izar/awesome-threat-modelling external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

izar/awesome-threat-modelling

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/izar/awesome-threat-modelling)

Close

izar / awesome-threat-modellingView on GitHubMore

• External links
• Readme badge

A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.

☆19Mar 13, 2024Updated 2 years ago

Alternatives and similar repositories for awesome-threat-modelling

Users that are interested in awesome-threat-modelling are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• Phat3 / Useful-Scripts

  View on GitHub
  Set of useful scrpts
  ☆10Jan 4, 2015Updated 11 years ago
• OWASP / pytm

  View on GitHub
  A Pythonic framework for threat modeling
  ☆1,113Mar 16, 2026Updated last week
• pinktangent / Endpoint-Testing

  View on GitHub
  Repository for Endpoint Security Testing
  ☆35Jul 26, 2018Updated 7 years ago
• danilop / graphql-api-security-with-aws-appsync-and-amplify

  View on GitHub
  ☆13Mar 15, 2021Updated 5 years ago
• jessekurrus / slmailsploits

  View on GitHub
  Several Python scripts used to fuzz and exploit SLmail. These are meant to supplement the Kali Linux Hands-on Pentesting Udemy course.
  ☆16Dec 24, 2018Updated 7 years ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• jtmelton / attack-surface-analyzer

  View on GitHub
  A tool for analyzing the attack surface of an application
  ☆19Mar 5, 2025Updated last year
• SanseoLab / ejExtractor

  View on GitHub
  Integrated tool for extracting scripts and binaries of AutoIt, AutoHotKey, InnoSetup, NSIS executables and Decoding powershell / jse / vb…
  ☆14Dec 10, 2018Updated 7 years ago
• playframework / play-webgoat

  View on GitHub
  A vulnerable Play application for attackers.
  ☆18Mar 3, 2026Updated 3 weeks ago
• strozfriedberg / MAM-Security-Checklist

  View on GitHub
  Checklist intended to be used as a baseline for assessing, designing, and testing the security of a MAM (Application Wrapping) solution
  ☆20Sep 2, 2015Updated 10 years ago
• FallibleInc / ownercheck

  View on GitHub
  Verify ownership of domains and mobile apps
  ☆23May 22, 2023Updated 2 years ago
• project-oak / transparent-release

  View on GitHub
  Making transparency normal!
  ☆24Dec 18, 2023Updated 2 years ago
• osvaldjr / easy-cucumber

  View on GitHub
  Easy Cucumber JVM DSL tests.
  ☆13Jul 12, 2025Updated 8 months ago
• OWASP / PSCF

  View on GitHub
  ☆28Oct 2, 2025Updated 5 months ago
• hajowieland / terraform-kali-linux

  View on GitHub
  Terraform & Packer code to create an up-to-date Kali Linux AWS EC2 instance
  ☆16Jul 1, 2019Updated 6 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• magisterquis / s3finder

  View on GitHub
  Yet another open S3 bucket finder
  ☆20Mar 8, 2018Updated 8 years ago
• joelparkerhenderson / outputs-vs-outcomes

  View on GitHub
  Outputs vs. outcomes: what's the different and why does it matter?
  ☆16Apr 14, 2025Updated 11 months ago
• sriddell / ecr-cve-monitor

  View on GitHub
  ☆18Jul 7, 2023Updated 2 years ago
• superkojiman / mass_deauth

  View on GitHub
  Script to mass deauthenticate multiple wireless clients.
  ☆12Jan 1, 2017Updated 9 years ago
• geoffrey-hill-tutamantic / rapid-threat-model-prototyping-docs

  View on GitHub
  This repository stores content that can be used to design a Rapid Threat Model Prototyping process for a software development group.
  ☆165Mar 14, 2023Updated 3 years ago
• T911s / Nmap-Scans

  View on GitHub
  ☆26Sep 1, 2017Updated 8 years ago
• cyph / appsec-glory

  View on GitHub
  Consolidated demo and source links from Bryant Zadegan and Ryan Lester's Black Hat / DEF CON talk "Abusing Bleeding Edge Web Standards fo…
  ☆11Aug 19, 2017Updated 8 years ago
• marklister / scala-totp-auth

  View on GitHub
  scala implementation of RFC 6238; Supports base32 & hex.
  ☆29Jul 9, 2017Updated 8 years ago
• blackpandhack / CTF-Tools

  View on GitHub
  ☆10Jun 30, 2016Updated 9 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• planetoftheweb / podcast-test

  View on GitHub
  ☆20Apr 26, 2024Updated last year
• klarna-incubator / gram

  View on GitHub
  Gram is Klarna's own threat model diagramming tool
  ☆332Updated this week
• thatbirdguythatuknownot / py311-decompiler

  View on GitHub
  A Python decompiler for 3.11; WIP.
  ☆26Nov 19, 2023Updated 2 years ago
• superkojiman / writeups

  View on GitHub
  Musings from the brainpan.
  ☆10Jan 8, 2019Updated 7 years ago
• ahawkins / semaphore-continuous-deployment

  View on GitHub
  ☆10Jul 6, 2016Updated 9 years ago
• GDSSecurity / JSSE_Fortify_SCA_Rules

  View on GitHub
  Custom Fortify SCA rules to detect common JSSE certification validation flaws
  ☆11Nov 18, 2015Updated 10 years ago
• vuldb / vuldb-api-python-examples

  View on GitHub
  VulDB Python scripts to fetch data via API
  ☆20Feb 24, 2020Updated 6 years ago
• ortegaalfredo / crashbench

  View on GitHub
  Crashbench is a LLM benchmark to measure bug-finding and reporting capabilities of LLMs
  ☆14Mar 8, 2026Updated 3 weeks ago
• CTFd / DynamicValueChallenge

  View on GitHub
  CTFd Challenge Type which decreases its value after every solve
  ☆18Feb 1, 2019Updated 7 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• isaudits / parsers

  View on GitHub
  Miscellaneous parsing scripts for penetration testing
  ☆12Jul 17, 2023Updated 2 years ago
• YOLOSecFW / YoloSec-Framework

  View on GitHub
  #YOLO motherfuckers!
  ☆22Jan 16, 2018Updated 8 years ago
• cloudposse / terraform-aws-guardduty

  View on GitHub
  Terraform module to provision AWS Guard Duty
  ☆31Jan 1, 2026Updated 2 months ago
• mitre / CICAT

  View on GitHub
  ☆19Oct 30, 2020Updated 5 years ago
• aws-samples / aws-iam-accessadvisor-permissionboundary

  View on GitHub
  Audit IAM roles and users using Access Advisor data using Python/boto3 SDK and automatically create IAM permissions boundaries to limit a…
  ☆39Sep 8, 2020Updated 5 years ago
• kevholditch / terraform-course-examples

  View on GitHub
  Code examples for the Infrastructure As Code In AWS With Terraform course
  ☆21Oct 14, 2021Updated 4 years ago
• Securosis / PragmaticNetSecCloud

  View on GitHub
  Pragmatic Network Security for Cloud and Hybrid Networks
  ☆10Nov 24, 2015Updated 10 years ago