Skip to main content

Thread Modelling Cheatsheet: Know Your Weaknesses Before Attackers Do!


Threat Modelling Part - 1

What is Threat Modelling?

    Threat modelling is the process of identifying, assessing, and mitigating potential security threats before they happen. It helps teams anticipate how systems can be attacked and build defences proactively, not reactively.

Key Concepts
Threat: Something (like a hacker or malware) that could exploit a weakness.
Vulnerability: A flaw in your system that can be exploited.
Risk: The chance that a threat will exploit a vulnerability to cause damage.

Analogy:

  • Threat = Burglar

  • Vulnerability = Unlocked door

  • Risk = Getting robbed because the door is open in a bad neighborhood

 Threat Modelling Process (High-Level)

  1. Define the Scope – What systems/apps are you evaluating?

  2. Identify Assets – What needs protection? (e.g. data, services)

  3. Identify Threats – Think like an attacker. What could go wrong?

  4. Analyze Vulnerabilities – What weaknesses exist?

  5. Prioritize Risks – What's most likely and damaging?

  6. Design Countermeasures – Apply fixes and mitigations

  7. Monitor & Improve – Track effectiveness, adjust over time

 Who's Involved?

  • Security Team: Leads threat modelling

  • Developers: Build secure code from day one

  • IT/Infra Team: Understands systems and networks

  • GRC: Aligns with policies & compliance

  • Business Stakeholders: Provide asset value/risk appetite

  • End Users: Offer real-world usage insight

 Bonus: Attack Trees

An attack tree visually maps how an attacker can reach a goal (like accessing sensitive data).
Each path is a step-by-step plan they could follow. Think of it as a "hacker's to-do list"!





Enhance with MITRE ATT&CK

Map your identified threats to real-world attacker behaviors using MITRE ATT&CK.
It helps in:

  • Visualizing attack paths

  • Prioritizing fixes

  • Understanding threat actors

  • Improving detection & defense

Summary

Threat modelling = Proactive security. Know your assets, threats, and weaknesses. Then fix them before they’re exploited.

 Stay tuned for upcoming posts on MITRE,STRIDE, DREAD, and more threat modelling frameworks!


Comments

Post a Comment

Popular posts from this blog

Powershell Automation Basics - Part 1

Pentest Notes: PowerShell Automation - Basics Pentest Notes: PowerShell Automation - Basics These notes cover PowerShell automation for penetration testing, focusing on practical applications and techniques. What is PowerShell? A powerful scripting language and command-line shell built on the .NET framework, heavily integrated with Windows. Ideal for system administration and automation, making it a valuable tool for pentesters. Why PowerShell for Pentesting? Native to Windows: Pre-installed on most Windows systems. Object-oriented: Allows for complex data manipulation and interaction with APIs. Access to .NET Framework: Enables interaction with a vast library of classes and functions. Remoting capabilities: Execute commands on remote systems. Bypass security restrictions: Can be used to circumvent some security measures if not properly configured. Basic Syntax Cmdlets: Commands in PowerShell (e.g., Get-Process , Get-Service , Get-ChildItem ). P...
Post a Comment
Read more

Pivoting Commands

Pivoting for Red Teamers Pivoting in Red Team Operations: A Complete Guide Introduction In a real-world red team operation , gaining initial access is just the beginning. The real challenge is pivoting —the ability to move laterally, escalate privileges, and compromise additional systems within the network. What is Pivoting? Pivoting is a technique used to route traffic through a compromised host to access internal networks that are not directly reachable. Types of Pivoting Network Pivoting : Routes network traffic through a compromised host (e.g., SSH Tunneling, Metasploit, ProxyChains). Port Forwarding : Exposes specific ports from an internal machine to the attacker (e.g., SSH Local Port Forwarding). Step 1: Pivoting Using Metasploit Setting Up a Pivot via Meterpreter meterpreter> backgroun...
Post a Comment
Read more

SQLDB Pentest

Pivoting for Red Teamers SQL Database & SQL Injection Pentesting Cheat Sheet SQL databases store crucial application data, and misconfigurations can make them vulnerable to SQL Injection (SQLi) attacks. This guide covers database enumeration, privilege escalation, and SQL injection techniques. Step 1: Identifying SQL Database Type Check the database type by sending payloads in the input fields or URL: ' OR 1=1 -- (MySQL, PostgreSQL, MSSQL) ' UNION SELECT 1,2,3 -- (Check column count) ' AND 1=CONVERT(int,@@version) -- (MSSQL Test) Observe the error messages for database identification. Step 2: Enumerating Database Tables & Columns Use SQL queries to extract database structure. For MySQL: SELECT table_name FROM information_schema.tables WHERE table_schema=DATABASE(); SELECT column_name FROM information_schema.columns WHERE table_name='user...
Post a Comment
Read more