awesome-security-card-games
awesome-security-card-games copied to clipboard
Published
20 hours ago •
Karneades
Karneades
A curated list of security card games.
Awesome Security Card Games 
A curated list of security card games (which are sometimes known as tabletop exercises).
Security card games help train your skills for various areas of security, let discuss technical topics while playing a game.
Contents
- Application Security
- Cryptography
- Data Privacy
- Incident Response
- Threat Modeling
- Various Resources
Application Security
- Cornucopia - A card game based on OWASP's Top 10 (authentication, data Validation etc.). The card deck is available as PDF from OWASP.
Cryptography
- Crypto Go - Crypto Go is an educational card game designed to teach up to date symmetric cryptography. Crypto Go decks consist of 108 cards, representing modern cryptographic tools.
- Crypto Against Humanity - Crypto Against Humanity is a never ending game of Cards Against Humanity, where all participants compete to find the best matches. Crypto-economic primitives incentivize and reward card creation and curation.
Data Privacy
- Know your risks - Learn what information is safe to share online and understand the risks. Learn about whether to share, not share or be cautious with different pieces of information. Sort as quickly as you can.
Incident Response
- Backdoors & Breaches - An incident response card game, it and contains 52 unique cards to help you conduct incident response tabletop exercises and learn attack tactics, tools, and methods.
- Defensomania - A incident response card game for security monitoring and incident response teams. It consists of over 150 cards, most of them are incident response activities and over 30 attack scenarios. Play your best incident response activity card against the given attack scenario.
Threat Modeling
- Elevation of Privilege (EOP) by Microsoft - A card game based on Microsoft's threat modeling framework "STRIDE" (Spoofing, Tampering etc.). The card deck is available as PDF from Microsoft. Adam Shostack, the author of EoP has also a git repo for EoP.
- Security Cards - A card game encouraging to think broadly and creatively about computer security threats. Explore with 42 cards along 4 dimensions (suits): Human Impact, Adversary's Motivations, Adversary's Resources, Adversary's Methods.
Various Resources
- Tabletop Security Games & Cards - An awesome list of security card games created and maintained by Adam Shostack.
- Tabletop Simulations to Improve Your Information Security Program - Red Canary's write-up about tabletop exercises for information security programs.
Contributing
Contributions welcome! Read the contribution guidelines first.
Karneades