A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.
☆19Mar 13, 2024Updated 2 years ago
Alternatives and similar repositories for awesome-threat-modelling
Users that are interested in awesome-threat-modelling are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A colour-coded radar chart to keep track of technologies in use, whether they are being evaluated, adopted or phased out.☆14Apr 20, 2026Updated last month
- Set of useful scrpts☆10Jan 4, 2015Updated 11 years ago
- A Pythonic framework for threat modeling☆1,124May 22, 2026Updated last week
- Example of using Gauge and OWASP ZAP for test automation☆11Jan 9, 2020Updated 6 years ago
- ☆13Mar 15, 2021Updated 5 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Several Python scripts used to fuzz and exploit SLmail. These are meant to supplement the Kali Linux Hands-on Pentesting Udemy course.☆16Dec 24, 2018Updated 7 years ago
- Integrated tool for extracting scripts and binaries of AutoIt, AutoHotKey, InnoSetup, NSIS executables and Decoding powershell / jse / vb…☆15Dec 10, 2018Updated 7 years ago
- A vulnerable Play application for attackers.☆18May 21, 2026Updated last week
- A small example of setting up GuardDuty using Terraform☆11Nov 9, 2020Updated 5 years ago
- Checklist intended to be used as a baseline for assessing, designing, and testing the security of a MAM (Application Wrapping) solution☆20Sep 2, 2015Updated 10 years ago
- Making transparency normal!☆24Dec 18, 2023Updated 2 years ago
- ☆28Oct 2, 2025Updated 7 months ago
- Terraform & Packer code to create an up-to-date Kali Linux AWS EC2 instance☆16Jul 1, 2019Updated 6 years ago
- Yet another open S3 bucket finder☆20Mar 8, 2018Updated 8 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- ☆14Apr 14, 2019Updated 7 years ago
- Outputs vs. outcomes: what's the different and why does it matter?☆16Apr 14, 2025Updated last year
- This repository stores content that can be used to design a Rapid Threat Model Prototyping process for a software development group.☆165Mar 14, 2023Updated 3 years ago
- ☆26Sep 1, 2017Updated 8 years ago
- Ansible role to install Apache Kafka☆18Apr 6, 2026Updated last month
- Consolidated demo and source links from Bryant Zadegan and Ryan Lester's Black Hat / DEF CON talk "Abusing Bleeding Edge Web Standards fo…☆11Aug 19, 2017Updated 8 years ago
- ☆10Nov 30, 2020Updated 5 years ago
- Bulk Data Implementation Guide☆41May 6, 2026Updated 3 weeks ago
- ☆22Apr 26, 2024Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Gram is Klarna's own threat model diagramming tool☆334May 22, 2026Updated last week
- ☆10Jun 30, 2016Updated 9 years ago
- Musings from the brainpan.☆10Jan 8, 2019Updated 7 years ago
- ☆10Jul 6, 2016Updated 9 years ago
- Custom Fortify SCA rules to detect common JSSE certification validation flaws☆11Nov 18, 2015Updated 10 years ago
- VulDB Python scripts to fetch data via API☆20May 5, 2026Updated 3 weeks ago
- Crashbench is a LLM benchmark to measure bug-finding and reporting capabilities of LLMs☆14Mar 8, 2026Updated 2 months ago
- CTFd Challenge Type which decreases its value after every solve☆18Feb 1, 2019Updated 7 years ago
- Miscellaneous parsing scripts for penetration testing☆12Jul 17, 2023Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Terraform module to provision AWS Guard Duty☆31May 3, 2026Updated 3 weeks ago
- Audit IAM roles and users using Access Advisor data using Python/boto3 SDK and automatically create IAM permissions boundaries to limit a…☆39Sep 8, 2020Updated 5 years ago
- ☆19Oct 30, 2020Updated 5 years ago
- Code examples for the Infrastructure As Code In AWS With Terraform course☆21Oct 14, 2021Updated 4 years ago
- Pragmatic Network Security for Cloud and Hybrid Networks☆10Nov 24, 2015Updated 10 years ago
- Infrastructure-as-code for a serverless knowledge base using Amazon Bedrock, Aurora PostgreSQL (with pgvector), Lambda, and S3. This setu…☆19Mar 23, 2025Updated last year
- Define and run multi-container applications with Docker https://git.io/whaler-wiki☆20Apr 26, 2026Updated last month