GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → OWASP → Threat Dragon Core

OWASP / Threat Dragon Core

Licence: apache-2.0
OWASP Threat Dragon core files

Programming Languages

javascript
184084 projects - #8 most used programming language

Labels

owasp

Projects that are alternatives of or similar to Threat Dragon Core

Whatweb
Next generation web scanner
Stars: ✭ 3,503 (+14495.83%)
Mutual labels:  owasp
Juice Shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+26025%)
Mutual labels:  owasp
Security Code Scan
Vulnerability Patterns Detector for C# and VB.NET
Stars: ✭ 550 (+2191.67%)
Mutual labels:  owasp
Vbscan
OWASP VBScan is a Black Box vBulletin Vulnerability Scanner
Stars: ✭ 295 (+1129.17%)
Mutual labels:  owasp
Glue
Application Security Automation
Stars: ✭ 412 (+1616.67%)
Mutual labels:  owasp
Zap Extensions
OWASP ZAP Add-ons
Stars: ✭ 486 (+1925%)
Mutual labels:  owasp
Securecodebox
secureCodeBox (SCB) - continuous secure delivery out of the box
Stars: ✭ 279 (+1062.5%)
Mutual labels:  owasp
Joomscan
OWASP Joomla Vulnerability Scanner Project
Stars: ✭ 640 (+2566.67%)
Mutual labels:  owasp
Dvna
Damn Vulnerable NodeJS Application
Stars: ✭ 463 (+1829.17%)
Mutual labels:  owasp
Owasp Web Checklist
OWASP Web Application Security Testing Checklist
Stars: ✭ 543 (+2162.5%)
Mutual labels:  owasp
Dependency Check Sonar Plugin
Integrates Dependency-Check reports into SonarQube
Stars: ✭ 332 (+1283.33%)
Mutual labels:  owasp
Www Community
OWASP Community Pages are a place where OWASP can accept community contributions for security-related content.
Stars: ✭ 409 (+1604.17%)
Mutual labels:  owasp
Owasp Vwad
The OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
Stars: ✭ 487 (+1929.17%)
Mutual labels:  owasp
Cheatsheetseries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Stars: ✭ 19,302 (+80325%)
Mutual labels:  owasp
Amass
In-depth Attack Surface Mapping and Asset Discovery
Stars: ✭ 6,284 (+26083.33%)
Mutual labels:  owasp
Cdk Constructs
A collection of higher-level aws cdk constructs: slack-approval-workflow, #slack & msteams notifications, chatops, blue-green-container-deployment, codecommit-backup, OWASP dependency-check, contentful-webhook, github-webhook, stripe-webhook, static-website, pull-request-check, pull-request-approval-rule, codepipeline-merge-action, codepipeline-check-parameter-action...
Stars: ✭ 282 (+1075%)
Mutual labels:  owasp
Awesome Appsec
A curated list of resources for learning about application security
Stars: ✭ 4,761 (+19737.5%)
Mutual labels:  owasp
Dependency Track
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Stars: ✭ 718 (+2891.67%)
Mutual labels:  owasp
Opendoor
OWASP WEB Directory Scanner
Stars: ✭ 586 (+2341.67%)
Mutual labels:  owasp
Zsc
OWASP ZSC - Shellcode/Obfuscate Code Generator
Stars: ✭ 536 (+2133.33%)
Mutual labels:  owasp
View All Similar Projects ➔

Note that this repository has been migrated from Mike Goodwin's original , which has the issues and pull requests from June 2016 up to June 2020.

Threat Dragon Logo

Build Status codecov.io GitHub license Language grade: JavaScript

OWASP Threat Dragon

Threat Dragon is a free, open-source, cross-platform threat modelling application including system diagramming and a rule engine to auto-generate threats/mitigations. It is an OWASP Incubator Project and follows the values and principles of the threat modeling manifesto. The roadmap for the project is a great UX, a powerful rule engine and integration with other development lifecycle tools.

The application comes in two variants:

  1. A web application: For the web application, models files are stored in GitHub (other storage will become available). We are currently maintaining a working protoype in synch with the master code branch.

  2. A desktop application: This is based on Electron. There are installers available for both Windows and Mac OSX, as well as rpm and debian packages for Linux. For this variant models are stored on the local filesystem.

End user help is available for both variants.

This repository contains the core files and modules that are shared between both the web and desktop variant.

Code of Conduct

We ask that everyone who contributes to the Threat Dragon project follow the Code of Conduct.

Installing and building

Clone the repo and run

npm install

There are a number of test scripts included in package.json. For example:

npm run test-client-chrome

The main test script runs tests on PhantomJS and FireFox (and also lints the code):

npm test

There are two main build script, one to pre-compile the angular templates to JavaScript:

npm run build-templates

and one to bundle and minify the core CSS:

npm run bundle-css

Both of these can be run together using

npm run build

Contributing

Pull requests, feature requests, bug reports and feedback of any kind are very welcome, please refer to the page for contributors.

We are trying to keep the test coverage relatively high, so please try to include tests in any PRs and make PRs on the development branch. There are some developer notes to help get started.

Vulnerability disclosure

If you find a vulnerability in this project please let us know ASAP and we will fix it as a priority. For secure disclosure, please see the security policy.

Project leader

Mike Goodwin ([email protected])

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].