Home

Awesome

SeaSponge

No Maintenance Intended Build Status

SeaSponge is an accessible web-based threat modeling tool developed for Mozilla Winter of Security 2014.


About

This web-based application is being developed with three characteristics in mind:

Please see http://mozilla.github.io/seasponge/ for a live demo of the application.
There is also a video on Air Mozilla available at https://air.mozilla.org/mozilla-winter-of-security-seasponge-a-tool-for-easy-threat-modeling/

Example Threat Model developed with SeaSponge

Here is a share link for the SeaSponge threat model we developed in our Air Mozilla demo video: http://goo.gl/Q8mt0T

Usage

See our Usage page in our Wiki for more details.

usage_demo

Authors

With Mozilla Advisor Curtis Koenig and Professor Dr. Pawan Lingras

Contributing

Please see our Contributing Guidelines

Dependencies

You may need to prefix commands with sudo

After forking and cloning the repository in the location of your choice run the following commands to install your Node.js and Bower dependencies.

On Debian and Ubuntu-based platforms, the nodejs-legacy package must be installed along with nodejs and npm using apt-get in order to fix a naming conflict that will otherwise prevent some packages from building and running correctly, as explained in [/usr/share/doc/nodejs/README.Debian] (http://apt-browse.org/browse/ubuntu/trusty/universe/i386/nodejs/0.10.25~dfsg2-2ubuntu1/file/usr/share/doc/nodejs/README.Debian)

npm install
bower install

Building

Once you have the application and dependencies installed you can start building the app.

# Previews the app on a local server
grunt serve

# Builds the application to dist/
grunt build

Documentation

# Build docs to docs/
grunt docs

# Build docs and serve docs/ for web browser
grunt serve:docs

Developing

Please see the Development Guide

Links