A method for displaying an attack vector available to an attacker of a networked system including a plurality of network nodes. One or more penetration tests of the networked system are carried out, by a penetration testing system. Based on results of the penetration tests, the attack vector available to an attacker of the networked system is identified. A critical path of the attack vector is determined, and is displayed by displaying the network nodes included in the critical path as a continuous ordered sequence of network nodes. In some embodiments, one or more auxiliary paths of the attack vector may be determined, and may be displayed.