings and HNSW, with an evolutionary search over attack paths.

Topics

security embeddings cybersecurity threat-modeling red-team computational-creativity blue-team hnsw vector-search

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

 
 
 

Contributors

Languages