Alternatives and similar repositories for owasp-threat-dragon

Users that are interested in owasp-threat-dragon are comparing it to the libraries listed below

• mike-goodwin / owasp-threat-dragon-desktop

  View on GitHub
  An installable desktop variant of OWASP Threat Dragon
  ☆592Jan 29, 2026Updated 2 weeks ago
• OWASP / glue

  View on GitHub
  Application Security Automation
  ☆526Sep 5, 2023Updated 2 years ago
• mozilla / seasponge

  View on GitHub
  SeaSponge is an accessible threat modelling tool from Mozilla
  ☆281Apr 16, 2018Updated 7 years ago
• OWASP / threat-model-cookbook

  View on GitHub
  This project is about creating and publishing threat model examples.
  ☆427Nov 10, 2021Updated 4 years ago
• OWASP / pytm

  View on GitHub
  A Pythonic framework for threat modeling
  ☆1,103Feb 9, 2026Updated last week
• we45 / ThreatPlaybook

  View on GitHub
  A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestrat…
  ☆280Feb 3, 2026Updated 2 weeks ago
• SecurityRAT / SecurityRAT

  View on GitHub
  OWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development
  ☆186Aug 28, 2025Updated 5 months ago
• OWASP / samm

  View on GitHub
  SAMM stands for Software Assurance Maturity Model.
  ☆398May 17, 2022Updated 3 years ago
• threatspec / threatspec

  View on GitHub
  threatspec - continuous threat modeling, through code
  ☆378Dec 30, 2020Updated 5 years ago
• mike-goodwin / owasp-threat-dragon-core

  View on GitHub
  OWASP Threat Dragon core files
  ☆11Jan 26, 2026Updated 3 weeks ago
• blabla1337 / skf-flask

  View on GitHub
  Security Knowledge Framework (SKF) Python Flask / Angular project
  ☆827Mar 12, 2024Updated last year
• matthiasrohr / OTMT

  View on GitHub
  Open Threat Modeling Template
  ☆52Jul 10, 2024Updated last year
• michenriksen / drawio-threatmodeling

  View on GitHub
  Draw.io libraries for threat modeling diagrams
  ☆785Nov 12, 2020Updated 5 years ago
• owasp-cloud-security / owasp-cloud-security

  View on GitHub
  OWASP Cloud Security - Enabling conversations through threat and control stories
  ☆182Dec 7, 2018Updated 7 years ago
• denimgroup / threadfix

  View on GitHub
  ThreadFix is a software vulnerability management platform. This GitHub site is far out of date. Please go to www.threadfix.it for up-to-d…
  ☆342Dec 16, 2022Updated 3 years ago
• Autodesk / continuous-threat-modeling

  View on GitHub
  A Continuous Threat Modeling methodology
  ☆324Jun 24, 2022Updated 3 years ago
• microsoft / threat-modeling-templates

  View on GitHub
  Microsoft Threat Modeling Template files
  ☆201Nov 28, 2022Updated 3 years ago
• salesforce / vulnreport

  View on GitHub
  Open-source pentesting management and automation platform by Salesforce Product Security
  ☆599Feb 12, 2022Updated 4 years ago
• c0rdis / security-champions-playbook

  View on GitHub
  Security Champions Playbook v 2.1
  ☆391Sep 25, 2023Updated 2 years ago
• Threagile / threagile

  View on GitHub
  Agile Threat Modeling Toolkit
  ☆723Nov 20, 2025Updated 2 months ago
• digininja / sitediff

  View on GitHub
  Fingerprint a web app using local files as the fingerprint sources
  ☆38May 16, 2017Updated 8 years ago
• OWASP / Maturity-Models

  View on GitHub
  Node application to help managing Maturity Models like the ones created by BSIMM and OpenSAMM
  ☆195Aug 27, 2018Updated 7 years ago
• olacabs / jackhammer

  View on GitHub
  Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
  ☆739Mar 18, 2024Updated last year
• iriusrisk / bdd-security

  View on GitHub
  BDD Automated Security Tests for Web Applications
  ☆568Nov 16, 2022Updated 3 years ago
• aparsons / bag-of-holding

  View on GitHub
  An application to assist in the organization and prioritization of software security activities.
  ☆139Jun 10, 2021Updated 4 years ago
• uber-common / metta

  View on GitHub
  An information security preparedness tool to do adversarial simulation.
  ☆1,142Apr 1, 2019Updated 6 years ago
• DefectDojo / django-DefectDojo

  View on GitHub
  Open-Source Unified Vulnerability Management, DevSecOps & ASPM
  ☆4,519Updated this week
• appsecpipeline / AppSecPipeline-Specification

  View on GitHub
  AppSecPipeline Specification for DevOps automation.
  ☆40Dec 8, 2022Updated 3 years ago
• WithSecureOpenSource / mittn

  View on GitHub
  Mittn: Security test tool runner for test automation in CI
  ☆196Jan 2, 2024Updated 2 years ago
• hysnsec / awesome-threat-modelling

  View on GitHub
  A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for …
  ☆1,707Aug 2, 2024Updated last year
• slackhq / goSDL

  View on GitHub
  goSDL
  ☆521Nov 3, 2025Updated 3 months ago
• jtmelton / appsensor

  View on GitHub
  A toolkit for building self-defending applications through real-time event detection and response
  ☆285Dec 16, 2022Updated 3 years ago
• archerysec / archerysec

  View on GitHub
  ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.
  ☆2,435Jun 11, 2025Updated 8 months ago
• pbnj / s3-fuzzer

  View on GitHub
  🔐 A concurrent, command-line AWS S3 Fuzzer. Written in Go.
  ☆45Oct 14, 2017Updated 8 years ago
• Netflix / security_monkey

  View on GitHub
  Security Monkey monitors AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.
  ☆4,373Feb 11, 2021Updated 5 years ago
• appsecco / owasp-threat-dragon-gitlab

  View on GitHub
  OWASP Threat Dragon with Gitlab Integration
  ☆27Nov 6, 2017Updated 8 years ago
• 4ARMED / terraform-burp-collaborator

  View on GitHub
  Terraform configuration to build a Burp Private Collaborator Server
  ☆25Nov 7, 2017Updated 8 years ago
• 0x4D31 / burpa

  View on GitHub
  Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Applica…
  ☆534Aug 1, 2018Updated 7 years ago
• paypal / scorebot

  View on GitHub
  ☆57Jun 17, 2020Updated 5 years ago