{"id":17233208,"url":"https://github.com/vanderaj/riskcalculator","last_synced_at":"2025-03-26T00:26:15.826Z","repository":{"id":92169845,"uuid":"46170571","full_name":"vanderaj/riskcalculator","owner":"vanderaj","description":"A fine grained risk calculator for MacOS X written in Objective C","archived":false,"fork":false,"pushed_at":"2015-11-14T11:09:17.000Z","size":0,"stargazers_count":3,"open_issues_count":3,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-01-30T21:16:26.432Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Objective-C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/vanderaj.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-11-14T10:34:23.000Z","updated_at":"2024-08-12T12:06:23.000Z","dependencies_parsed_at":"2023-03-13T17:30:09.174Z","dependency_job_id":null,"html_url":"https://github.com/vanderaj/riskcalculator","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vanderaj%2Friskcalculator","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vanderaj%2Friskcalculator/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vanderaj%2Friskcalculator/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vanderaj%2Friskcalculator/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/vanderaj","download_url":"https://codeload.github.com/vanderaj/riskcalculator/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245564391,"owners_count":20636104,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-15T05:02:09.339Z","updated_at":"2025-03-26T00:26:15.800Z","avatar_url":"https://github.com/vanderaj.png","language":"Objective-C","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Risk Calculator\nA fine grained application security risk calculator for MacOS X written in Objective C. \n\nThis is what we use at Threat Intelligence to rate risks. It's loosely based upon the OWASP Risk Methodology, but has\nsome allowances for OSTMM 3 isms, such as attack chaining. \n\nSo no more guessing if stored XSS is really a big deal, calculate it!\n\n\n## How does it calculate the risks?\n\nIf you are trying to guess the magic sauce as to where the risk factors are weighted, I use integer tag values on individual menu attributes. These tags are set between 0 .. 3 .. 6 .. 9, and are used to determine each impact factor. The code uses selectedTag to obtain the tag value I set in the scene editor:\n\n    chainingFactor = (double)[chaining selectedTag];\n\nI felt it was quicker to do it that way than have a lot of language comparisons in the code. \n\n## Where is your risk table?\n\nOur risk table is currently expressed in a multi-dimensional NSArray. I think a good future version might spin this out to a dynamic risk table and offer choices such as a 3x3, 4x4 (ISO 31000), and 5x5 tables of different sorts, and to allow customization so you can make your own without compiling. But for now... it is what it is. \n\nCode\n(C) 2015 Andrew van der Stock, andrew@threatintelligence.com \n\nLicensed under the GPLv3. If you need a different license, please ask - I do not bite. \n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvanderaj%2Friskcalculator","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fvanderaj%2Friskcalculator","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvanderaj%2Friskcalculator/lists"}