SeaSponge is an accessible web-based threat modeling tool developed for Mozilla Winter of Security 2014.
This web-based application is being developed with three characteristics in mind:
- Accessibility: We want everyone to be able to map out their infrastructures and generate security reports on any operating-system and on any browser.
- Aesthetics: We're tired of clunky, boring interfaces - we want to bring the pizazz into threat-modeling.
- Intuitive User-Experience: We hate manuals, and we want you to be able to use this software without one.
Please see http://mozilla.github.io/seasponge/ for a live demo of the application.
There is also a video on Air Mozilla available at https://air.mozilla.org/mozilla-winter-of-security-seasponge-a-tool-for-easy-threat-modeling/
Here is a share link for the SeaSponge threat model we developed in our Air Mozilla demo video: http://goo.gl/Q8mt0T
See our Usage
page in our Wiki for more details.
With Mozilla Advisor Curtis Koenig and Professor Dr. Pawan Lingras
Please see our Contributing Guidelines
You may need to prefix commands with sudo
- Node.js
- Bower
npm install -g bower
- Grunt
npm install -g grunt-cli
- Yeoman
npm install -g yo
- AngularJS Generator
npm install -g generator-angular
- AngularJS Generator
- Bower
- Ruby
After forking and cloning the repository in the location of your choice run the following commands to install your Node.js and Bower dependencies.
npm install
bower install
Once you have the application and dependencies installed you can start building the app.
# Previews the app on a local server
grunt serve
# Builds the application to dist/
grunt build
# Build docs to docs/
grunt docs
# Build docs and serve docs/ for web browser
grunt serve:docs
Please see the Development Guide