GitHub

Analyze resource-based policy dependencies across your AWS Organizations accounts

Analyze resource-based policy dependencies across your AWS Organizations accounts 2025-05-09 at 08:02 By Help Net Security Managing multiple AWS accounts in an organization can get complicated, especially when trying to understand how services and permissions are connected. The Account Assessment for AWS Organizations open-source tool helps simplify this process by giving you a central place […]

React to this headline:

Loading spinner

Analyze resource-based policy dependencies across your AWS Organizations accounts Read More »

Autorize: Burp Suite extension for automatic authorization enforcement detection

Autorize: Burp Suite extension for automatic authorization enforcement detection 2025-05-07 at 08:02 By Help Net Security Autorize is an open-source Burp Suite extension that checks if users can access things they shouldn’t. It runs automatic tests to help security testers find authorization problems. Autorize installation To use Autorize, you’ll need Burp Suite and Jython. Here’s

React to this headline:

Loading spinner

Autorize: Burp Suite extension for automatic authorization enforcement detection Read More »

Vuls: Open-source agentless vulnerability scanner

Vuls: Open-source agentless vulnerability scanner 2025-05-05 at 07:33 By Help Net Security Vuls is an open-source tool that helps users find and manage security vulnerabilities. It was created to solve the daily problems admins face when trying to keep servers secure. Many administrators choose not to use automatic software updates because they want to avoid

React to this headline:

Loading spinner

Vuls: Open-source agentless vulnerability scanner Read More »

Hottest cybersecurity open-source tools of the month: April 2025

Hottest cybersecurity open-source tools of the month: April 2025 2025-05-01 at 08:36 By Help Net Security This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. GoSearch: Open-source OSINT tool for uncovering digital footprints GoSearch is an open-source OSINT tool built to uncover digital footprints linked to

React to this headline:

Loading spinner

Hottest cybersecurity open-source tools of the month: April 2025 Read More »

Villain: Open-source framework for managing and enhancing reverse shells

Villain: Open-source framework for managing and enhancing reverse shells 2025-04-30 at 08:04 By Mirko Zorz Villain is an open-source Stage 0/1 command-and-control (C2) framework designed to manage multiple reverse TCP and HoaxShell-based shells. Beyond simply handling connections, Villain enhances these shells with added functionality, offering commands and utilities, and allowing for shell sessions sharing across

React to this headline:

Loading spinner

Villain: Open-source framework for managing and enhancing reverse shells Read More »

GoSearch: Open-source OSINT tool for uncovering digital footprints

GoSearch: Open-source OSINT tool for uncovering digital footprints 2025-04-28 at 08:01 By Help Net Security GoSearch is an open-source OSINT tool built to uncover digital footprints linked to specific usernames. Designed for speed and accuracy, it lets users quickly track someone’s online presence across multiple platforms. GoSearch incorporates data from Hudson Rock’s Cybercrime Database, offering

React to this headline:

Loading spinner

GoSearch: Open-source OSINT tool for uncovering digital footprints Read More »

Files Deleted From GitHub Repos Leak Valuable Secrets

Files Deleted From GitHub Repos Leak Valuable Secrets 2025-04-23 at 16:12 By Ionut Arghire A security researcher has discovered hundreds of leaked secrets by restoring files deleted from GitHub repositories. The post Files Deleted From GitHub Repos Leak Valuable Secrets appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

Files Deleted From GitHub Repos Leak Valuable Secrets Read More »

SWE-agent: Open-source tool uses LLMs to fix issues in GitHub repositories

SWE-agent: Open-source tool uses LLMs to fix issues in GitHub repositories 2025-04-23 at 08:36 By Mirko Zorz By connecting powerful language models like GPT-4o and Claude Sonnet 3.5 to real-world tools, the open-source tool SWE-agent allows them to autonomously perform complex tasks: from fixing bugs in live GitHub repositories and solving cybersecurity challenges, to browsing

React to this headline:

Loading spinner

SWE-agent: Open-source tool uses LLMs to fix issues in GitHub repositories Read More »

Hawk Eye: Open-source scanner uncovers secrets and PII across platforms

Hawk Eye: Open-source scanner uncovers secrets and PII across platforms 2025-04-21 at 08:37 By Mirko Zorz Hawk Eye is an open-source tool that helps find sensitive data before it leaks. It runs from the command line and checks many types of storage for PII and secrets: passwords, API keys, and personal information. “Unlike most open-source

React to this headline:

Loading spinner

Hawk Eye: Open-source scanner uncovers secrets and PII across platforms Read More »

Attack Flow: Learn how cyber adversaries combine and sequence offensive techniques

Attack Flow: Learn how cyber adversaries combine and sequence offensive techniques 2025-04-16 at 08:01 By Help Net Security MITRE’s Attack Flow project aims to translate complex cyber operations into a structured language. By describing how adversaries sequence and combine offensive techniques to reach their objectives, Attack Flow offers defenders, analysts, and decision-makers a tool to

React to this headline:

Loading spinner

Attack Flow: Learn how cyber adversaries combine and sequence offensive techniques Read More »

Tirreno: Open-source fraud prevention platform

Tirreno: Open-source fraud prevention platform 2025-04-14 at 08:01 By Mirko Zorz Tirreno is an open-source fraud prevention platform designed as a universal analytics tool to monitor online platforms, web applications, SaaS products, digital communities, mobile apps, intranets, and e-commerce websites. “Our aim is to liberate online fraud protection technologies, making them widely available for organizations

React to this headline:

Loading spinner

Tirreno: Open-source fraud prevention platform Read More »

GitHub Announces General Availability of Security Campaigns

GitHub Announces General Availability of Security Campaigns 2025-04-10 at 14:21 By Eduard Kovacs GitHub security campaigns make it easier for developers and security teams to collaborate on fixing vulnerabilities in their applications. The post GitHub Announces General Availability of Security Campaigns appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

GitHub Announces General Availability of Security Campaigns Read More »

APTRS: Open-source automated penetration testing reporting system

APTRS: Open-source automated penetration testing reporting system 2025-04-09 at 07:46 By Mirko Zorz APTRS is an open-source reporting tool built with Python and Django. It’s made for penetration testers and security teams who want to save time on reports. Instead of writing reports by hand, users can create PDF and Excel files directly in the

React to this headline:

Loading spinner

APTRS: Open-source automated penetration testing reporting system Read More »

YES3 Scanner: Open-source S3 security scanner for public access, ransomware protection

YES3 Scanner: Open-source S3 security scanner for public access, ransomware protection 2025-04-07 at 07:35 By Mirko Zorz YES3 Scanner is an open-source tool that scans and analyzes 10+ different configuration items for your S3 buckets in AWS. This includes access such as public access via ACLs and bucket policies – including the complex combinations of

React to this headline:

Loading spinner

YES3 Scanner: Open-source S3 security scanner for public access, ransomware protection Read More »

39 Million Secrets Leaked on GitHub in 2024

39 Million Secrets Leaked on GitHub in 2024 2025-04-03 at 14:01 By Ionut Arghire GitHub has announced new capabilities to help organizations and developers keep secrets in their code protected. The post 39 Million Secrets Leaked on GitHub in 2024 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

39 Million Secrets Leaked on GitHub in 2024 Read More »

BlueToolkit: Open-source Bluetooth Classic vulnerability testing framework

BlueToolkit: Open-source Bluetooth Classic vulnerability testing framework 2025-04-02 at 07:35 By Mirko Zorz BlueToolkit is an open-source tool that helps find security flaws in Bluetooth Classic devices. It runs known and custom exploits to test if a device is vulnerable. Right now, it includes 43 different exploits. Some are public, and others were made specifically

React to this headline:

Loading spinner

BlueToolkit: Open-source Bluetooth Classic vulnerability testing framework Read More »

Exegol: Open-source hacking environment

Exegol: Open-source hacking environment 2025-03-31 at 08:02 By Mirko Zorz Exegol is a community-driven hacking environment, which helps users deploy hacking setups quickly and securely. It’s made for penetration testers, CTF players, bug bounty hunters, researchers, defenders, and both new and experienced users. Exegol offers clean, secure environments. Each project can have its own Docker

React to this headline:

Loading spinner

Exegol: Open-source hacking environment Read More »

Cloudflare open sources OPKSSH to bring Single Sign-On to SSH

Cloudflare open sources OPKSSH to bring Single Sign-On to SSH 2025-03-28 at 13:31 By Help Net Security OPKSSH (OpenPubkey SSH) makes it easy to authenticate to servers over SSH using OpenID Connect (OIDC), allowing developers to ditch manually configured SSH keys in favor of identity provider-based access. By tightly integrating with identity providers (IdPs) and

React to this headline:

Loading spinner

Cloudflare open sources OPKSSH to bring Single Sign-On to SSH Read More »

Hottest cybersecurity open-source tools of the month: March 2025

Hottest cybersecurity open-source tools of the month: March 2025 2025-03-27 at 07:01 By Help Net Security This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Hetty: Open-source HTTP toolkit for security research Hetty is an open-source HTTP toolkit designed for security research, offering a free alternative

React to this headline:

Loading spinner

Hottest cybersecurity open-source tools of the month: March 2025 Read More »

Malwoverview: First response tool for threat hunting

Malwoverview: First response tool for threat hunting 2025-03-26 at 07:32 By Mirko Zorz Malwoverview is an open-source threat hunting tool designed for the initial triage of malware samples, URLs, IP addresses, domains, malware families, IOCs, and hashes. “Malwoverview is simple and direct, integrating multiple public sandboxes to retrieve and display only relevant information. It enables

React to this headline:

Loading spinner

Malwoverview: First response tool for threat hunting Read More »

Scroll to Top