dyjakan

conference-talks

armx

ARM-X Firmware Emulation Framework

ASVS

Application Security Verification Standard

awesome-threat-modelling

A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.

bhbus-interact

burpdeveltraining

Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"

continuous-threat-modeling

A Continuous Threat Modeling methodology

Contracts

A small collection of potentially useful contract templates

drawio-threatmodeling

Draw.io libraries for threat modeling diagrams

dyjakan

elevation-of-privacy

Privacy Cards for Software Developers

eop

The Elevation of Privilege Threat Modeling Game

flounder

Flounder is an old corpus collector I wrote, but it still works. Just need a Bing API key

fuzzdata

Fuzzing resources for feeding various fuzzers with input. 🔧

gram

Gram is Klarna's own threat model diagramming tool

materialize-threats

minima

Minima is a one-size-fits-all Jekyll theme for writers.

nebula

owasp-change.github.io

An Open Letter to the OWASP Board

public-pentesting-reports

Curated list of public penetration test reports released by several consulting firms and academic security groups

rapid-threat-model-prototyping-docs

This repository stores content that can be used to design a Rapid Threat Model Prototyping process for a software development group.

secDevLabs

A laboratory for learning secure web and mobile development in a practical manner.

secure-sdlc-devsecops-knowledge-base

Secure SDLC & DevSecOps Knowledge Base

slurp

S3 bucket enumerator

technical-writeups

threat-modeling-knowledge-base

Threat Modeling Knowledge Base

threat-modeling-playbook

threat-modeling-training

Segment's Threat Modeling training for our engineers

Threat_Model_Examples

Collection of Threat Models

vfuzz

vfuzz