Chapter 5
Attack Libraries
Some practitioners have suggested that STRIDE is too high level, and should be replaced with a more detailed list of what can go wrong. Insofar as STRIDE being abstract, they're right. It could well be useful to have a more detailed list of common problems.
A library of attacks can be a useful tool for finding threats against the system you're building. There are a number of ways to construct such a library. You could collect sets of attack tools; either proof-of-concept code or fully developed (“weaponized”) exploit code can help you understand the attacks. Such a collection, where no modeling or abstraction has taken place, means that each time you pick up the library, each participant needs to spend time and energy creating a model from the attacks. Therefore, a library that provides that abstraction (and at a more detailed level than STRIDE) could well be useful. In this chapter, you'll learn about several higher-level libraries...