Alternatives and similar repositories for awesome-threat-modelling

Users that are interested in awesome-threat-modelling are comparing it to the libraries listed below

• RootUp / XRayC2

  View on GitHub
  AWS X-Ray for Covert Command & Control
  ☆45Oct 13, 2025Updated 4 months ago
• strozfriedberg / MAM-Security-Checklist

  View on GitHub
  Checklist intended to be used as a baseline for assessing, designing, and testing the security of a MAM (Application Wrapping) solution
  ☆20Sep 2, 2015Updated 10 years ago
• project-oak / transparent-release

  View on GitHub
  Making transparency normal!
  ☆24Dec 18, 2023Updated 2 years ago
• pinktangent / Endpoint-Testing

  View on GitHub
  Repository for Endpoint Security Testing
  ☆35Jul 26, 2018Updated 7 years ago
• polyhedraltech / SecurityTesting

  View on GitHub
  Eclipse plugin suite providing integration with security testing tools.
  ☆11Apr 23, 2016Updated 9 years ago
• kenb123 / Basic-Expression-Lexicon-Variation-Algorithms-BELVA

  View on GitHub
  Generate and Permutate Context Aware Dictionaries for Application Testing
  ☆11Aug 16, 2016Updated 9 years ago
• splunkalicious / PII_Tools

  View on GitHub
  ☆10Nov 30, 2020Updated 5 years ago
• blackn0te / Apache-HTTP-Server-2.4.49-2.4.50-Path-Traversal-Remote-Code-Execution

  View on GitHub
  Apache HTTP-Server 2.4.49-2.4.50 Path Traversal & Remote Code Execution PoC (CVE-2021-41773 & CVE-2021-42013)
  ☆12Aug 22, 2025Updated 5 months ago
• Broadcom / terraform-provider-luminate

  View on GitHub
  Secure access cloud terraform provider
  ☆13Feb 8, 2026Updated last week
• vz-risk / flow

  View on GitHub
  Tools related to work with Attack Flow (https://github.com/center-for-threat-informed-defense/attack-flow)
  ☆44Jun 6, 2022Updated 3 years ago
• isaudits / parsers

  View on GitHub
  Miscellaneous parsing scripts for penetration testing
  ☆12Jul 17, 2023Updated 2 years ago
• TheCyberpunker / InsecureShip

  View on GitHub
  This application contains intentional security vulnerabilities and should never be deployed in production environments or exposed to the …
  ☆16Apr 25, 2025Updated 9 months ago
• mondoohq / samples

  View on GitHub
  Security Scanning Samples with cnspec, cnquery, and Mondoo Platform
  ☆16Feb 4, 2026Updated last week
• superkojiman / writeups

  View on GitHub
  Musings from the brainpan.
  ☆10Jan 8, 2019Updated 7 years ago
• malcomvetter / DieHard

  View on GitHub
  PoC: process watcher patterns to make killing a process hard.
  ☆11Aug 1, 2018Updated 7 years ago
• KMGbully / ikebrute

  View on GitHub
  Simply runs through a wordlist of default/common group IDs and parses each hash to a separate file. Then it runs through the hashes with …
  ☆10Feb 15, 2017Updated 9 years ago
• lyonys / ARMCoder

  View on GitHub
  The ultimate tool to crafting your ARM shell code
  ☆10Aug 7, 2015Updated 10 years ago
• singe / fast-permute

  View on GitHub
  A fast python tool for creating permutations of alphanumerics
  ☆11Mar 22, 2020Updated 5 years ago
• CasperGN / MFASweep.py

  View on GitHub
  Test Azure environment for MFA misconfigurations
  ☆12Jan 13, 2023Updated 3 years ago
• joelparkerhenderson / outputs-vs-outcomes

  View on GitHub
  Outputs vs. outcomes: what's the different and why does it matter?
  ☆16Apr 14, 2025Updated 10 months ago
• blackpandhack / CTF-Tools

  View on GitHub
  ☆10Jun 30, 2016Updated 9 years ago
• superkojiman / mass_deauth

  View on GitHub
  Script to mass deauthenticate multiple wireless clients.
  ☆12Jan 1, 2017Updated 9 years ago
• nutrun / glow

  View on GitHub
  Distributed parallelization of tasks
  ☆41Jan 21, 2014Updated 12 years ago
• humblepoti / flutter-modified

  View on GitHub
  libflutter.so(s) modified for traffic intercepting removing certificate pinning validation. Dart version is 2.10.5
  ☆12Jul 11, 2021Updated 4 years ago
• Securosis / PragmaticNetSecCloud

  View on GitHub
  Pragmatic Network Security for Cloud and Hybrid Networks
  ☆10Nov 24, 2015Updated 10 years ago
• nxenon / grpc-lab

  View on GitHub
  gRPC / gRPC-Web Pentest Practicing Lab
  ☆10Aug 29, 2023Updated 2 years ago
• airman604 / cms2cmd

  View on GitHub
  ☆10Nov 24, 2018Updated 7 years ago
• pentestingforfunandprofit / webbank

  View on GitHub
  ☆10Jan 22, 2016Updated 10 years ago
• tines / stories

  View on GitHub
  ☆12Mar 14, 2022Updated 3 years ago
• adanalvarez / bedrock-secure-questionnaire-automation

  View on GitHub
  Infrastructure-as-code for a serverless knowledge base using Amazon Bedrock, Aurora PostgreSQL (with pgvector), Lambda, and S3. This setu…
  ☆19Mar 23, 2025Updated 10 months ago
• wsargent / paranoid-java-serialization

  View on GitHub
  Adds a guard to disable ObjectInputStream.readObject
  ☆11Dec 6, 2015Updated 10 years ago
• ahawkins / semaphore-continuous-deployment

  View on GitHub
  ☆10Jul 6, 2016Updated 9 years ago
• cyph / appsec-glory

  View on GitHub
  Consolidated demo and source links from Bryant Zadegan and Ryan Lester's Black Hat / DEF CON talk "Abusing Bleeding Edge Web Standards fo…
  ☆11Aug 19, 2017Updated 8 years ago
• RCStep / RedTeam_Tools_n_Stuff

  View on GitHub
  Collection of self-made Red Team tools that have come in handy
  ☆12Aug 25, 2024Updated last year
• arothian / inspec-aws

  View on GitHub
  Inspec resources for AWS
  ☆10Feb 20, 2018Updated 7 years ago
• ax330d / misc

  View on GitHub
  Various things to share
  ☆11Sep 22, 2018Updated 7 years ago
• namazso / PawnPP

  View on GitHub
  A Pawn p-code interpreter written in C++
  ☆24Oct 13, 2022Updated 3 years ago
• TheJumpCloud / Extensions

  View on GitHub
  Contains function and feature extensions, code examples, and utilities for JumpCloud, including automated user import, CSV import, and ot…
  ☆14Mar 8, 2016Updated 9 years ago
• s1th / system_i_audit

  View on GitHub
  IBM System i (formerly AS400, iSeries, i5, etc.)
  ☆11Feb 10, 2013Updated 13 years ago