mirror of
https://github.com/Anon-Planet/thgtoa.git
synced 2024-10-01 01:25:56 -04:00
Update of the threat modeling section
Update of the threat modeling section
This commit is contained in:
parent
8de6b5bb69
commit
0ef3728442
21
guide.md
21
guide.md
@ -12389,26 +12389,24 @@ Also please consider reading: **<https://github.com/monero-project/monero/blob/m
|
|||||||
|
|
||||||
Here are various threat modeling resources if you want to go deeper in threat modeling.
|
Here are various threat modeling resources if you want to go deeper in threat modeling.
|
||||||
|
|
||||||
- (My personal favorite) LINDDUN <https://www.linddun.org/> <sup>[[Archive.org]][739]</sup>
|
- The one we recommend: LINDDUN <https://www.linddun.org/> <sup>[[Archive.org]][739]</sup>.
|
||||||
|
- They provide an online tool to help making your threat model online at <https://www.linddun.org/go><sup>[[Archive.org]](https://web.archive.org/web/https://www.linddun.org/go)</sup>.
|
||||||
|
- LINDDUN is focused on Privacy but clearly are also perfectly suitable for Anonymity.
|
||||||
|
- LINDDUN is accessible to all skill levels including beginners (providing many tutorials) but also suitable for highly skilled users.
|
||||||
|
- LINDDUN is active in the making of the Threat Modeling Manifesto: <https://www.threatmodelingmanifesto.org/> <sup>[[Archive.org]][745]</sup>
|
||||||
|
|
||||||
|
Here are alternative resources and models if LINDDUN doesn't suit you:
|
||||||
|
|
||||||
|
- Online Operations Security: [https://web.archive.org/web/20210711215728/https://github.com/devbret/online-OPSEC]
|
||||||
|
|
||||||
- STRIDE <https://en.wikipedia.org/wiki/STRIDE_%28security%29> <sup>[[Wikiless]][740]</sup> <sup>[[Archive.org]][741]</sup>
|
- STRIDE <https://en.wikipedia.org/wiki/STRIDE_%28security%29> <sup>[[Wikiless]][740]</sup> <sup>[[Archive.org]][741]</sup>
|
||||||
|
|
||||||
- PASTA <https://versprite.com/tag/pasta-threat-modeling/> <sup>[[Archive.org]][742]</sup>
|
- PASTA <https://versprite.com/tag/pasta-threat-modeling/> <sup>[[Archive.org]][742]</sup>
|
||||||
|
|
||||||
And there are quite a few others too, see:
|
|
||||||
|
|
||||||
- <https://insights.sei.cmu.edu/blog/threat-modeling-12-available-methods/> <sup>[[Archive.org]][743]</sup>
|
- <https://insights.sei.cmu.edu/blog/threat-modeling-12-available-methods/> <sup>[[Archive.org]][743]</sup>
|
||||||
|
|
||||||
- <https://www.geeksforgeeks.org/threat-modelling/> <sup>[[Archive.org]][744]</sup>
|
- <https://www.geeksforgeeks.org/threat-modelling/> <sup>[[Archive.org]][744]</sup>
|
||||||
|
|
||||||
You can find some introduction on these on these projects:
|
|
||||||
|
|
||||||
- Threat Modeling Manifesto: <https://www.threatmodelingmanifesto.org/> <sup>[[Archive.org]][745]</sup>
|
|
||||||
|
|
||||||
- OWASP: <https://cheatsheetseries.owasp.org/cheatsheets/Threat_Modeling_Cheat_Sheet.html> <sup>[[Archive.org]][746]</sup>
|
|
||||||
|
|
||||||
- Online Operations Security: [https://web.archive.org/web/20210711215728/https://github.com/devbret/online-OPSEC]
|
|
||||||
|
|
||||||
# Appendix B4: Important notes about evil-maid and tampering
|
# Appendix B4: Important notes about evil-maid and tampering
|
||||||
|
|
||||||
Your context needs to be taken into account.
|
Your context needs to be taken into account.
|
||||||
@ -14513,7 +14511,6 @@ See the [Some last OPSEC thoughts][Some last OPSEC thoughts:] section for some t
|
|||||||
[743]: https://web.archive.org/web/https://insights.sei.cmu.edu/blog/threat-modeling-12-available-methods/
|
[743]: https://web.archive.org/web/https://insights.sei.cmu.edu/blog/threat-modeling-12-available-methods/
|
||||||
[744]: https://web.archive.org/web/https://www.geeksforgeeks.org/threat-modelling/
|
[744]: https://web.archive.org/web/https://www.geeksforgeeks.org/threat-modelling/
|
||||||
[745]: https://web.archive.org/web/https://www.threatmodelingmanifesto.org/
|
[745]: https://web.archive.org/web/https://www.threatmodelingmanifesto.org/
|
||||||
[746]: https://web.archive.org/web/https://cheatsheetseries.owasp.org/cheatsheets/Threat_Modeling_Cheat_Sheet.html
|
|
||||||
[https://web.archive.org/web/20210711215728/https://github.com/devbret/online-OPSEC]: https://web.archive.org/web/20210711215728/https://github.com/devbret/online-opsec
|
[https://web.archive.org/web/20210711215728/https://github.com/devbret/online-OPSEC]: https://web.archive.org/web/20210711215728/https://github.com/devbret/online-opsec
|
||||||
[747]: https://web.archive.org/web/https://www.huntonprivacyblog.com/wp-content/uploads/sites/28/2016/02/Telemedia_Act__TMA_.pdf
|
[747]: https://web.archive.org/web/https://www.huntonprivacyblog.com/wp-content/uploads/sites/28/2016/02/Telemedia_Act__TMA_.pdf
|
||||||
[748]: https://wikiless.org/wiki/Don%27t_be_evil
|
[748]: https://wikiless.org/wiki/Don%27t_be_evil
|
||||||
|
Loading…
Reference in New Issue
Block a user