Skip to content
Jon Gadsden edited this page Sep 14, 2022 · 7 revisions

Threat dragon documentation

Desktop install instructions

Linux installer and AppImage

Packages for both Debian and Fedora Linux on AMD64 and X86-64bit platforms can be downloaded from the releases folder, along with Snap and AppImage images.

MacOS installer

The .dmg installer for MacOS can be downloaded from the releases folder. Open the download and drag 'OWASP Threat Dragon' to the application directory. When the copy has finished then Threat Dragon can be run from launchpad or Finder -> Applications.

If an error message pops up when running for the first time, along the lines of 'OWASP Threat Dragon cannot be opened because the developer cannot be verified' or '"OWASP ZAP” cannot be opened because the developer cannot be verified, macOS cannot verify that this app is free from malware' then follow this FAQ to resolve this.

Windows installer

The .exe installer for Windows can be downloaded from the releases folder.

Windows will warn you that this is an application downloaded from the internet and ask you if you want to keep it. We assume that you trust the github download site, so agree to keep the file and the installer will then download. Run the installer either from the file icon in your download area or from a command line:

.\OWASP-Threat-Dragon-Setup-1.6.1.exe /S /D=C:\Test

Uninstall using a similar command: 'C:\tmp\Uninstall OWASP-Threat-Dragon.exe'. Note the single quotes because there is a space in the uninstall command name.

Command line using npm

For the latest versions of code between releases, npm can be used to install and run Threat Dragon locally:

git clone https://github.com/owasp/threat-dragon
cd threat-dragon/td.desktop
npm install

Then to run it:

npm run start

There is a limited command line interface, with help:

npm run help

For example to export a given threat model file to pdf :

npm run pdf ./threat-model.json