This project is about creating and publishing threat model examples.

AI-powered threat modeling that turns architecture diagrams and business context into actionable threats

This directory focuses exclusively on Threat Modeling Tools—software, code, libraries, or services that automate, guide, or support the design-time threat modeling process.

The Secure by Design (SbD) Artefact Library provides a centralised repository of proven solutions to common cyber security problems, supporting the implementation of Secure By Design across UK government.

Simplifies the review and management of threat models in documents

Guidelines and tools for deploying Starlink into high-threat environments

C5-DEC: Common Criteria for Cybersecurity, Cryptography, Clouds – Design, Evaluation and Certification. AI-enabled toolkit for secure system design, development and evaluation via Common Criteria, SSDLC, SpecEngine/DocEngine, CRA, SBOM, threat modelling + risk assessment, and cryptography (incl. post-quantum), CLI/TUI/GUI

Visualize Kubernetes attack paths and neutralize risks. Maps cluster relationships against CIS Benchmarks & MITRE ATT&CK to identify and fix critical choke points.

A playbook for self-serve, continuous threat modelling.

Hands-on AI security research — LLM threat models, prompt injection testing, and offensive AI techniques. Lab work from HTB COAE and beyond.

A rigorous cybersecurity project portfolio on fictional clients covering NIST, audits, Linux, SQL, assets, threats, vulnerabilities, detection, incident response, escalation, Wireshark, tcpdump, IDS (Suricata), SIEM (Splunk, Chronicle), and Python automation.

This security repo is where I upload mainly near-zero budget, threat-driven, adaptable and human centric security documentation. This is mainly for individuals and SME's. However, it can be used by anyone it may just need some adaptation for your specific context

DevOps Threat Modelling as Code

Green team

Portable Markdown skill for AI vibe coding with security: security audits, threat modelling, web security testing, application security, API security, and remediation workflows.

VishNet is a voice-based social engineering simulation platform that orchestrates AI-driven vishing attacks with realistic personas, voice cloning, live call interactions, and analytics for authorized security training.

AI-powered security threat modelling pipeline — STRIDE analysis via LLM, AWS control verification via MCP, two-stage approval workflow, GitHub + Confluence publication.

A multithreaded Flask assessment platform featuring real-time MediaPipe biometric proctoring, lazy-loading CPU optimization, and strict RBAC to mitigate IDOR vulnerabilities.

CVSS v3.1 risk assessment tool for embedded systems — threat modelling, control mapping & NIS2 Article 21 compliance gap analysis