TODO List

Things that we want/need to do to make this project better. You can definitely help :)
  • Add ability to consume recon results

  • Add generic link to vulnerabilites for Security Regressions

  • Allow for multiple CWE links per threat model

  • Add support for JIRA API to pull User Stories, etc and post Vulnerabilities back to JIRA

  • Add connections between Entities and Threat Models

  • Add Trust Boundaries for Diagrams with mermaid subgraph

  • More Robot Framework Libraries for:

    • AWS tools

    • SAST tools - Brakeman, Bandit, NodeJSScan

    • Git Hooks and Git pull functionality

    • SCA tools like OWASP Dependency Checker

    • More OSINT and Recon tools like Shodan, etc