Skip to content

Commit b0c4388

Browse files
colesmjcolesmj
authored
Merge pull request #240 from izar/revealjs
Revealjs & update scorecard action version
2 parents 03a4747 + 1295915 commit b0c4388

File tree

2 files changed

+195
-0
lines changed

2 files changed

+195
-0
lines changed

Diff for: README.md

+10
Original file line numberDiff line numberDiff line change
@@ -365,6 +365,16 @@ the `target.input` and `target.output` attributes. For example, to match a threa
365365
servers with incoming traffic, use `any(target.inputs)`. A more advanced example,
366366
matching elements connecting to SQL datastores, would be `any(f.sink.oneOf(Datastore) and f.sink.isSQL for f in target.outputs)`.
367367

368+
## Making slides!
369+
370+
Once a threat model is done and ready, the dreaded presentation stage comes in - and now pytm can help you there as well, with a template that expresses your threat model in slides, using the power of (RevealMD)[https://github.com/webpro/reveal-md]! Just use the template docs/revealjs.md and you will get some pretty slides, fully configurable, that you can present and share from your browser.
371+
372+
373+
374+
https://github.com/izar/pytm/assets/368769/30218241-c7cc-4085-91e9-bbec2843f838
375+
376+
377+
368378
## Currently supported threats
369379

370380
```text

Diff for: docs/reveal.md

+185
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,185 @@
1+
# {tm.name}
2+
3+
---
4+
5+
## System Description
6+
7+
{tm.description}
8+
9+
---
10+
11+
## Dataflow Diagram
12+
13+
![](sample.png)
14+
15+
---
16+
17+
## Dataflows
18+
19+
----
20+
21+
{dataflows:repeat:
22+
23+
- **name** : {{item.display_name:call:}}
24+
- **from** : {{item.source.name}}
25+
- **to** : {{item.sink.name}}:{{item.dstPort}}
26+
- **data** : {{item.data}}
27+
- **protocol** : {{item.protocol}}
28+
29+
----
30+
}
31+
32+
---
33+
34+
## Data Dictionary
35+
36+
----
37+
38+
{data:repeat:
39+
40+
- **name** : {{item.name}}
41+
- **description** : {{item.description}}
42+
- **classification** : {{item.classification.name}}
43+
- **carried by** : {{item.carriedBy:repeat:{{{{item.name}}}}<br>}}
44+
- **processed by** : {{item.processedBy:repeat:{{{{item.name}}}}<br>}}
45+
46+
----
47+
}
48+
49+
50+
---
51+
52+
## Actors
53+
54+
----
55+
56+
{actors:repeat:
57+
- **name** : {{item.name}}
58+
- **description** : {{item.description}}
59+
- **is Admin** : {{item.isAdmin}}
60+
- **# of findings** : {{item:call:getFindingCount}}
61+
62+
{{item.findings:not:
63+
---
64+
}}
65+
66+
{{item.findings:if:
67+
----
68+
**Findings**
69+
70+
----
71+
72+
{{item.findings:repeat:
73+
<summary>{{{{item.id}}}} -- {{{{item.description}}}}</summary>
74+
75+
- **Targeted Element** : {{{{item.target}}}}
76+
- **Severity** : {{{{item.severity}}}}
77+
- **References** : {{{{item.references}}}}
78+
79+
----
80+
81+
}}
82+
}}
83+
}
84+
85+
## Trust Boundaries
86+
87+
----
88+
89+
{boundaries:repeat:
90+
- **name** : {{item.name}}
91+
- **description** : {{item.description}}
92+
- **in scope** : {{item.inScope}}
93+
- **immediate parent** : {{item.parents:if:{{item:call:getParentName}}}}{{item.parents:not:N/A, primary boundary}}
94+
- **all parents** : {{item.parents:call:{{{{item.display_name:call:}}}}, }}
95+
- **classification** : {{item.maxClassification}}
96+
- **finding count** : {{item:call:getFindingCount}}
97+
98+
{{item.findings:not:
99+
---
100+
}}
101+
102+
{{item.findings:if:
103+
----
104+
**Findings**
105+
106+
----
107+
108+
{{item.findings:repeat:
109+
<summary>{{{{item.id}}}} - {{{{item.description}}}}</summary>
110+
111+
- **Targeted Element** : {{{{item.target}}}}
112+
- **Severity** : {{{{item.severity}}}}
113+
- **References** : {{{{item.references}}}}
114+
----
115+
116+
}}
117+
}}
118+
}
119+
120+
## Assets
121+
122+
{assets:repeat:
123+
124+
- **name** : {{item.name}}
125+
- **description** : {{item.description}}
126+
- **in scope** : {{item.inScope}}
127+
- **type** : {{item:call:getElementType}}
128+
- **# of findings** : {{item:call:getFindingCount}}
129+
130+
{{item.findings:not:
131+
---
132+
}}
133+
134+
{{item.findings:if:
135+
----
136+
**Findings**
137+
138+
----
139+
140+
{{item.findings:repeat:
141+
<summary>{{{{item.id}}}} - {{{{item.description}}}}</summary>
142+
143+
- **Targeted Element** : {{{{item.target}}}}
144+
- **Severity** : {{{{item.severity}}}}
145+
- **References** : {{{{item.references}}}}
146+
----
147+
148+
}}
149+
}}
150+
}
151+
152+
## Data Flows
153+
154+
{dataflows:repeat:
155+
Name|{{item.name}}
156+
|:----|:----|
157+
Description|{{item.description}}|
158+
Sink|{{item.sink}}|
159+
Source|{{item.source}}|
160+
Is Response|{{item.isResponse}}|
161+
In Scope|{{item.inScope}}|
162+
Finding Count|{{item:call:getFindingCount}}|
163+
164+
{{item.findings:not:
165+
---
166+
}}
167+
168+
{{item.findings:if:
169+
----
170+
**Findings**
171+
172+
----
173+
174+
{{item.findings:repeat:
175+
<summary>{{{{item.id}}}} - {{{{item.description}}}}</summary>
176+
177+
- **Targeted Element** : {{{{item.target}}}}
178+
- **Severity** : {{{{item.severity}}}}
179+
- **References** : {{{{item.references}}}}
180+
----
181+
182+
}}
183+
}}
184+
}
185+

0 commit comments

Comments
 (0)