{"id":13532582,"url":"https://github.com/Threagile/threagile","last_synced_at":"2025-04-01T21:30:44.478Z","repository":{"id":37472752,"uuid":"284951208","full_name":"Threagile/threagile","owner":"Threagile","description":"Agile Threat Modeling Toolkit","archived":false,"fork":false,"pushed_at":"2024-04-13T01:30:13.000Z","size":3828,"stargazers_count":557,"open_issues_count":25,"forks_count":117,"subscribers_count":32,"default_branch":"master","last_synced_at":"2024-04-14T05:28:26.612Z","etag":null,"topics":["agile","architecture","cicd","devsecops","infosec","risk-analysis","risk-management","security","threagile","threat-modeling"],"latest_commit_sha":null,"homepage":"https://threagile.io","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Threagile.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE.txt","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":"support/live-templates.txt","governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2020-08-04T10:47:17.000Z","updated_at":"2024-04-15T15:11:54.084Z","dependencies_parsed_at":"2023-12-26T12:10:25.889Z","dependency_job_id":"979dfb27-0468-435a-8f16-4d038670c9d4","html_url":"https://github.com/Threagile/threagile","commit_stats":{"total_commits":61,"total_committers":7,"mean_commits":8.714285714285714,"dds":"0.34426229508196726","last_synced_commit":"474cab9b077b8356e10084c015cecd0c7dca4392"},"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Threagile%2Fthreagile","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Threagile%2Fthreagile/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Threagile%2Fthreagile/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Threagile%2Fthreagile/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Threagile","download_url":"https://codeload.github.com/Threagile/threagile/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246712921,"owners_count":20821817,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["agile","architecture","cicd","devsecops","infosec","risk-analysis","risk-management","security","threagile","threat-modeling"],"created_at":"2024-08-01T07:01:12.070Z","updated_at":"2025-04-01T21:30:44.469Z","avatar_url":"https://github.com/Threagile.png","language":"Go","funding_links":[],"categories":["Pre-commit time tools","Инструменты","Tools","Go","Go (531)"],"sub_categories":["Инструменты для моделирования угроз (Threat modeling)","Free tools"],"readme":"# Threagile\n\n[![Threagile Community Chat](https://badges.gitter.im/Threagile/community.svg)](https://gitter.im/Threagile/community)\n\n## Agile Threat Modeling Toolkit\nThreagile (see [threagile.io](https://threagile.io) for more details) is an open-source toolkit for\nagile threat modeling:\n\nIt allows to model an architecture with its assets in an agile fashion as a YAML file directly inside the IDE.\nUpon execution of the Threagile toolkit all standard risk rules (as well as individual custom rules if present)\nare checked against the architecture model. You can find more information about model schema [here](./docs/model.md).\n\nThe tool have various [commands](./docs/commands.md) and is highly configurable via [flags](./docs/flags.md) and [config](./docs/config.md).\n\nWe know that modifying yaml file via text editor may be tough and to simplify it we introduced:\n\n- [includes](./docs/includes.md)\n- [macros](./docs/macros.md)\n\nEfforts on UI are ongoing and there are few attempts to do it although that is far from being ready.\n\n[Here](./docs/how-to.md) may be useful use cases on how others are using the tool and may be helpful to simplify onboarding of Threagile tool for your team.\n\n## Execution via Docker Container\nThe easiest way to execute Threagile on the commandline is via its Docker container:\n\n```shell\n docker run --rm -it threagile/threagile --help\n```\n\nWhich will give you an output with possible flags that can be used with Threagile.\n\n```\n _____ _ _ _\n |_ _| |__ _ __ ___ __ _ __ _(_) | ___\n | | | '_ \\| '__/ _ \\/ _` |/ _` | | |/ _ \\\n | | | | | | | | __/ (_| | (_| | | | __/\n |_| |_| |_|_| \\___|\\__,_|\\__, |_|_|\\___|\n |___/\n Threagile - Agile Threat Modeling\n\n\n Documentation: https://threagile.io\n Docker Images: https://hub.docker.com/r/threagile/threagile\n Sourcecode: https://github.com/threagile\n License: Open-Source (MIT License)\n Version: 1.0.0 (20231104141112)\n\n\n Usage: threagile [options]\n\n\n Options:\n\n -background string\n \tbackground pdf file (default \"background.pdf\")\n -create-editing-support\n \tjust create some editing support stuff in the output directory\n -create-example-model\n \tjust create an example model named threagile-example-model.yaml in the output directory\n -create-stub-model\n \tjust create a minimal stub model named threagile-stub-model.yaml in the output directory\n -custom-risk-rules-plugins string\n \tcomma-separated list of plugins (.so shared object) file names with custom risk rules to load\n -diagram-dpi int\n \tDPI used to render: maximum is 240 (default 120)\n -execute-model-macro string\n \tExecute model macro (by ID)\n -generate-data-asset-diagram\n \tgenerate data asset diagram (default true)\n -generate-data-flow-diagram\n \tgenerate data-flow diagram (default true)\n -generate-report-pdf\n \tgenerate report pdf, including diagrams (default true)\n -generate-risks-excel\n \tgenerate risks excel (default true)\n -generate-risks-json\n \tgenerate risks json (default true)\n -generate-stats-json\n \tgenerate stats json (default true)\n -generate-tags-excel\n \tgenerate tags excel (default true)\n -generate-technical-assets-json\n \tgenerate technical assets json (default true)\n -ignore-orphaned-risk-tracking\n \tignore orphaned risk tracking (just log them) not matching a concrete risk\n -list-model-macros\n \tprint model macros\n -list-risk-rules\n \tprint risk rules\n -list-types\n \tprint type information (enum values to be used in models)\n -model string\n \tinput model yaml file (default \"threagile.yaml\")\n -output string\n \toutput directory (default \".\")\n -print-3rd-party-licenses\n \tprint 3rd-party license information\n -print-license\n \tprint license information\n -server int\n \tstart a server (instead of commandline execution) on the given port\n -skip-risk-rules string\n \tcomma-separated list of risk rules (by their ID) to skip\n -verbose\n \tverbose output\n -version\n \tprint version\n\n\n Examples:\n\n If you want to create an example model (via docker) as a starting point to learn about Threagile just run:\n docker run --rm -it -v \"$(pwd)\":/app/work threagile/threagile --create-example-model --output /app/work\n\n If you want to create a minimal stub model (via docker) as a starting point for your own model just run:\n docker run --rm -it -v \"$(pwd)\":/app/work threagile/threagile --create-stub-model --output /app/work\n\n If you want to execute Threagile on a model yaml file (via docker):\n docker run --rm -it -v \"$(pwd)\":/app/work threagile/threagile --verbose --model /app/work/threagile.yaml --output /app/work\n\n If you want to run Threagile as a server (REST API) on some port (here 8080):\n docker run --rm -it --shm-size=256m -p 8080:8080 --name threagile-server --mount 'type=volume,src=threagile-storage,dst=/data,readonly=false' threagile/threagile -server 8080\n\n If you want to find out about the different enum values usable in the model yaml file:\n docker run --rm -it threagile/threagile -list-types\n\n If you want to use some nice editing help (syntax validation, autocompletion, and live templates) in your favourite IDE:\n docker run --rm -it -v \"$(pwd)\":/app/work threagile/threagile --create-editing-support --output /app/work\n\n If you want to list all available model macros (which are macros capable of reading a model yaml file, asking you questions in a wizard-style and then update the model yaml file accordingly):\n docker run --rm -it threagile/threagile -list-model-macros\n\n If you want to execute a certain model macro on the model yaml file (here the macro add-build-pipeline):\n docker run --rm -it -v \"$(pwd)\":/app/work threagile/threagile --model /app/work/threagile.yaml --output /app/work --execute-model-macro add-build-pipeline\n```\n\n## Releases\n\nThe information about releases can be found at [releases page](./docs/releases.md).\n\n## Contribution\n\nYou are very welcome to contribute into the project in any way. If you'd like to add new feature or fix the bug in the code base please follow [contribution guide](./CONTRIBUTING.md).\n\nOtherwise please create GitHub discussion or issue and contributors will find some time to respond.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FThreagile%2Fthreagile","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FThreagile%2Fthreagile","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FThreagile%2Fthreagile/lists"}