This project is a Python-based, end-to-end STRIDE threat modeling and analysis framework with MITRE ATT&CK mapping. It enables you to:
- Model your system architecture in Markdown (
threatModel_Template/threat_model.md), including boundaries, actors, servers, data, and dataflows. - Automatically identify STRIDE threats for each component and dataflow.
- Map threats to MITRE ATT&CK techniques for actionable, real-world context.
- Calculate severity using customizable base scores, target multipliers, and protocol adjustments.
- Generate detailed reports (HTML, JSON) and visual diagrams (DOT, SVG, HTML) with threat highlights.
- Generate MITRE ATT&CK Navigator layers for visualizing identified techniques.
- Generate optimized Attack Flow diagrams for key objectives (Tampering, Spoofing, Information Disclosure, Repudiation).
- Extend and customize all mappings, calculations, and reporting logic.
Based on PyTM: This framework leverages PyTM's modeling primitives and extends them with advanced reporting, MITRE mapping, and diagram generation.
For detailed information on features, usage, and advanced customization, please refer to our full documentation in the docs directory.
-
Clone the repository:
git clone https://github.com/ellipse2v/SecOpsTM.git cd SecOpsTM -
Install Python dependencies:
pip install -e . -
Install Graphviz (for diagram generation):
- Windows: https://graphviz.org/download/
- macOS:
brew install graphviz - Linux:
sudo apt-get install graphviz
After installation, restart your terminal or IDE.
Apache License 2.0. See LICENSE.
ellipse2v