drawio-threatmodeling - Draw.io libraries for threat modeling diagrams

  •        59

This is a collection of custom libraries to turn the free and cross-platform Draw.io diagramming application into the perfect tool for threat modeling. Data Flow Diagramming is a simple diagramming technique used to gain an understanding of how data flows in an application or system. DFDs are excellent for getting a bird's-eye view of a system to facilitate threat modeling.

https://michenriksen.com/blog/drawio-for-threat-modeling/
https://github.com/michenriksen/drawio-threatmodeling

Tags
Implementation
License
Platform

   




Related Projects

GoJS - JavaScript diagramming library for interactive flowcharts, org charts, design tools, planning tools, visual languages

  •    Javascript

GoJS is a JavaScript and TypeScript library for creating and manipulating diagrams, charts, and graphs. GoJS is a flexible library that can be used to create a number of different kinds of interactive diagrams, including data visualizations, drawing tools, and graph editors. There are samples for flowchart, org chart, business process BPMN, swimlanes, timelines, state charts, kanban, network, mindmap, sankey, family trees and genogram charts, fishbone diagrams, floor plans, UML, decision trees, pert charts, Gantt, and hundreds more. GoJS includes a number of built in layouts including tree layout, force directed, radial, and layered digraph layout, and a number of custom layout examples.

drawio-desktop - Official electron build of draw.io

  •    Javascript

draw-io desktop uses draw-io. draw.io uses the mxGraph library as the base of the stack, with the GraphEditor example from mxGraph as the base of the application part.

drawio - Source to www.draw.io

  •    Javascript

draw.io is an online diagramming web site that delivers the source in this project. draw.io uses the mxGraph library as the base of the stack, with the GraphEditor example from mxGraph as the base of the application part. The mxGraph library build used is stored under /etc/mxgraph/mxClient.js.

Open Diagram

  •    

Open Diagram is the definitive open source .net diagramming component library for the .Net framework winforms environment. Use Open Diagram to add interactive data visualizations to your .net applications.

Mermaid - Generation of diagram and flowchart from text in a similar manner as markdown

  •    Javascript

Mermaid is a Javascript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. The main purpose of Mermaid is to help documentation catch up with development. Diagramming and documentation costs precious developer time and gets outdated quickly. But not having diagrams or docs ruins productivity and hurts organizational learning.


Diagram Ring

  •    

Advanced diagram editor for Flowcharts, Class Diagrams, DFDs, ERDs, Pie charts, Bar charts and etc. It's been developed in WPF , C#

NShape - .Net Diagramming Framework for Industrial Applications

  •    DotNet

NShape is a diagram designing framework for .NET WinForms. NShape is open source and has a dual license.

StarUML - UML or MDA Platform

  •    Delphi

StarUML is a software modeling tool to develop fast, flexible, extensible, featureful UML/MDA platform running on Win32 platform. It is a good alternative to Rational Rose. StarUML provides simple and powerful plug-in architecture so anyone can develop plug-in modules in COM-compatible languages.

XCase - Tool for XML Data Modeling

  •    DotNet

XCase is a case tool for conceptual modeling of XML data based on MDA as it separates the conceptual modeling process to two levels: Platform-Independent and Platform-Specific Model. From each PSM diagram you can derive an XML schema describing a data view.

ArgoUML - UML modeling tool

  •    Java

ArgoUML is the leading open source UML modeling tool and includes support for all standard UML 1.4 diagrams. It supports Class diagram, Statechart diagram, Activity diagram, Use Case diagram, Collaboration diagram, Deployment diagram and Sequence diagram. The diagram could be exported to GIF, PNG, PS, EPS, PGML and SVG. It generates code for Java, C++, C# and PHP. It also supports reverse engineering, generates code from diagram.

joy - A package for capturing and analyzing network flow data and intraflow data, for network research, forensics, and security monitoring

  •    C

Joy is a BSD-licensed libpcap-based software package for extracting data features from live network traffic or packet capture (pcap) files, using a flow-oriented model similar to that of IPFIX or Netflow, and then representing these data features in JSON. It also contains analysis tools that can be applied to these data files. Joy can be used to explore data at scale, especially security and threat-relevant data. JSON is used in order to make the output easily consumable by data analysis tools. While the JSON output files are somewhat verbose, they are reasonably small, and they respond well to compression.

joint - JavaScript diagramming library

  •    Javascript

JointJS is a JavaScript diagramming library. It can be used to create either static diagrams or, and more importantly, fully interactive diagramming tools and application builders. Please see http://jointjs.com for more information, demos and documentation.

Prefuse - Visualization Toolkit

  •    Java

Prefuse is a set of software tools for creating rich interactive data visualizations in the Java programming language. Prefuse supports a rich set of features for data modeling, visualization, and interaction. It provides optimized data structures for tables, graphs, and trees, a host of layout and visual encoding techniques, and support for animation, dynamic queries, integrated search, and database connectivity.

Apache Spot - A Community Approach to Fighting Cyber Threats

  •    Java

Apache Spot is a community-driven cybersecurity project, built from the ground up, to bring advanced analytics to all IT Telemetry data on an open, scalable platform. pot expedites threat detection, investigation, and remediation via machine learning and consolidates all enterprise security data into a comprehensive IT telemetry hub based on open data models.

WPF Diagramming

  •    DotNet

Tool for draw diagrams

ThreatHunter-Playbook - A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns

  •    

A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns by leveraging Sysmon and Windows Events logs. This project will provide specific chains of events exclusively at the host level so that you can take them and develop logic to deploy queries or alerts in your preferred tool or format such as Splunk, ELK, Sigma, GrayLog etc. This repo will follow the structure of the MITRE ATT&CK framework which categorizes post-compromise adversary behavior in tactical groups. In addition, it will provide information about hunting tools/platforms developed by the infosec community for testing and enterprise-wide hunting.Can't wait to see other hunters' pull requests with awesome ideas to detect advanced patterns of behavior. The more chains of events you contribute the better this playbook will be for the community.

atomic-red-team - Small and highly portable detection tests.

  •    PowerShell

Small and highly portable detection tests mapped to the Mitre ATT&CK Framework.Our Atomic Red Team tests are small, highly portable detection tests mapped to the MITRE ATT&CK Framework. Each test is designed to map back to a particular tactic. We hope that this gives defenders a highly actionable way to immediately start testing their defenses against a broad spectrum of attacks.

JMCAD - modeling of dynamic systems

  •    Java

JMCAD is an program for the modeling and simulation of complex dynamic systems. This includes the ability to construct and simulate block diagrams. The visual block diagram interface offers a simple method for constructing, modifying and maintaining complex system models. The simulation engine provides fast and accurate solutions for linear, nonlinear, continuous time, discrete time, time varying and hybrid system designs. With JMCAD, users can quickly develop software or "virtual" prototy

BRL-CAD - Solid Modeling System

  •    Java

BRL-CAD is a powerful cross-platform constructive solid geometry solid modeling system that includes an interactive geometry editor, ray-tracing for rendering amp; geometric analyses, network distributed framebuffer support, image & signal-processing tools.

jt-uml

  •    Java

Takes in a simple text file and converts it into a UML diagram. Currently simple sequence diagrams are implemented. The diagramming space on Linux boxes isn't great and I wanted a way to quickly put together a sequence diagram.