HomeToolsDocsPricingGalleryExtensionContact Get the App
// core workflows

Attack Graph

What it tracks

Every piece of data your task produces lands in the task knowledge graph. Hosts, services, open ports, web paths, credentials, vulnerabilities, artifacts, and screenshots all go in automatically whether you found them manually or through the agent. Nothing gets lost between tools.

The Overview tab shows you a live summary of the graph: how many hosts have been discovered, how many services, how many credentials captured, how many findings confirmed, and a risk posture bar showing the severity breakdown across the whole task.

Hosts and services

Every host that gets discovered is added to the graph with its IP address, hostname, and OS fingerprint if one was detected. Services running on each host are listed with the port, protocol, and version banner. You can click into any host to see everything associated with it.

Persistence

The graph is stored locally in ~/.strikedeck/ and persists between sessions. Close the app, reopen it the next day, and everything is exactly where you left it. The agent picks up context from the existing graph when you resume a task, so it knows what has already been found.

The graph is what makes the AI Operator effective on long tasks. It reads the current state before deciding what to do next, so it doesn't re-run things you've already done.
Next: Reports Back to Docs