Skip to content


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time
November 22, 2017 11:15
November 12, 2022 20:51
May 12, 2022 14:02
April 6, 2019 10:16

The Elevation of Privilege Threat Modeling Card Deck

I created Elevation of Privilege while at Microsoft. I'm creating this repository to have a single location for bugfixes, encourage more derivative work, and all the other goodness that a git repository can bring. At, Microsoft released these under a CC-BY-3.0 license; all these files are maintained under the same license.

Elevation of Privilege (EoP) is the easy way to get started threat modeling. It is designed to make threat modeling easy and accessible for developers and architects. Threat modeling is a core security practice during the design phase of the Microsoft Security Development Lifecycle (SDL). The EoP card game helps examine possible threats to software and computer system. This game is licensed under the Creative Commons Attribution 3.0 United States License. Native files of the game are made available to allow editing, localization, and printing of the game. To view the full content of this license, visit

There are a set of variants which I track on the website, including French, German and Japanese translations, online versions, an Alexa skill, and places you can obtain professionally printed cards.

Notes and clarifications

The most complete source of information on the cards is Appendix D of Threat Modeling: Designing for Security. Even if you don't have a copy of the book, you can often see the appendix via Amazon or Google "look inside" features.

  • The Queen of Information Disclosure differs from the King because with the Queen, messages may be encrypted, even if the channel is not.

Privacy variants

There are two independently created privacy variants:


The Elevation of Privilege Threat Modeling Game






No releases published


No packages published