Webapp installation

OWASP Threat Dragon

Threat Dragon comes in two variants, a desktop application and a web application.

Web application install instructions

The web application can be run locally or from a server.

Installing

Threat Dragon is a node.js single page application using Vue on the client and Express on the server. To build and run locally follow these steps:

Install node.js, which includes the node package manager npm, and also install git. To get the code, navigate to where you want your code to be located and run

git init
git clone https://github.com/owasp/threat-dragon.git

This installs code in two sub-folders. One for the main application (td.site) and one for the server (td.server). To install use pnpm (rather than npm):

pnpm install

Environment variables

See the environment page for details on configuring your environment variables.

Running the application

Once your environment variables are set up, if running on Linux or MacOS start the node web server with :

npm start

When running on Windows the front-end and back-end are started separately using commands: npm run dev:server and npm run dev:vue.

If you then browse to http://localhost:8080 you should see the running application.