SeaSponge is another project (by Mozilla, this time) for modeling threats. You can download it for offline use from https://github.com/mozilla/seasponge or it also has an online version to model threats on the go. The online version is located at http://mozilla.github.io/seasponge.

The following screenshot shows the first screen of the SeaSponge online tool. We can get started with creating a new model by clicking Create Model:

The tool then asks for some metadata, such as Project Title, Authors, Version, and so on, as shown in the following screenshot:

The tool then provides us with a blank canvas and the left pane gives us options to add components, as shown in the following screenshot:

We can now add different elements to our threat model as required as shown in the image below.

However, unlike the Microsoft Threat Modeling Tool, which automatically enumerates probable threats, SeaSponge requires users to manually enumerate and add threats into the model.