izar/awesome-threat-modelling external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

izar/awesome-threat-modelling

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/izar/awesome-threat-modelling)

Close

izar / awesome-threat-modellingView on GitHubMore

• External links
• Readme badge

A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.

☆19Mar 13, 2024Updated 2 years ago

Alternatives and similar repositories for awesome-threat-modelling

Users that are interested in awesome-threat-modelling are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• MichelleEmbleton / appSecRadar

  View on GitHub
  A colour-coded radar chart to keep track of technologies in use, whether they are being evaluated, adopted or phased out.
  ☆14Apr 20, 2026Updated 2 weeks ago
• RootUp / XRayC2

  View on GitHub
  AWS X-Ray for Covert Command & Control
  ☆46Oct 13, 2025Updated 6 months ago
• OWASP / pytm

  View on GitHub
  A Pythonic framework for threat modeling
  ☆1,125May 2, 2026Updated last week
• we45 / Gauge-OWASP-ZAP

  View on GitHub
  Example of using Gauge and OWASP ZAP for test automation
  ☆11Jan 9, 2020Updated 6 years ago
• danilop / graphql-api-security-with-aws-appsync-and-amplify

  View on GitHub
  ☆13Mar 15, 2021Updated 5 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• jessekurrus / slmailsploits

  View on GitHub
  Several Python scripts used to fuzz and exploit SLmail. These are meant to supplement the Kali Linux Hands-on Pentesting Udemy course.
  ☆16Dec 24, 2018Updated 7 years ago
• jtmelton / attack-surface-analyzer

  View on GitHub
  A tool for analyzing the attack surface of an application
  ☆19Mar 5, 2025Updated last year
• playframework / play-webgoat

  View on GitHub
  A vulnerable Play application for attackers.
  ☆18Apr 28, 2026Updated last week
• LeapBeyond / terraform-aws-guardduty

  View on GitHub
  A small example of setting up GuardDuty using Terraform
  ☆11Nov 9, 2020Updated 5 years ago
• strozfriedberg / MAM-Security-Checklist

  View on GitHub
  Checklist intended to be used as a baseline for assessing, designing, and testing the security of a MAM (Application Wrapping) solution
  ☆20Sep 2, 2015Updated 10 years ago
• project-oak / transparent-release

  View on GitHub
  Making transparency normal!
  ☆24Dec 18, 2023Updated 2 years ago
• osvaldjr / easy-cucumber

  View on GitHub
  Easy Cucumber JVM DSL tests.
  ☆13Jul 12, 2025Updated 9 months ago
• OWASP / PSCF

  View on GitHub
  ☆28Oct 2, 2025Updated 7 months ago
• hajowieland / terraform-kali-linux

  View on GitHub
  Terraform & Packer code to create an up-to-date Kali Linux AWS EC2 instance
  ☆16Jul 1, 2019Updated 6 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• DNXLabs / devops-playbook

  View on GitHub
  ☆14Apr 14, 2019Updated 7 years ago
• joelparkerhenderson / outputs-vs-outcomes

  View on GitHub
  Outputs vs. outcomes: what's the different and why does it matter?
  ☆16Apr 14, 2025Updated last year
• superkojiman / mass_deauth

  View on GitHub
  Script to mass deauthenticate multiple wireless clients.
  ☆12Jan 1, 2017Updated 9 years ago
• InfoProtectionTeam / Files

  View on GitHub
  This repository is for public files shared by the Microsoft Information Protection Team
  ☆25Jan 6, 2021Updated 5 years ago
• kiratech / terraform-aws-hardening

  View on GitHub
  Terraform module providing a secure baseline for AWS
  ☆18Jun 17, 2025Updated 10 months ago
• min9pm8 / container-app-security-cicd

  View on GitHub
  Using AWS for GitHub Actions and various security features available through AWS Container Services like Amazon ECS, AWS Fargate, and Ama…
  ☆16Mar 15, 2021Updated 5 years ago
• InfoProtectionTeam / AIP-Deployment-Acceleration-Guide

  View on GitHub
  This repository is used to store the Azure Information Protection Deployment Acceleration Guide
  ☆29May 31, 2019Updated 6 years ago
• T911s / Nmap-Scans

  View on GitHub
  ☆26Sep 1, 2017Updated 8 years ago
• idealista / kafka_role

  View on GitHub
  Ansible role to install Apache Kafka
  ☆18Apr 6, 2026Updated last month
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• michalkoczwara / DevSecOps-Studio

  View on GitHub
  Virtual environment for learning DevSecOps
  ☆41Nov 16, 2017Updated 8 years ago
• cyph / appsec-glory

  View on GitHub
  Consolidated demo and source links from Bryant Zadegan and Ryan Lester's Black Hat / DEF CON talk "Abusing Bleeding Edge Web Standards fo…
  ☆11Aug 19, 2017Updated 8 years ago
• splunkalicious / PII_Tools

  View on GitHub
  ☆10Nov 30, 2020Updated 5 years ago
• planetoftheweb / podcast-test

  View on GitHub
  ☆21Apr 26, 2024Updated 2 years ago
• blackpandhack / CTF-Tools

  View on GitHub
  ☆10Jun 30, 2016Updated 9 years ago
• klarna-incubator / gram

  View on GitHub
  Gram is Klarna's own threat model diagramming tool
  ☆334Updated this week
• superkojiman / writeups

  View on GitHub
  Musings from the brainpan.
  ☆10Jan 8, 2019Updated 7 years ago
• ahawkins / semaphore-continuous-deployment

  View on GitHub
  ☆10Jul 6, 2016Updated 9 years ago
• GDSSecurity / JSSE_Fortify_SCA_Rules

  View on GitHub
  Custom Fortify SCA rules to detect common JSSE certification validation flaws
  ☆11Nov 18, 2015Updated 10 years ago
• End-to-end encrypted cloud storage - Proton Drive • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
• ortegaalfredo / crashbench

  View on GitHub
  Crashbench is a LLM benchmark to measure bug-finding and reporting capabilities of LLMs
  ☆14Mar 8, 2026Updated 2 months ago
• CTFd / DynamicValueChallenge

  View on GitHub
  CTFd Challenge Type which decreases its value after every solve
  ☆18Feb 1, 2019Updated 7 years ago
• isaudits / parsers

  View on GitHub
  Miscellaneous parsing scripts for penetration testing
  ☆12Jul 17, 2023Updated 2 years ago
• cloudposse / terraform-aws-guardduty

  View on GitHub
  Terraform module to provision AWS Guard Duty
  ☆31Updated this week
• mitre / CICAT

  View on GitHub
  ☆19Oct 30, 2020Updated 5 years ago
• aws-samples / aws-iam-accessadvisor-permissionboundary

  View on GitHub
  Audit IAM roles and users using Access Advisor data using Python/boto3 SDK and automatically create IAM permissions boundaries to limit a…
  ☆39Sep 8, 2020Updated 5 years ago
• kevholditch / terraform-course-examples

  View on GitHub
  Code examples for the Infrastructure As Code In AWS With Terraform course
  ☆21Oct 14, 2021Updated 4 years ago