A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.
☆19Mar 13, 2024Updated 2 years ago
Alternatives and similar repositories for awesome-threat-modelling
Users that are interested in awesome-threat-modelling are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- AWS X-Ray for Covert Command & Control☆48Oct 13, 2025Updated 8 months ago
- Repository for Endpoint Security Testing☆35Jul 26, 2018Updated 7 years ago
- A Pythonic framework for threat modeling☆1,130May 22, 2026Updated 3 weeks ago
- Tool based on AWS-CLI commands for AWS account hardening, following guidelines of the CIS Amazon Web Services Foundations Benchmark (http…☆13Jan 18, 2017Updated 9 years ago
- A small example of setting up GuardDuty using Terraform☆11Nov 9, 2020Updated 5 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Checklist intended to be used as a baseline for assessing, designing, and testing the security of a MAM (Application Wrapping) solution☆20Sep 2, 2015Updated 10 years ago
- Verify ownership of domains and mobile apps☆23May 22, 2023Updated 3 years ago
- for Windows Malware Analysis☆16May 14, 2020Updated 6 years ago
- ☆28Oct 2, 2025Updated 8 months ago
- Terraform & Packer code to create an up-to-date Kali Linux AWS EC2 instance☆16Jul 1, 2019Updated 6 years ago
- Yet another open S3 bucket finder☆20Mar 8, 2018Updated 8 years ago
- Outputs vs. outcomes: what's the different and why does it matter?☆16Apr 14, 2025Updated last year
- scan s3 buckets for security issues☆86Aug 7, 2024Updated last year
- This repository stores content that can be used to design a Rapid Threat Model Prototyping process for a software development group.☆165Mar 14, 2023Updated 3 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Using AWS for GitHub Actions and various security features available through AWS Container Services like Amazon ECS, AWS Fargate, and Ama…☆16Mar 15, 2021Updated 5 years ago
- ☆26Sep 1, 2017Updated 8 years ago
- Consolidated demo and source links from Bryant Zadegan and Ryan Lester's Black Hat / DEF CON talk "Abusing Bleeding Edge Web Standards fo…☆11Aug 19, 2017Updated 8 years ago
- ☆10Nov 30, 2020Updated 5 years ago
- ☆10Jun 30, 2016Updated 9 years ago
- Musings from the brainpan.☆10Jan 8, 2019Updated 7 years ago
- ☆10Jul 6, 2016Updated 9 years ago
- VulDB Python scripts to fetch data via API☆20May 5, 2026Updated last month
- Crashbench is a LLM benchmark to measure bug-finding and reporting capabilities of LLMs☆14Mar 8, 2026Updated 3 months ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Miscellaneous parsing scripts for penetration testing☆12Jul 17, 2023Updated 2 years ago
- Terraform module to provision AWS Guard Duty☆31May 3, 2026Updated last month
- Default plugins for Jaeles Scanner☆36Nov 5, 2020Updated 5 years ago
- Audit IAM roles and users using Access Advisor data using Python/boto3 SDK and automatically create IAM permissions boundaries to limit a…☆39Sep 8, 2020Updated 5 years ago
- ☆19Oct 30, 2020Updated 5 years ago
- This repository contains the code snippets used in "LLM Prompt Engineering For Developers"☆14Apr 22, 2024Updated 2 years ago
- Pragmatic Network Security for Cloud and Hybrid Networks☆10Nov 24, 2015Updated 10 years ago
- Infrastructure-as-code for a serverless knowledge base using Amazon Bedrock, Aurora PostgreSQL (with pgvector), Lambda, and S3. This setu…☆19Mar 23, 2025Updated last year
- Medium Article☆11May 15, 2021Updated 5 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Code for Chain-of-Thought Hijacking☆26Nov 10, 2025Updated 7 months ago
- ☆85Oct 15, 2022Updated 3 years ago
- This application contains intentional security vulnerabilities and should never be deployed in production environments or exposed to the …☆16Apr 25, 2025Updated last year
- Maturity Model Collaborative project☆15Feb 27, 2023Updated 3 years ago
- WIP: A set of policies based on Catalyze.io's open sourced and vetted policies for HIPPA compliance.☆14Dec 26, 2014Updated 11 years ago
- Challenges from past S4 (SCADA Security Scientific Symposium) Capture-the-Flag contests.☆28Aug 19, 2016Updated 9 years ago
- Public rules and samples for various automations through LimaCharlie.io☆14Dec 16, 2021Updated 4 years ago