GitHub

Attack Flow: Learn how cyber adversaries combine and sequence offensive techniques

cybersecurity, Don't miss, GitHub, MITRE, News, open source, software /

Attack Flow: Learn how cyber adversaries combine and sequence offensive techniques 2025-04-16 at 08:01 By Help Net Security MITRE’s Attack Flow project aims to translate complex cyber operations into a structured language. By describing how adversaries sequence and combine offensive techniques to reach their objectives, Attack Flow offers defenders, analysts, and decision-makers a tool to […]

React to this headline:

Loading spinner

Attack Flow: Learn how cyber adversaries combine and sequence offensive techniques Read More »

Tirreno: Open-source fraud prevention platform

Don't miss, fraud, GitHub, News, open source, software /

Tirreno: Open-source fraud prevention platform 2025-04-14 at 08:01 By Mirko Zorz Tirreno is an open-source fraud prevention platform designed as a universal analytics tool to monitor online platforms, web applications, SaaS products, digital communities, mobile apps, intranets, and e-commerce websites. “Our aim is to liberate online fraud protection technologies, making them widely available for organizations

React to this headline:

Loading spinner

Tirreno: Open-source fraud prevention platform Read More »

GitHub Announces General Availability of Security Campaigns

Application Security, GitHub, security campaigns, source code /

GitHub Announces General Availability of Security Campaigns 2025-04-10 at 14:21 By Eduard Kovacs GitHub security campaigns make it easier for developers and security teams to collaborate on fixing vulnerabilities in their applications. The post GitHub Announces General Availability of Security Campaigns appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

GitHub Announces General Availability of Security Campaigns Read More »

APTRS: Open-source automated penetration testing reporting system

Don't miss, GitHub, News, open source, penetration testing, software /

APTRS: Open-source automated penetration testing reporting system 2025-04-09 at 07:46 By Mirko Zorz APTRS is an open-source reporting tool built with Python and Django. It’s made for penetration testers and security teams who want to save time on reports. Instead of writing reports by hand, users can create PDF and Excel files directly in the

React to this headline:

Loading spinner

APTRS: Open-source automated penetration testing reporting system Read More »

YES3 Scanner: Open-source S3 security scanner for public access, ransomware protection

AWS, cloud security, Don't miss, GitHub, Hot stuff, News, open source, software /

YES3 Scanner: Open-source S3 security scanner for public access, ransomware protection 2025-04-07 at 07:35 By Mirko Zorz YES3 Scanner is an open-source tool that scans and analyzes 10+ different configuration items for your S3 buckets in AWS. This includes access such as public access via ACLs and bucket policies – including the complex combinations of

React to this headline:

Loading spinner

YES3 Scanner: Open-source S3 security scanner for public access, ransomware protection Read More »

39 Million Secrets Leaked on GitHub in 2024

Data Protection, GitHub, secrets scanning, secrets sprawl, source code /

39 Million Secrets Leaked on GitHub in 2024 2025-04-03 at 14:01 By Ionut Arghire GitHub has announced new capabilities to help organizations and developers keep secrets in their code protected. The post 39 Million Secrets Leaked on GitHub in 2024 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Loading spinner

39 Million Secrets Leaked on GitHub in 2024 Read More »

BlueToolkit: Open-source Bluetooth Classic vulnerability testing framework

Bluetooth, Don't miss, framework, GitHub, Hot stuff, News, open source, software /

BlueToolkit: Open-source Bluetooth Classic vulnerability testing framework 2025-04-02 at 07:35 By Mirko Zorz BlueToolkit is an open-source tool that helps find security flaws in Bluetooth Classic devices. It runs known and custom exploits to test if a device is vulnerable. Right now, it includes 43 different exploits. Some are public, and others were made specifically

React to this headline:

Loading spinner

BlueToolkit: Open-source Bluetooth Classic vulnerability testing framework Read More »

Exegol: Open-source hacking environment

cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, penetration testing, software /

Exegol: Open-source hacking environment 2025-03-31 at 08:02 By Mirko Zorz Exegol is a community-driven hacking environment, which helps users deploy hacking setups quickly and securely. It’s made for penetration testers, CTF players, bug bounty hunters, researchers, defenders, and both new and experienced users. Exegol offers clean, secure environments. Each project can have its own Docker

React to this headline:

Loading spinner

Exegol: Open-source hacking environment Read More »

Cloudflare open sources OPKSSH to bring Single Sign-On to SSH

authentication, Cloudflare, GitHub, News, open source, SSH /

Cloudflare open sources OPKSSH to bring Single Sign-On to SSH 2025-03-28 at 13:31 By Help Net Security OPKSSH (OpenPubkey SSH) makes it easy to authenticate to servers over SSH using OpenID Connect (OIDC), allowing developers to ditch manually configured SSH keys in favor of identity provider-based access. By tightly integrating with identity providers (IdPs) and

React to this headline:

Loading spinner

Cloudflare open sources OPKSSH to bring Single Sign-On to SSH Read More »

Hottest cybersecurity open-source tools of the month: March 2025

cybersecurity, Don't miss, GitHub, News, open source, software /

Hottest cybersecurity open-source tools of the month: March 2025 2025-03-27 at 07:01 By Help Net Security This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Hetty: Open-source HTTP toolkit for security research Hetty is an open-source HTTP toolkit designed for security research, offering a free alternative

React to this headline:

Loading spinner

Hottest cybersecurity open-source tools of the month: March 2025 Read More »

Malwoverview: First response tool for threat hunting

Don't miss, GitHub, News, open source, software /

Malwoverview: First response tool for threat hunting 2025-03-26 at 07:32 By Mirko Zorz Malwoverview is an open-source threat hunting tool designed for the initial triage of malware samples, URLs, IP addresses, domains, malware families, IOCs, and hashes. “Malwoverview is simple and direct, integrating multiple public sandboxes to retrieve and display only relevant information. It enables

React to this headline:

Loading spinner

Malwoverview: First response tool for threat hunting Read More »

Finders Keypers: Open-source AWS KMS key usage finder

AWS, Don't miss, GitHub, News, open source, software /

Finders Keypers: Open-source AWS KMS key usage finder 2025-03-24 at 07:32 By Mirko Zorz Finders Keypers is an open-source tool for analyzing the current usage of AWS KMS keys. It supports both AWS customer managed KMS keys and AWS Managed KMS keys. Use cases include: Identifying the blast radius of specific KMS keys and the

React to this headline:

Loading spinner

Finders Keypers: Open-source AWS KMS key usage finder Read More »

Impact, Root Cause of GitHub Actions Supply Chain Hack Revealed

Featured, GitHub, GitHub actions, supply chain, Supply Chain Security /

Impact, Root Cause of GitHub Actions Supply Chain Hack Revealed 2025-03-21 at 12:17 By Eduard Kovacs More details have come to light on the recent supply chain attack targeting GitHub Actions, including its root cause. The post Impact, Root Cause of GitHub Actions Supply Chain Hack Revealed appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Impact, Root Cause of GitHub Actions Supply Chain Hack Revealed Read More »

70% of leaked secrets remain active two years later

cybersecurity, Data leak, GitGuardian, GitHub, News, report, survey /

70% of leaked secrets remain active two years later 2025-03-20 at 07:01 By Help Net Security Long-lived plaintext credentials have been involved in most breaches over the last several years, according to GitGuardian. When valid credentials, such as API keys, passwords, and authentication tokens, leak, attackers at any skill level can gain initial access or

React to this headline:

Loading spinner

70% of leaked secrets remain active two years later Read More »

Dependency-Check: Open-source Software Composition Analysis (SCA) tool

CVE, cybersecurity, Don't miss, GitHub, News, OWASP, software /

Dependency-Check: Open-source Software Composition Analysis (SCA) tool 2025-03-19 at 07:47 By Help Net Security Dependency-Check is an open-source Software Composition Analysis (SCA) tool to identify publicly disclosed vulnerabilities within a project’s dependencies. The tool analyzes dependencies for Common Platform Enumeration (CPE) identifiers. When a match is found, the tool generates a report with links to

React to this headline:

Loading spinner

Dependency-Check: Open-source Software Composition Analysis (SCA) tool Read More »

Popular GitHub Action Targeted in Supply Chain Attack

Application Security, Featured, GitHub, GitHub actions, supply chain, Supply Chain Security /

Popular GitHub Action Targeted in Supply Chain Attack 2025-03-17 at 12:04 By Eduard Kovacs The tj-actions/changed-files GitHub Action, which is used in 23,000 repositories, has been targeted in a supply chain attack. The post Popular GitHub Action Targeted in Supply Chain Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Popular GitHub Action Targeted in Supply Chain Attack Read More »

IntelMQ: Open-source tool for collecting and processing security feeds

Don't miss, GitHub, News, open source, software, Threat Intelligence /

IntelMQ: Open-source tool for collecting and processing security feeds 2025-03-17 at 07:02 By Mirko Zorz IntelMQ is an open-source solution designed to help IT security teams (including CERTs, CSIRTs, SOCs, and abuse departments) streamline the collection and processing of security feeds using a message queuing protocol. “Originally designed for CSIRTs and later adopted by SOCs,

React to this headline:

Loading spinner

IntelMQ: Open-source tool for collecting and processing security feeds Read More »

NetBird: Open-source network security

Don't miss, GitHub, News, open source, software /

NetBird: Open-source network security 2025-03-12 at 08:03 By Help Net Security NetBird is an open-source solution that integrates a configuration-free peer-to-peer private network with centralized access control, providing a single platform to build secure private networks for your organization or home. NetBird features NetBird creates a WireGuard-based overlay network that automatically connects your machines over

React to this headline:

Loading spinner

NetBird: Open-source network security Read More »

Hetty: Open-source HTTP toolkit for security research

Don't miss, GitHub, News, open source, penetration testing, software /

Hetty: Open-source HTTP toolkit for security research 2025-03-10 at 08:17 By Help Net Security Hetty is an open-source HTTP toolkit designed for security research, offering a free alternative to commercial tools like Burp Suite Pro. Built with the needs of penetration testers, security professionals, and bug bounty hunters in mind, Hetty provides a set of

React to this headline:

Loading spinner

Hetty: Open-source HTTP toolkit for security research Read More »

Scroll to Top