GitHub

Cloudflare open sources OPKSSH to bring Single Sign-On to SSH

authentication, Cloudflare, GitHub, News, open source, SSH /

Cloudflare open sources OPKSSH to bring Single Sign-On to SSH 2025-03-28 at 13:31 By Help Net Security OPKSSH (OpenPubkey SSH) makes it easy to authenticate to servers over SSH using OpenID Connect (OIDC), allowing developers to ditch manually configured SSH keys in favor of identity provider-based access. By tightly integrating with identity providers (IdPs) and […]

React to this headline:

Loading spinner

Cloudflare open sources OPKSSH to bring Single Sign-On to SSH Read More »

Hottest cybersecurity open-source tools of the month: March 2025

cybersecurity, Don't miss, GitHub, News, open source, software /

Hottest cybersecurity open-source tools of the month: March 2025 2025-03-27 at 07:01 By Help Net Security This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Hetty: Open-source HTTP toolkit for security research Hetty is an open-source HTTP toolkit designed for security research, offering a free alternative

React to this headline:

Loading spinner

Hottest cybersecurity open-source tools of the month: March 2025 Read More »

Malwoverview: First response tool for threat hunting

Don't miss, GitHub, News, open source, software /

Malwoverview: First response tool for threat hunting 2025-03-26 at 07:32 By Mirko Zorz Malwoverview is an open-source threat hunting tool designed for the initial triage of malware samples, URLs, IP addresses, domains, malware families, IOCs, and hashes. “Malwoverview is simple and direct, integrating multiple public sandboxes to retrieve and display only relevant information. It enables

React to this headline:

Loading spinner

Malwoverview: First response tool for threat hunting Read More »

Finders Keypers: Open-source AWS KMS key usage finder

AWS, Don't miss, GitHub, News, open source, software /

Finders Keypers: Open-source AWS KMS key usage finder 2025-03-24 at 07:32 By Mirko Zorz Finders Keypers is an open-source tool for analyzing the current usage of AWS KMS keys. It supports both AWS customer managed KMS keys and AWS Managed KMS keys. Use cases include: Identifying the blast radius of specific KMS keys and the

React to this headline:

Loading spinner

Finders Keypers: Open-source AWS KMS key usage finder Read More »

Impact, Root Cause of GitHub Actions Supply Chain Hack Revealed

Featured, GitHub, GitHub actions, supply chain, Supply Chain Security /

Impact, Root Cause of GitHub Actions Supply Chain Hack Revealed 2025-03-21 at 12:17 By Eduard Kovacs More details have come to light on the recent supply chain attack targeting GitHub Actions, including its root cause. The post Impact, Root Cause of GitHub Actions Supply Chain Hack Revealed appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Impact, Root Cause of GitHub Actions Supply Chain Hack Revealed Read More »

70% of leaked secrets remain active two years later

cybersecurity, Data leak, GitGuardian, GitHub, News, report, survey /

70% of leaked secrets remain active two years later 2025-03-20 at 07:01 By Help Net Security Long-lived plaintext credentials have been involved in most breaches over the last several years, according to GitGuardian. When valid credentials, such as API keys, passwords, and authentication tokens, leak, attackers at any skill level can gain initial access or

React to this headline:

Loading spinner

70% of leaked secrets remain active two years later Read More »

Dependency-Check: Open-source Software Composition Analysis (SCA) tool

CVE, cybersecurity, Don't miss, GitHub, News, OWASP, software /

Dependency-Check: Open-source Software Composition Analysis (SCA) tool 2025-03-19 at 07:47 By Help Net Security Dependency-Check is an open-source Software Composition Analysis (SCA) tool to identify publicly disclosed vulnerabilities within a project’s dependencies. The tool analyzes dependencies for Common Platform Enumeration (CPE) identifiers. When a match is found, the tool generates a report with links to

React to this headline:

Loading spinner

Dependency-Check: Open-source Software Composition Analysis (SCA) tool Read More »

Popular GitHub Action Targeted in Supply Chain Attack

Application Security, Featured, GitHub, GitHub actions, supply chain, Supply Chain Security /

Popular GitHub Action Targeted in Supply Chain Attack 2025-03-17 at 12:04 By Eduard Kovacs The tj-actions/changed-files GitHub Action, which is used in 23,000 repositories, has been targeted in a supply chain attack. The post Popular GitHub Action Targeted in Supply Chain Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Popular GitHub Action Targeted in Supply Chain Attack Read More »

IntelMQ: Open-source tool for collecting and processing security feeds

Don't miss, GitHub, News, open source, software, Threat Intelligence /

IntelMQ: Open-source tool for collecting and processing security feeds 2025-03-17 at 07:02 By Mirko Zorz IntelMQ is an open-source solution designed to help IT security teams (including CERTs, CSIRTs, SOCs, and abuse departments) streamline the collection and processing of security feeds using a message queuing protocol. “Originally designed for CSIRTs and later adopted by SOCs,

React to this headline:

Loading spinner

IntelMQ: Open-source tool for collecting and processing security feeds Read More »

NetBird: Open-source network security

Don't miss, GitHub, News, open source, software /

NetBird: Open-source network security 2025-03-12 at 08:03 By Help Net Security NetBird is an open-source solution that integrates a configuration-free peer-to-peer private network with centralized access control, providing a single platform to build secure private networks for your organization or home. NetBird features NetBird creates a WireGuard-based overlay network that automatically connects your machines over

React to this headline:

Loading spinner

NetBird: Open-source network security Read More »

Hetty: Open-source HTTP toolkit for security research

Don't miss, GitHub, News, open source, penetration testing, software /

Hetty: Open-source HTTP toolkit for security research 2025-03-10 at 08:17 By Help Net Security Hetty is an open-source HTTP toolkit designed for security research, offering a free alternative to commercial tools like Burp Suite Pro. Built with the needs of penetration testers, security professionals, and bug bounty hunters in mind, Hetty provides a set of

React to this headline:

Loading spinner

Hetty: Open-source HTTP toolkit for security research Read More »

Fix Inventory: Open-source cloud asset inventory tool

asset discovery, cloud security, Don't miss, GitHub, IT assets, News, open source, software /

Fix Inventory: Open-source cloud asset inventory tool 2025-03-05 at 08:04 By Help Net Security Fix Inventory is an open-source tool for detecting compliance and security risks in cloud infrastructure accounts. It was built from the ground up for cloud-native environments and provides broad support for over 300 cloud services, including AWS, Google Cloud Platform, Azure,

React to this headline:

Loading spinner

Fix Inventory: Open-source cloud asset inventory tool Read More »

Commix: Open-source OS command injection exploitation tool

cybersecurity, Don't miss, GitHub, News, open source, software /

Commix: Open-source OS command injection exploitation tool 2025-03-03 at 08:08 By Help Net Security Commix is an open-source penetration testing tool designed to automate the detection and exploitation of command injection vulnerabilities, streamlining security assessments for researchers and ethical hackers. Commix features Easy to use: Commix simplifies the process of identifying and exploiting command injection

React to this headline:

Loading spinner

Commix: Open-source OS command injection exploitation tool Read More »

Hottest cybersecurity open-source tools of the month: February 2025

cybersecurity, Don't miss, GitHub, News, open source, software /

Hottest cybersecurity open-source tools of the month: February 2025 2025-02-27 at 07:31 By Help Net Security This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Kunai: Open-source threat hunting tool for Linux Kunai is an open-source tool that provides deep and precise event monitoring for Linux

React to this headline:

Loading spinner

Hottest cybersecurity open-source tools of the month: February 2025 Read More »

Hundreds of GitHub repos served up malware for years

Don't miss, GitHub, Hot stuff, Kaspersky, Malware, News /

Hundreds of GitHub repos served up malware for years 2025-02-26 at 13:13 By Zeljka Zorz Kaspersky researchers have unearthed an extensive and long-running malware delivery campaign that exploited users’ propensity for downloading code from GitHub and using it without first verifying whether it’s malicious. “Over the course of the GitVenom campaign, the threat actors behind

React to this headline:

Loading spinner

Hundreds of GitHub repos served up malware for years Read More »

Dalfox: Open-source XSS scanner

Don't miss, GitHub, News, open source, penetration testing, scanning, software, XSS /

Dalfox: Open-source XSS scanner 2025-02-26 at 08:20 By Mirko Zorz DalFox is an open-source tool for automating the detection of XSS vulnerabilities. With powerful testing capabilities and a wide range of features, it makes scanning, analyzing parameters, and verifying vulnerabilities faster and easier. “The uniqueness of Dalfox lies in its speed and ability to easily

React to this headline:

Loading spinner

Dalfox: Open-source XSS scanner Read More »

Misconfig Mapper: Open-source tool to uncover security misconfigurations

Don't miss, GitHub, misconfiguration, News, open source, software /

Misconfig Mapper: Open-source tool to uncover security misconfigurations 2025-02-24 at 07:33 By Mirko Zorz Misconfig Mapper is an open-source CLI tool built in Golang that discovers and enumerates instances of services used within your organization. It performs large-scale detection and misconfiguration assessments, leveraging customizable templates with detection and misconfiguration fingerprints to identify potential security risks

React to this headline:

Loading spinner

Misconfig Mapper: Open-source tool to uncover security misconfigurations Read More »

PRevent: Open-source tool to detect malicious code in pull requests

Apiiro, code analysis, Don't miss, GitHub, Hot stuff, Java, JavaScript, Kotlin, News, open source, PHP, programming, Python, Ruby, software development, threat detection /

PRevent: Open-source tool to detect malicious code in pull requests 2025-02-20 at 16:52 By Zeljka Zorz Apiiro security researchers have released open source tools that can help organizations detect malicious code as part of their software development lifecycle: PRevent (a scanner for pull requests), and a malicious code detection ruleset for Semgrep and Opengrep static

React to this headline:

Loading spinner

PRevent: Open-source tool to detect malicious code in pull requests Read More »

Kunai: Open-source threat hunting tool for Linux

Don't miss, GitHub, Linux, News, open source, software, threat hunting /

Kunai: Open-source threat hunting tool for Linux 2025-02-19 at 08:19 By Mirko Zorz Kunai is an open-source tool that provides deep and precise event monitoring for Linux environments. “What sets Kunai apart is its ability to go beyond simple event generation. While most security monitoring tools rely on syscalls or kernel function hooking, Kunai takes

React to this headline:

Loading spinner

Kunai: Open-source threat hunting tool for Linux Read More »

Scroll to Top