Threat Modelling holds substantial importance in penetration testing, yet its significance often goes unrecognized. This presentation will elucidate the process of performing effective threat modelling during engagements, encompassing methodologies such as STRIDE and emphasizing real-world cases to underscore the implications of inadequate practices. Attendees will gain practical insights into implementing threat modelling through best practices, fostering a heightened appreciation for its role in enhancing cybersecurity strategies.