Skip to content

🍍 SeaSponge is an accessible threat modelling tool from Mozilla

License

Notifications You must be signed in to change notification settings

ejherlig/seasponge

 
 

Repository files navigation

No Maintenance Intended Build Status

SeaSponge is an accessible web-based threat modeling tool developed for Mozilla Winter of Security 2014.


About

This web-based application is being developed with three characteristics in mind:

  • Accessibility: We want everyone to be able to map out their infrastructures and generate security reports on any operating-system and on any browser.
  • Aesthetics: We're tired of clunky, boring interfaces - we want to bring the pizazz into threat-modeling.
  • Intuitive User-Experience: We hate manuals, and we want you to be able to use this software without one.

Please see http://mozilla.github.io/seasponge/ for a live demo of the application.
There is also a video on Air Mozilla available at https://air.mozilla.org/mozilla-winter-of-security-seasponge-a-tool-for-easy-threat-modeling/

Example Threat Model developed with SeaSponge

Here is a share link for the SeaSponge threat model we developed in our Air Mozilla demo video: http://goo.gl/Q8mt0T

Usage

See our Usage page in our Wiki for more details.

usage_demo

Authors

With Mozilla Advisor Curtis Koenig and Professor Dr. Pawan Lingras

Contributing

Please see our Contributing Guidelines

Dependencies

You may need to prefix commands with sudo

After forking and cloning the repository in the location of your choice run the following commands to install your Node.js and Bower dependencies.

On Debian and Ubuntu-based platforms, the nodejs-legacy package must be installed along with nodejs and npm using apt-get in order to fix a naming conflict that will otherwise prevent some packages from building and running correctly, as explained in [/usr/share/doc/nodejs/README.Debian] (http://apt-browse.org/browse/ubuntu/trusty/universe/i386/nodejs/0.10.25~dfsg2-2ubuntu1/file/usr/share/doc/nodejs/README.Debian)

npm install
bower install

Building

Once you have the application and dependencies installed you can start building the app.

# Previews the app on a local server
grunt serve

# Builds the application to dist/
grunt build

Documentation

# Build docs to docs/
grunt docs

# Build docs and serve docs/ for web browser
grunt serve:docs

Developing

Please see the Development Guide

Links

About

🍍 SeaSponge is an accessible threat modelling tool from Mozilla

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • CoffeeScript 53.4%
  • HTML 37.3%
  • CSS 6.5%
  • Shell 2.8%