An extensive list of resources related to threat modelling. Gotta catch ’em all!
☆42Updated this week
Alternatives and similar repositories for threats
Users that are interested in threats are comparing it to the libraries listed below
Sorting:
- A small tool to help developers understand a huge set of security requirements from appsec teams☆46Sep 2, 2022Updated 3 years ago
- NIVA is a simple web application which is intentionally vulnerable to NoSQL injection. The purpose of this project is to facilitate a bet…☆19Nov 21, 2022Updated 3 years ago
- R.A.Y.D.E.R revolutionizes security testing for generative AI by letting you test chatbots directly through their web interfaces. No API …☆15Jul 23, 2025Updated 7 months ago
- Report on quality of SBOM contents☆25Dec 18, 2024Updated last year
- OWASP Foundation web repository☆35Updated this week
- InfoSec OpenAI Examples☆19Nov 26, 2023Updated 2 years ago
- The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.☆181Dec 11, 2025Updated 2 months ago
- ☆11Feb 10, 2026Updated 2 weeks ago
- OWASP Foundation web repository☆21Jan 7, 2026Updated last month
- This toolkit guides you on implementing secure and user-friendly digital and in-person interactions. Whether you are a service owner, dev…☆10Nov 6, 2025Updated 3 months ago
- ForgeRock Identity Cloud Debug Tools☆11Jan 27, 2023Updated 3 years ago
- BambooHR Slack bot publishes company holidays, work anniversaries, first days, birthdays, and who is out each weekday.☆10Mar 4, 2023Updated 2 years ago
- ☆12Feb 10, 2026Updated 2 weeks ago
- Sample SecOps scripts and Utilities☆12Jun 19, 2024Updated last year
- A curated list of 150+ papers and resources on Agentic Security. Based on the survey covering the transition from passive LLMs to autonom…☆28Dec 6, 2025Updated 2 months ago
- This repository stores content that can be used to design a Rapid Threat Model Prototyping process for a software development group.☆165Mar 14, 2023Updated 2 years ago
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆41Dec 12, 2023Updated 2 years ago
- ☆62Jun 3, 2025Updated 8 months ago
- A docker container with different testing tools.☆13Jan 31, 2024Updated 2 years ago
- GitHub action to generate a CycloneDX SBOM for .NET☆12Jul 15, 2025Updated 7 months ago
- Simple authentication toolkit for works with Yubikey☆13Feb 1, 2026Updated last month
- OSCAL and Kyverno Policy Demo for AWS☆16Aug 16, 2023Updated 2 years ago
- Work in progress...☆10Feb 29, 2024Updated 2 years ago
- AI Resilience Maturity Model☆25Aug 4, 2024Updated last year
- Script to setup istio in KinD (compatible with M1 Macs)☆10Aug 21, 2021Updated 4 years ago
- MultiStep MCP That Returns CVE Information With EPSS Score☆13May 22, 2025Updated 9 months ago
- A Network access firewall for Unix like OS and specifically supports Raspberry Pi 3 .☆11Feb 25, 2018Updated 8 years ago
- Learning playground for Argus-SAF☆10Dec 27, 2018Updated 7 years ago
- ☆13Aug 29, 2024Updated last year
- Prototype compiler from AWS CloudFormation IaC templates into Logic.☆13Dec 5, 2023Updated 2 years ago
- Monitor your domains for newly issued certificates and alert to Slack in near-realtime☆10Aug 29, 2022Updated 3 years ago
- OWASP Smart Contract Securty Verification Standard☆17Aug 20, 2025Updated 6 months ago
- Computes and displays the visual differences between two URLs☆12Aug 17, 2022Updated 3 years ago
- POSIX-compliant CLI tool that wraps tmux ≥ 3.0 and git worktree to manage parallel AI coding sessions ("heads")☆27Dec 30, 2025Updated 2 months ago
- Apple Books Highlights Exporter☆11Jul 31, 2024Updated last year
- Http Security Headers Checker Tool written in PHP Cli + Useful Tips to set Http Security Headers☆10Mar 27, 2021Updated 4 years ago
- GitHub Actions Security Tester☆12Feb 1, 2023Updated 3 years ago
- Squatm3 is a python tool designed to enumerate available domains generated modifying the original domain name through different technique…☆43Dec 11, 2025Updated 2 months ago
- Discover vulnerabilities and container image misconfiguration in production environments.☆55Jan 9, 2026Updated last month