drawio-threatmodeling - Draw.io libraries for threat modeling diagrams

  •        660

This is a collection of custom libraries to turn the free and cross-platform Draw.io diagramming application into the perfect tool for threat modeling. Data Flow Diagramming is a simple diagramming technique used to gain an understanding of how data flows in an application or system. DFDs are excellent for getting a bird's-eye view of a system to facilitate threat modeling.

https://michenriksen.com/blog/drawio-for-threat-modeling/
https://github.com/michenriksen/drawio-threatmodeling

Tags
Implementation
License
Platform

   




Related Projects

vscode-drawio - This unofficial extension integrates Draw

  •    TypeScript

This unofficial extension integrates Draw.io (also known as diagrams.net) into VS Code. You can directly edit and save .drawio.svg and .drawio.png files. These files are perfectly valid svg/png-images that contain an embedded Draw.io diagram. Whenever you edit such a file, the svg/png part of that file is kept up to date.

GoJS - JavaScript diagramming library for interactive flowcharts, org charts, design tools, planning tools, visual languages

  •    Javascript

GoJS is a JavaScript and TypeScript library for creating and manipulating diagrams, charts, and graphs. GoJS is a flexible library that can be used to create a number of different kinds of interactive diagrams, including data visualizations, drawing tools, and graph editors. There are samples for flowchart, org chart, business process BPMN, swimlanes, timelines, state charts, kanban, network, mindmap, sankey, family trees and genogram charts, fishbone diagrams, floor plans, UML, decision trees, pert charts, Gantt, and hundreds more. GoJS includes a number of built in layouts including tree layout, force directed, radial, and layered digraph layout, and a number of custom layout examples.

drawio-desktop - Official electron build of draw.io

  •    Javascript

draw-io desktop uses draw-io. draw.io uses the mxGraph library as the base of the stack, with the GraphEditor example from mxGraph as the base of the application part.

drawio - Source to www.draw.io

  •    Javascript

draw.io is an online diagramming web site that delivers the source in this project. draw.io uses the mxGraph library as the base of the stack, with the GraphEditor example from mxGraph as the base of the application part. The mxGraph library build used is stored under /etc/mxgraph/mxClient.js.

ThreatHunter-Playbook - A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns

  •    Python

The Threat Hunter Playbook is a community-based open source project developed to share threat hunting concepts and aid the development of techniques and hypothesis for hunting campaigns by leveraging security event logs from diverse operating systems. This project provides not only information about detections, but also other very important activites when developing analytics such as data documentation, data modeling and even data quality assessments. In addition, the analytics shared in this project represent specific chains of events exclusively at the host and network level and in a SQL-like format so that you can take them and apply the logic in your preferred tool or query format. The analytics provided in this repo also follow the structure of MITRE ATT&CK categorizing post-compromise adversary behavior in tactical groups.


owasp-threat-dragon-desktop - An installable desktop variant of OWASP Threat Dragon

  •    CSS

Threat Dragon is a free, open-source, cross-platform threat modeling application including system diagramming and a rule engine to auto-generate threats/mitigations. It is an OWASP Incubator Project. The focus of the project is on great UX, a powerful rule engine and integration with other development lifecycle tools. A web application: For the web application, models files are stored in GitHub (other storage will become available). We are currently maintaining a working protoype in synch with the master code branch.

Open Diagram

  •    

Open Diagram is the definitive open source .net diagramming component library for the .Net framework winforms environment. Use Open Diagram to add interactive data visualizations to your .net applications.

Mermaid - Generation of diagram and flowchart from text in a similar manner as markdown

  •    Javascript

Mermaid is a Javascript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. The main purpose of Mermaid is to help documentation catch up with development. Diagramming and documentation costs precious developer time and gets outdated quickly. But not having diagrams or docs ruins productivity and hurts organizational learning.

owasp-threat-dragon - An open source, online threat modelling tool from OWASP

  •    Javascript

Threat Dragon is a free, open-source, cross-platform threat modelling application including system diagramming and a threat rule engine to auto-generate threats/mitigations. It is an OWASP Incubator Project. The focus of the project is on great UX, a powerful rule engine and integration with other development lifecycle tools. A web application (this repo): For the web application, models files are stored in GitHub (other storage will become available). We are currently maintaining a working protoype in synch with the master code branch.

Diagram Ring

  •    

Advanced diagram editor for Flowcharts, Class Diagrams, DFDs, ERDs, Pie charts, Bar charts and etc. It's been developed in WPF , C#

NShape - .Net Diagramming Framework for Industrial Applications

  •    DotNet

NShape is a diagram designing framework for .NET WinForms. NShape is open source and has a dual license.

StarUML - UML or MDA Platform

  •    Delphi

StarUML is a software modeling tool to develop fast, flexible, extensible, featureful UML/MDA platform running on Win32 platform. It is a good alternative to Rational Rose. StarUML provides simple and powerful plug-in architecture so anyone can develop plug-in modules in COM-compatible languages.

XCase - Tool for XML Data Modeling

  •    DotNet

XCase is a case tool for conceptual modeling of XML data based on MDA as it separates the conceptual modeling process to two levels: Platform-Independent and Platform-Specific Model. From each PSM diagram you can derive an XML schema describing a data view.

ArgoUML - UML modeling tool

  •    Java

ArgoUML is the leading open source UML modeling tool and includes support for all standard UML 1.4 diagrams. It supports Class diagram, Statechart diagram, Activity diagram, Use Case diagram, Collaboration diagram, Deployment diagram and Sequence diagram. The diagram could be exported to GIF, PNG, PS, EPS, PGML and SVG. It generates code for Java, C++, C# and PHP. It also supports reverse engineering, generates code from diagram.

joint - JavaScript diagramming library

  •    Javascript

JointJS is a JavaScript diagramming library. It can be used to create either static diagrams or, and more importantly, fully interactive diagramming tools and application builders. Please see http://jointjs.com for more information, demos and documentation.

joy - A package for capturing and analyzing network flow data and intraflow data, for network research, forensics, and security monitoring

  •    C

Joy is a BSD-licensed libpcap-based software package for extracting data features from live network traffic or packet capture (pcap) files, using a flow-oriented model similar to that of IPFIX or Netflow, and then representing these data features in JSON. It also contains analysis tools that can be applied to these data files. Joy can be used to explore data at scale, especially security and threat-relevant data. JSON is used in order to make the output easily consumable by data analysis tools. While the JSON output files are somewhat verbose, they are reasonably small, and they respond well to compression.

gaphor - Gaphor is the simple modeling tool

  •    Python

Gaphor is a UML and SysML modeling application written in Python. It is designed to be easy to use, while still being powerful. Gaphor implements a fully-compliant UML 2 data model, so it is much more than a picture drawing tool. You can use Gaphor to quickly visualize different aspects of a system as well as create complete, highly complex models. Gaphor is a UML and SysML modeling application written in Python. We designed it to be easy to use, while still being powerful. Gaphor implements a fully-compliant UML 2 data model, so it is much more than a picture drawing tool. You can use Gaphor to quickly visualize different aspects of a system as well as create complete, highly complex models.

Prefuse - Visualization Toolkit

  •    Java

Prefuse is a set of software tools for creating rich interactive data visualizations in the Java programming language. Prefuse supports a rich set of features for data modeling, visualization, and interaction. It provides optimized data structures for tables, graphs, and trees, a host of layout and visual encoding techniques, and support for animation, dynamic queries, integrated search, and database connectivity.

WPF Diagramming

  •    DotNet

Tool for draw diagrams

Apache Spot - A Community Approach to Fighting Cyber Threats

  •    Java

Apache Spot is a community-driven cybersecurity project, built from the ground up, to bring advanced analytics to all IT Telemetry data on an open, scalable platform. pot expedites threat detection, investigation, and remediation via machine learning and consolidates all enterprise security data into a comprehensive IT telemetry hub based on open data models.






We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.