This repository has been archived by the owner. It is now read-only.
🍍 SeaSponge is an accessible threat modelling tool from Mozilla
Branch: master
Clone or download
Latest commit 07bae57 Apr 16, 2018
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
app docs(app): add basic documentation to missing classes Apr 5, 2015
test feat(draw-route): Add multiple Diagrams support Dec 17, 2014
.bowerrc feat(app): Generated Angular project in CoffeeScript. Aug 10, 2014
.editorconfig feat(app): Generated Angular project in CoffeeScript. Aug 10, 2014
.gitattributes
.gitignore feat(docs): add grunt task to build and serve documentation Apr 5, 2015
.jshintrc
.travis.yml feat(deploy): add Travis CI directory cache to improve build speed Nov 10, 2014
AUTHORS docs(package.json): Add missing fields to package.json Aug 10, 2014
CHANGELOG.md feat(changelog): Add Grunt task for generating Changelog Aug 10, 2014
CONTRIBUTING.md chore(repository): Updated Contributing Guide and README Sep 27, 2014
DEVGUIDE.md chore(app): Initial devguide Mar 25, 2015
Gruntfile.coffee feat(docs): add grunt task to build and serve documentation Apr 5, 2015
LICENSE Initial commit Aug 4, 2014
README.md Update README.md Apr 16, 2018
bower.json Upgrading to AngularJS 1.4.3 to address version conflict with earlier… Aug 19, 2015
deploy.sh fix(deploy): mute errors from git stash in deploy.sh Nov 30, 2014
package.json feat(docs): add grunt task to build and serve documentation Apr 5, 2015

README.md

SeaSponge

No Maintenance Intended Build Status

SeaSponge is an accessible web-based threat modeling tool developed for Mozilla Winter of Security 2014.


About

This web-based application is being developed with three characteristics in mind:

  • Accessibility: We want everyone to be able to map out their infrastructures and generate security reports on any operating-system and on any browser.
  • Aesthetics: We're tired of clunky, boring interfaces - we want to bring the pizazz into threat-modeling.
  • Intuitive User-Experience: We hate manuals, and we want you to be able to use this software without one.

Please see http://mozilla.github.io/seasponge/ for a live demo of the application.
There is also a video on Air Mozilla available at https://air.mozilla.org/mozilla-winter-of-security-seasponge-a-tool-for-easy-threat-modeling/

Example Threat Model developed with SeaSponge

Here is a share link for the SeaSponge threat model we developed in our Air Mozilla demo video: http://goo.gl/Q8mt0T

Usage

See our Usage page in our Wiki for more details.

usage_demo

Authors

With Mozilla Advisor Curtis Koenig and Professor Dr. Pawan Lingras

Contributing

Please see our Contributing Guidelines

Dependencies

You may need to prefix commands with sudo

After forking and cloning the repository in the location of your choice run the following commands to install your Node.js and Bower dependencies.

On Debian and Ubuntu-based platforms, the nodejs-legacy package must be installed along with nodejs and npm using apt-get in order to fix a naming conflict that will otherwise prevent some packages from building and running correctly, as explained in [/usr/share/doc/nodejs/README.Debian] (http://apt-browse.org/browse/ubuntu/trusty/universe/i386/nodejs/0.10.25~dfsg2-2ubuntu1/file/usr/share/doc/nodejs/README.Debian)

npm install
bower install

Building

Once you have the application and dependencies installed you can start building the app.

# Previews the app on a local server
grunt serve

# Builds the application to dist/
grunt build

Documentation

# Build docs to docs/
grunt docs

# Build docs and serve docs/ for web browser
grunt serve:docs

Developing

Please see the Development Guide

Links