The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.
☆181Dec 11, 2025Updated 5 months ago
Alternatives and similar repositories for OpenThreatModel
Users that are interested in OpenThreatModel are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- StartLeft is an automation tool for generating Threat Models written in the Open Threat Model (OTM) format from a variety of different so…☆54Mar 4, 2026Updated 2 months ago
- Agile Threat Modeling as Code☆13Jun 30, 2022Updated 3 years ago
- OWASP Foundation web repository☆42Updated this week
- This repo. is archived. The utility is now at: https://github.com/CycloneDX/sbom-utility☆60Apr 17, 2023Updated 3 years ago
- Documenting your Threat Models with HCL☆458May 16, 2026Updated last week
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- threatspec - continuous threat modeling, through code☆384Dec 30, 2020Updated 5 years ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆72Jun 25, 2025Updated 10 months ago
- ☆155May 15, 2026Updated last week
- A Pythonic framework for threat modeling☆1,125May 2, 2026Updated 2 weeks ago
- HashiCorp-relevant rules for the Semgrep code analysis tool☆41Oct 3, 2023Updated 2 years ago
- Practical Library Of Threats 4 Artificial Intelligence☆38Jun 19, 2025Updated 11 months ago
- A Continuous Threat Modeling methodology☆327Jun 24, 2022Updated 3 years ago
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆41Dec 12, 2023Updated 2 years ago
- Generate a score for your sbom to understand if it will actually be useful.☆242Aug 13, 2024Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- This directory focuses exclusively on Threat Modeling Tools—software, code, libraries, or services that automate, guide, or support the d…☆22May 2, 2026Updated 3 weeks ago
- 🖇️ equivalence table between OWASP ASVS standard and STRIDE threat modeling methodology.☆76Aug 22, 2024Updated last year
- A GraphQL enumeration and extraction tool☆134Jan 29, 2023Updated 3 years ago
- ☆26Sep 17, 2023Updated 2 years ago
- Agile Threat Modeling Toolkit☆763Apr 8, 2026Updated last month
- TRADES Tool☆20Jan 1, 2025Updated last year
- Gram is Klarna's own threat model diagramming tool☆334May 13, 2026Updated last week
- A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for …☆1,752Aug 2, 2024Updated last year
- A collection of real-world threat model examples across various technologies, providing practical insights into identifying and mitigatin…☆503Jun 12, 2025Updated 11 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Awesome secure by default libraries to help you eliminate bug classes!☆707Dec 6, 2025Updated 5 months ago
- A simple threat modeling tool to help humans to reduce time-to-value when threat modeling☆733Updated this week
- This project is about creating and publishing threat model examples.☆432Nov 10, 2021Updated 4 years ago
- An extensive list of resources related to threat modelling. Gotta catch ’em all!☆49Apr 29, 2026Updated 3 weeks ago
- This project aims to standardize the representation and management of EOL and EOS product information across the industry.☆30Mar 4, 2024Updated 2 years ago
- App that simplifies building decision trees to model adverse scenarios☆230Jul 11, 2024Updated last year
- Segment's Threat Modeling training for our engineers☆246May 4, 2021Updated 5 years ago
- ☆59May 5, 2026Updated 2 weeks ago
- A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestrat…☆281Feb 17, 2026Updated 3 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- A community collection of security reviews of open source software components.☆99Feb 29, 2024Updated 2 years ago
- OWASP Threat Dragon with Gitlab Integration☆27Nov 6, 2017Updated 8 years ago
- Build a CVE library with aggregated CISA, EPSS and CVSS data☆29Sep 27, 2023Updated 2 years ago
- sbomasm: The Complete SBOM Management Toolkit☆118Updated this week
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆510Updated this week
- The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.☆110Jan 16, 2024Updated 2 years ago
- A utility to (re-)import findings and language data into DefectDojo☆43Sep 26, 2024Updated last year