GitHub

Aranya: Open-source toolkit to accelerate secure by design concepts

Don't miss, GitHub, News, open source, software, SpiderOak /

Aranya: Open-source toolkit to accelerate secure by design concepts 2024-10-21 at 06:31 By Help Net Security SpiderOak launched its core technology platform as an open-source project called Aranya. This release provides the same level of security as the company’s platform, which is already in use by the Department of Defense. The Aranya project marks a […]

React to this headline:

Loading spinner

Aranya: Open-source toolkit to accelerate secure by design concepts Read More »

GitHub Releases Security Advisory on Critical Vulnerability in Self-Hosted Environments

GitHub, vulnerability /

GitHub Releases Security Advisory on Critical Vulnerability in Self-Hosted Environments 2024-10-17 at 14:31 By daksh sharma Overview GitHub has issued a security advisory regarding critical vulnerabilities that require immediate attention from users of the GitHub Enterprise Server (GHES). This advisory highlights a specific vulnerability that could severely compromise organizations’ security relying on this self-hosted version

React to this headline:

Loading spinner

GitHub Releases Security Advisory on Critical Vulnerability in Self-Hosted Environments Read More »

GhostStrike: Open-source tool for ethical hacking

Don't miss, GitHub, Hot stuff, News, open source, software /

GhostStrike: Open-source tool for ethical hacking 2024-10-17 at 07:31 By Mirko Zorz GhostStrike is an open-source, advanced cybersecurity tool tailored for ethical hacking and Red Team operations. It incorporates cutting-edge techniques, including process hollowing, to stealthily evade detection on Windows systems, making it an asset for penetration testing and security assessments. “I decided to develop

React to this headline:

Loading spinner

GhostStrike: Open-source tool for ethical hacking Read More »

YARA: Open-source tool for malware research

cybersecurity, Don't miss, GitHub, Hot stuff, malware analysis, News, open source, software /

YARA: Open-source tool for malware research 2024-10-09 at 08:01 By Help Net Security YARA is a powerful tool designed primarily to aid malware researchers in identifying and categorizing malware samples, though its applications are broader. The tool enables users to create detailed descriptions, or “rules,” for malware families or any other target based on textual

React to this headline:

Loading spinner

YARA: Open-source tool for malware research Read More »

Rspamd: Open-source spam filtering system

Don't miss, GitHub, Hot stuff, Linux, News, open source, software, spam, Unix /

Rspamd: Open-source spam filtering system 2024-10-07 at 07:01 By Mirko Zorz Rspamd is an open-source spam filtering and email processing framework designed to evaluate messages based on a wide range of rules, including regular expressions, statistical analysis, and integrations with custom services like URL blacklists. The system analyzes each message and assigns a verdict, which

React to this headline:

Loading spinner

Rspamd: Open-source spam filtering system Read More »

MaLDAPtive: Open-source framework for LDAP SearchFilter parsing, obfuscation, and more!

GitHub, News, open source, software /

MaLDAPtive: Open-source framework for LDAP SearchFilter parsing, obfuscation, and more! 2024-10-04 at 07:01 By Help Net Security MaLDAPtive is an open-source framework for LDAP SearchFilter parsing, obfuscation, deobfuscation, and detection. At its core, the project features a custom-built C# LDAP parser designed for tokenization and syntax tree parsing. It also incorporates specialized properties to ensure

React to this headline:

Loading spinner

MaLDAPtive: Open-source framework for LDAP SearchFilter parsing, obfuscation, and more! Read More »

SCCMSecrets: Open-source SCCM policies exploitation tool

Don't miss, GitHub, News, open source, software /

SCCMSecrets: Open-source SCCM policies exploitation tool 2024-09-30 at 07:31 By Help Net Security SCCMSecrets is an open-source tool that exploits SCCM policies, offering more than just NAA credential extraction. SCCM policies are a key target for attackers in Active Directory environments, as they can expose sensitive technical information, including account credentials. Attackers may retrieve these

React to this headline:

Loading spinner

SCCMSecrets: Open-source SCCM policies exploitation tool Read More »

Tosint: Open-source Telegram OSINT tool

Don't miss, GitHub, Hot stuff, News, open source, OSINT, software, Telegram /

Tosint: Open-source Telegram OSINT tool 2024-09-27 at 07:31 By Mirko Zorz Tosint is an open-source Telegram OSINT tool that extracts useful information from Telegram bots and channels. It’s suited for security researchers, investigators, and others who want to gather insights from Telegram sources. Several law enforcement agencies utilize Tosint to gather intelligence and monitor cybercriminal

React to this headline:

Loading spinner

Tosint: Open-source Telegram OSINT tool Read More »

NetAlertX: Open-source Wi-Fi intruder detector

cybersecurity, Don't miss, GitHub, Hot stuff, networking, News, open source, software, wireless /

NetAlertX: Open-source Wi-Fi intruder detector 2024-09-25 at 08:01 By Mirko Zorz NetAlertX is an open-source Wi-Fi/LAN intruder detection tool that scans your network for connected devices and alerts you when new or unknown devices are detected. It provides visibility into your network activity to help you monitor unauthorized access. “NetAlertX comes with a range of

React to this headline:

Loading spinner

NetAlertX: Open-source Wi-Fi intruder detector Read More »

Certainly: Open-source offensive security toolkit

Don't miss, GitHub, Hot stuff, News, open source, software /

Certainly: Open-source offensive security toolkit 2024-09-23 at 07:31 By Mirko Zorz Certainly is an open-source offensive security toolkit designed to capture extensive traffic across various network protocols in bit-flip and typosquatting scenarios. Built-in protocols: DNS, HTTP(S), IMAP(S), SMTP(S). “The reason why we created Certainly was to simplify the process of capturing and collecting requests that

React to this headline:

Loading spinner

Certainly: Open-source offensive security toolkit Read More »

CrowdSec: Open-source security solution offering crowdsourced protection

crowdsourced security, Don't miss, GitHub, Hot stuff, News, open source, software /

CrowdSec: Open-source security solution offering crowdsourced protection 2024-09-18 at 08:01 By Mirko Zorz Crowdsec is an open-source solution that offers crowdsourced protection against malicious IPs. CrowdSec features For this project, the developers have two objectives: Provide free top-quality intrusion detection and protection software. There’s community participation in creating new detection rules as new vulnerabilities are

React to this headline:

Loading spinner

CrowdSec: Open-source security solution offering crowdsourced protection Read More »

EchoStrike: Generate undetectable reverse shells, perform process injection

cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, penetration testing, red team, software, Windows /

EchoStrike: Generate undetectable reverse shells, perform process injection 2024-09-16 at 07:31 By Mirko Zorz EchoStrike is an open-source tool designed to generate undetectable reverse shells and execute process injection on Windows systems. “EchoStrike allows you to generate binaries that, when executed, create an undetectable RevShell, which can be the first entry point into a company.

React to this headline:

Loading spinner

EchoStrike: Generate undetectable reverse shells, perform process injection Read More »

DockerSpy: Search for images on Docker Hub, extract sensitive information

containers, Docker, Don't miss, GitHub, Hot stuff, News, open source, software /

DockerSpy: Search for images on Docker Hub, extract sensitive information 2024-09-11 at 07:31 By Mirko Zorz DockerSpy scans Docker Hub for images and retrieves sensitive information, including authentication secrets, private keys, and other confidential data. “DockerSpy was created to address the growing concern of sensitive data leaks within Docker images, especially those publicly available on

React to this headline:

Loading spinner

DockerSpy: Search for images on Docker Hub, extract sensitive information Read More »

33 open-source cybersecurity solutions you didn’t know you needed

cybersecurity, Don't miss, GitHub, Hot stuff, Linux, macOS, News, open source, software, Windows /

33 open-source cybersecurity solutions you didn’t know you needed 2024-09-10 at 06:31 By Help Net Security Open-source cybersecurity tools provide transparency and flexibility, allowing users to examine and customize the source code to fit specific security needs. These tools make cybersecurity accessible to a broader range of organizations and individuals. In this article, you will

React to this headline:

Loading spinner

33 open-source cybersecurity solutions you didn’t know you needed Read More »

OpenZiti: Secure, open-source networking for your applications

Don't miss, GitHub, Hot stuff, networking, News, open source, software, zero trust /

OpenZiti: Secure, open-source networking for your applications 2024-09-09 at 07:33 By Mirko Zorz OpenZiti is a free, open-source project that embeds zero-trust networking principles directly into applications. Example of an OpenZiti overlay network OpenZiti features “We created OpenZiti to transform how people think about connectivity. While OpenZiti is a zero-trust networking platform, you can also

React to this headline:

Loading spinner

OpenZiti: Secure, open-source networking for your applications Read More »

OpenBAS: Open-source breach and attack simulation platform

Don't miss, Filigran, GitHub, Hot stuff, News, open source, software /

OpenBAS: Open-source breach and attack simulation platform 2024-09-04 at 07:02 By Mirko Zorz OpenBAS is an open-source platform that enables organizations to plan, schedule, and execute crisis exercises, adversary simulations, and breach simulations. Compliant with ISO 22398 standards, OpenBAS is built as a modern web application featuring a user-centric interface and a RESTful API. The

React to this headline:

Loading spinner

OpenBAS: Open-source breach and attack simulation platform Read More »

Damn Vulnerable UEFI: Simulate real-world firmware attacks

Don't miss, firmware, GitHub, Hot stuff, News, open source, software /

Damn Vulnerable UEFI: Simulate real-world firmware attacks 2024-09-02 at 07:31 By Help Net Security Damn Vulnerable UEFI (DVUEFI) is an open-source exploitation toolkit and learning platform for unveiling and fixing UEFI firmware vulnerabilities. Simulate real-world firmware attacks DVUEFI was created to assist ethical hackers, security researchers, and firmware enthusiasts in beginning their journey into UEFI

React to this headline:

Loading spinner

Damn Vulnerable UEFI: Simulate real-world firmware attacks Read More »

Sinon: Open-source automatic generative burn-in for Windows deception hosts

Don't miss, GitHub, Hot stuff, News, open source, software /

Sinon: Open-source automatic generative burn-in for Windows deception hosts 2024-08-30 at 07:01 By Mirko Zorz Sinon is an open-source, modular tool for the automatic burn-in of Windows-based deception hosts. It aims to reduce the difficulty of orchestrating deception hosts at scale while enabling diversity and randomness through generative capabilities. Sinon is designed to automate the

React to this headline:

Loading spinner

Sinon: Open-source automatic generative burn-in for Windows deception hosts Read More »

Nuclei: Open-source vulnerability scanner

Don't miss, GitHub, Hot stuff, News, open source, penetration testing, scanning, software, vulnerability assessment /

Nuclei: Open-source vulnerability scanner 2024-08-26 at 06:31 By Help Net Security Nuclei is a fast and customizable open-source vulnerability scanner powered by YAML-based templates. With its flexible templating system, Nuclei can be adapted to perform various security checks. It can send requests to multiple targets using customizable templates, ensuring zero false positives and enabling rapid

React to this headline:

Loading spinner

Nuclei: Open-source vulnerability scanner Read More »

Critical GitHub Enterprise Server auth bypass flaw fixed (CVE-2024-6800)

CVE, Don't miss, enterprise, GitHub, Hot stuff, News, security update, software development, vulnerability /

Critical GitHub Enterprise Server auth bypass flaw fixed (CVE-2024-6800) 2024-08-22 at 15:31 By Zeljka Zorz A critical vulnerability (CVE-2024-6800) affecting all currently supported versions of GitHub Enterprise Server (GHES) may allow attackers to gain unrestricted access to the instance’s contents. The issue, reported via the GitHub Bug Bounty program, has been addressed and administrators are

React to this headline:

Loading spinner

Critical GitHub Enterprise Server auth bypass flaw fixed (CVE-2024-6800) Read More »

Scroll to Top