The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.
☆181Dec 11, 2025Updated 2 months ago
Alternatives and similar repositories for OpenThreatModel
Users that are interested in OpenThreatModel are comparing it to the libraries listed below
Sorting:
- StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…☆53Nov 25, 2025Updated 3 months ago
- This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility☆60Apr 17, 2023Updated 2 years ago
- Agile Threat Modeling as Code☆13Jun 30, 2022Updated 3 years ago
- OWASP Foundation web repository☆35Updated this week
- threatspec - continuous threat modeling, through code☆379Dec 30, 2020Updated 5 years ago
- Documenting your Threat Models with HCL☆453Feb 24, 2026Updated last week
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆68Jun 25, 2025Updated 8 months ago
- HashiCorp-relevant rules for the Semgrep code analysis tool☆41Oct 3, 2023Updated 2 years ago
- A Continuous Threat Modeling methodology☆324Jun 24, 2022Updated 3 years ago
- Practical Library Of Threats 4 Artificial Intelligence☆36Jun 19, 2025Updated 8 months ago
- ☆141Feb 24, 2026Updated last week
- A Pythonic framework for threat modeling☆1,108Updated this week
- 🖇️ equivalence table between OWASP ASVS standard and STRIDE threat modeling methodology.☆76Aug 22, 2024Updated last year
- Generate a score for your sbom to understand if it will actually be useful.☆238Aug 13, 2024Updated last year
- OWASP Threat Dragon with Gitlab Integration☆27Nov 6, 2017Updated 8 years ago
- ☆57Feb 9, 2026Updated 3 weeks ago
- An extensive list of resources related to threat modelling. Gotta catch ’em all!☆42Updated this week
- Awesome secure by default libraries to help you eliminate bug classes!☆700Dec 6, 2025Updated 2 months ago
- This project is about creating and publishing threat model examples.☆428Nov 10, 2021Updated 4 years ago
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆462Updated this week
- Build a CVE library with aggregated CISA, EPSS and CVSS data☆29Sep 27, 2023Updated 2 years ago
- Agile Threat Modeling Toolkit☆725Nov 20, 2025Updated 3 months ago
- Segment's Threat Modeling training for our engineers☆245May 4, 2021Updated 4 years ago
- Gram is Klarna's own threat model diagramming tool☆331Jan 26, 2026Updated last month
- ☆25Sep 17, 2023Updated 2 years ago
- A simple threat modeling tool to help humans to reduce time-to-value when threat modeling☆680Updated this week
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆41Dec 12, 2023Updated 2 years ago
- A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for …☆1,716Aug 2, 2024Updated last year
- SBOM Search - Context aware search in SBOM repositories☆29Nov 24, 2025Updated 3 months ago
- ☆102Sep 27, 2024Updated last year
- Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.☆33Oct 13, 2022Updated 3 years ago
- A community collection of security reviews of open source software components.☆97Feb 29, 2024Updated 2 years ago
- OWASP Ontology-driven Threat Modelling framework☆40Jul 11, 2023Updated 2 years ago
- An SBOM query language and associated utilities☆55Jan 22, 2024Updated 2 years ago
- A collection of real-world threat model examples across various technologies, providing practical insights into identifying and mitigatin…☆487Jun 12, 2025Updated 8 months ago
- A small tool to help developers understand a huge set of security requirements from appsec teams☆46Sep 2, 2022Updated 3 years ago
- A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestrat…☆280Feb 17, 2026Updated last week
- App that simplifies building decision trees to model adverse scenarios☆228Jul 11, 2024Updated last year
- Threat model for Amazon S3 - Library of all the attack scenarios on Amazon S3, and how to mitigate them following a risk-based approach☆157Feb 21, 2026Updated last week