1. 8
    Documenting your architecture: Wireshark, PlantUML and a REPL to glue them all debugging networking practices danlebrero.com
    ohm-r avatar via ohm-r 4 years ago |
    Archive.org Archive.today Ghostarchive
    | 2 comments

I saw this article today, and it reminded me of a project I’m working on to make documentation generation less of a manual effort, especially structural diagrams.

How often do you use PlantUML or similar tools, starting from Graphviz up?

    1. 1
      runejuhl avatar runejuhl 4 years ago | link

      Neat, thank you for posting this.

      …and to answer your question: rarely, but I actually have a task at hand where I might turn to it.

    2. 1
      lojikil avatar lojikil 4 years ago | link

      I use them quite often:

      • threat modeling: data flows, logical/physical connections, attacker path (“kill chain”)
      • program analysis: CFGs, data flow, symbolic execution (graph path & constraints)
      • documentation: laying out the states &c of a program, logical connection points, &c.
      • pentesting: similar to the threat model, I’ve definitely used them to document the attack path/kill chain (credential stuffing -> unpatched terminal server -> Mimikatz -> privesc -> DA).

      I don’t use UML as much, but I know PyTM, a threat modeling framework, uses it (and PlantUML specifically) quite extensively. I like graphviz and DOT because they’re pretty simple to parse and generate, but I have been tempted a few times given how clean the images that PlantUML generates…