Skip to content

Latest commit

 

History

History
48 lines (30 loc) · 3.42 KB

README.md

File metadata and controls

48 lines (30 loc) · 3.42 KB

Awesome Security Card Games Awesome

A curated list of security card games (which are sometimes known as tabletop exercises).

Security card games help train your skills and enable discussions for various areas of security.

Contents

Application Security

  • Cornucopia - A card game based on OWASP's Top 10 (authentication, data Validation etc.). The card deck is available as PDF from OWASP.

Cryptography

  • Crypto Go - An educational card game designed to teach up to date symmetric cryptography. Crypto Go deck consists of cards representing modern cryptographic tools.

Data Privacy

  • Know your risks - Learn what information is safe to share online and understand the risks. Learn about whether to share, not share or be cautious with different pieces of information.

Incident Response

  • Backdoors & Breaches - An incident response card game. It helps you conduct incident response tabletop exercises and learn attack tactics, tools, and methods.
  • Defensomania - An incident response card game for security monitoring and incident response teams to discuss priorities, possible response actions and attack scenarios.

Threat Modeling

  • Elevation of Privilege (EOP) by Microsoft - A card game based on Microsoft's threat modeling framework "STRIDE" (Spoofing, Tampering etc.). The card deck is available as PDF from Microsoft. Adam Shostack, the author of EoP has also a git repo for EoP.
  • Security Cards - A card game encouraging to think broadly and creatively about computer security threats. Four dimensions are covered: Human Impact, Adversary's Motivations, Adversary's Resources, Adversary's Methods.
  • Cumulus - A threat modeling card game for the clouds which helps you find threats to your DevOps or cloud project and teaches developers a security oriented mindset.

Various Resources

Contributing

Contributions welcome! Read the contribution guidelines first.