A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.
☆19Mar 13, 2024Updated 2 years ago
Alternatives and similar repositories for awesome-threat-modelling
Users that are interested in awesome-threat-modelling are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Set of useful scrpts☆10Jan 4, 2015Updated 11 years ago
- AWS X-Ray for Covert Command & Control☆45Oct 13, 2025Updated 6 months ago
- A Pythonic framework for threat modeling☆1,122Apr 9, 2026Updated last week
- Example of using Gauge and OWASP ZAP for test automation☆11Jan 9, 2020Updated 6 years ago
- ☆13Mar 15, 2021Updated 5 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- A vulnerable Play application for attackers.☆18Apr 7, 2026Updated last week
- Verify ownership of domains and mobile apps☆23May 22, 2023Updated 2 years ago
- Making transparency normal!☆24Dec 18, 2023Updated 2 years ago
- for Windows Malware Analysis☆16May 14, 2020Updated 5 years ago
- ☆28Oct 2, 2025Updated 6 months ago
- Outputs vs. outcomes: what's the different and why does it matter?☆16Apr 14, 2025Updated last year
- ☆18Jul 7, 2023Updated 2 years ago
- Script to mass deauthenticate multiple wireless clients.☆12Jan 1, 2017Updated 9 years ago
- scan s3 buckets for security issues☆86Aug 7, 2024Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Terraform module providing a secure baseline for AWS☆18Jun 17, 2025Updated 10 months ago
- This repository stores content that can be used to design a Rapid Threat Model Prototyping process for a software development group.☆165Mar 14, 2023Updated 3 years ago
- Using AWS for GitHub Actions and various security features available through AWS Container Services like Amazon ECS, AWS Fargate, and Ama…☆16Mar 15, 2021Updated 5 years ago
- ☆26Sep 1, 2017Updated 8 years ago
- scala implementation of RFC 6238; Supports base32 & hex.☆29Jul 9, 2017Updated 8 years ago
- ☆20Apr 26, 2024Updated last year
- Gram is Klarna's own threat model diagramming tool☆333Updated this week
- Musings from the brainpan.☆10Jan 8, 2019Updated 7 years ago
- ☆10Jul 6, 2016Updated 9 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Custom Fortify SCA rules to detect common JSSE certification validation flaws☆11Nov 18, 2015Updated 10 years ago
- #YOLO motherfuckers!☆22Jan 16, 2018Updated 8 years ago
- Miscellaneous parsing scripts for penetration testing☆12Jul 17, 2023Updated 2 years ago
- Terraform module to provision AWS Guard Duty☆31Jan 1, 2026Updated 3 months ago
- Default plugins for Jaeles Scanner☆35Nov 5, 2020Updated 5 years ago
- Pragmatic Network Security for Cloud and Hybrid Networks☆10Nov 24, 2015Updated 10 years ago
- Infrastructure-as-code for a serverless knowledge base using Amazon Bedrock, Aurora PostgreSQL (with pgvector), Lambda, and S3. This setu…☆19Mar 23, 2025Updated last year
- Various AI Related Concepts Directory☆33Apr 11, 2026Updated last week
- ☆85Oct 15, 2022Updated 3 years ago
- Serverless GPU API endpoints on Runpod - Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- This application contains intentional security vulnerabilities and should never be deployed in production environments or exposed to the …☆16Apr 25, 2025Updated 11 months ago
- Maturity Model Collaborative project☆15Feb 27, 2023Updated 3 years ago
- Challenges from past S4 (SCADA Security Scientific Symposium) Capture-the-Flag contests.☆28Aug 19, 2016Updated 9 years ago
- Public rules and samples for various automations through LimaCharlie.io☆14Dec 16, 2021Updated 4 years ago
- Tools related to work with Attack Flow (https://github.com/center-for-threat-informed-defense/attack-flow)☆44Jun 6, 2022Updated 3 years ago
- Testing for the Cloud☆19Jan 12, 2020Updated 6 years ago
- Contains function and feature extensions, code examples, and utilities for JumpCloud, including automated user import, CSV import, and ot…☆15Mar 8, 2016Updated 10 years ago