Note that this repository has been migrated from Mike Goodwin's original , which has the issues and pull requests from October 2015 up to June 2020.
OWASP Threat Dragon
Threat Dragon is a free, open-source, cross-platform threat modelling application including system diagramming and a threat rule engine to auto-generate threats/mitigations. It is an OWASP Incubator Project and follows the values and principles of the threat modeling manifesto.
-
A desktop application: installers for Windows, Mac OSX and Linux.
End user help is available for both variants
Development
We need contributors for this project, and there are some developer notes that should help.
To get started clone this repo noting that it contains a sub-module for the docs: git clone --recursive git@github.com:OWASP/threat-dragon.git
If you cloned the repo with out the recursive flag use command
git submodule update --init --recursive to populate the docs directory.
Vulnerability disclosure
If you find a vulnerability in this project please let us know and we will fix it as a priority. For secure disclosure, please see the security policy.
Project leaders
- Mike Goodwin (mike.goodwin@owasp.org)
- Jon Gadsden (jon.gadsden@owasp.org)