GitHub

Ghidra 11.3 released: New features, performance improvements, bug fixes

Don't miss, GitHub, News, NSA, open source, software /

Ghidra 11.3 released: New features, performance improvements, bug fixes 2025-02-07 at 07:53 By Help Net Security NSA’s Research Directorate released version 11.3 of Ghidra, an open-source software reverse engineering (SRE) framework. It offers advanced analysis tools, enabling users to dissect and examine compiled code across multiple platforms, including Windows, macOS, and Linux. Ghidra 11.3 is […]

React to this headline:

Loading spinner

Ghidra 11.3 released: New features, performance improvements, bug fixes Read More »

OpenNHP: Cryptography-driven zero trust protocol

Don't miss, Encryption, GitHub, News, open source, software, zero trust /

OpenNHP: Cryptography-driven zero trust protocol 2025-02-05 at 07:01 By Mirko Zorz OpenNHP is the open-source implementation of NHP (Network-resource Hiding Protocol), a cryptography-based zero trust protocol for safeguarding servers and data. OpenNHP offers the following benefits: Reduces attack surface by hiding infrastructure Prevents unauthorized network reconnaissance Mitigates vulnerability exploitation Stops phishing via encrypted DNS Protects

React to this headline:

Loading spinner

OpenNHP: Cryptography-driven zero trust protocol Read More »

BadDNS: Open-source tool checks for subdomain takeovers

Don't miss, GitHub, News, open source, penetration testing, scanning, software /

BadDNS: Open-source tool checks for subdomain takeovers 2025-02-03 at 07:03 By Mirko Zorz BadDNS is an open-source Python DNS auditing tool designed to detect domain and subdomain takeovers of all types. BadDNS modules cname – Check for dangling CNAME records and interrogate them for subdomain takeover opportunities ns – Check for dangling NS records and

React to this headline:

Loading spinner

BadDNS: Open-source tool checks for subdomain takeovers Read More »

ExtensionHound: Open-source tool for Chrome extension DNS forensics

Chrome, computer forensics, DNS, Don't miss, GitHub, News, open source, software /

ExtensionHound: Open-source tool for Chrome extension DNS forensics 2025-01-30 at 07:03 By Mirko Zorz Traditional monitoring tools reveal only traffic from the Chrome process, leaving security teams uncertain about which extension is responsible for a suspicious DNS query. ExtensionHound solves this by analyzing Chrome’s internal network state and linking DNS activity to specific extensions. ExtensionHound

React to this headline:

Loading spinner

ExtensionHound: Open-source tool for Chrome extension DNS forensics Read More »

BloodyAD: Open-source Active Directory privilege escalation framework

Active Directory, Don't miss, GitHub, News, open source, software /

BloodyAD: Open-source Active Directory privilege escalation framework 2025-01-28 at 07:00 By Mirko Zorz BloodyAD is an open-source Active Directory privilege escalation framework that uses specialized LDAP calls to interact with domain controllers. It enables various privilege escalation techniques within Active Directory environments. Features “I created this tool because I do a lot of internal testing

React to this headline:

Loading spinner

BloodyAD: Open-source Active Directory privilege escalation framework Read More »

Don’t let these open-source cybersecurity tools slip under your radar

Android, cybersecurity, Don't miss, GitHub, Hot stuff, Linux, macOS, News, open source, software, Windows /

Don’t let these open-source cybersecurity tools slip under your radar 2025-01-27 at 07:07 By Help Net Security This article showcases free, open-source cybersecurity tools that help you identify and address vulnerabilities, detect intrusion, protect websites from cyber attacks, monitor and detect suspicious activities across your network. Am I Isolated: Open-source container security benchmark Am I

React to this headline:

Loading spinner

Don’t let these open-source cybersecurity tools slip under your radar Read More »

GUI frontends for GnuPG, the free implementation of the OpenPGP standard

Don't miss, Encryption, GitHub, Linux, News, open source, software /

GUI frontends for GnuPG, the free implementation of the OpenPGP standard 2025-01-24 at 07:20 By Help Net Security GnuPG is a free and comprehensive implementation of the OpenPGP standard. It enables encryption and signing of data and communications, featuring a key management system and support for public key directories. While primarily a command-line tool, GnuPG

React to this headline:

Loading spinner

GUI frontends for GnuPG, the free implementation of the OpenPGP standard Read More »

Web Cache Vulnerability Scanner: Open-source tool for detecting web cache poisoning

Don't miss, GitHub, News, open source, software /

Web Cache Vulnerability Scanner: Open-source tool for detecting web cache poisoning 2025-01-23 at 07:03 By Help Net Security The Web Cache Vulnerability Scanner (WCVS) is an open-source command-line tool for detecting web cache poisoning and deception. The scanner, developed by Maximilian Hildebrand, offers extensive support for various web cache poisoning and deception techniques. It features

React to this headline:

Loading spinner

Web Cache Vulnerability Scanner: Open-source tool for detecting web cache poisoning Read More »

MSSqlPwner: Open-source tool for pentesting MSSQL servers

database security, Don't miss, GitHub, News, open source, penetration testing, software /

MSSqlPwner: Open-source tool for pentesting MSSQL servers 2025-01-17 at 07:48 By Help Net Security MSSqlPwner is an open-source pentesting tool tailored to interact with and exploit MSSQL servers. Built on Impacket, it enables users to authenticate with databases using various credentials, including clear-text passwords, NTLM hashes, and Kerberos tickets. The tool offers multiple methods for

React to this headline:

Loading spinner

MSSqlPwner: Open-source tool for pentesting MSSQL servers Read More »

Contextal Platform: Open-source threat detection and intelligence

Don't miss, GitHub, Hot stuff, News, open source, software /

Contextal Platform: Open-source threat detection and intelligence 2025-01-15 at 07:34 By Mirko Zorz Contextal Platform is an open-source cybersecurity solution for contextual threat detection and intelligence. Developed by the original authors of ClamAV, it offers advanced features such as contextual threat analysis, custom detection scenarios through the ContexQL language, and AI-powered data processing—all operating locally

React to this headline:

Loading spinner

Contextal Platform: Open-source threat detection and intelligence Read More »

GitHub CISO on security strategy and collaborating with the open-source community

CISO, cybersecurity, Don't miss, Features, GitHub, Hot stuff, News, open source, opinion, software development, strategy, tips /

GitHub CISO on security strategy and collaborating with the open-source community 2025-01-13 at 07:06 By Mirko Zorz In this Help Net Security, Alexis Wales, CISO at GitHub, discusses how GitHub embeds security into every aspect of its platform to protect millions of developers and repositories, ensuring it remains a trustworthy platform for building secure software.

React to this headline:

Loading spinner

GitHub CISO on security strategy and collaborating with the open-source community Read More »

Chainsaw: Open-source tool for hunting through Windows forensic artefacts

Don't miss, GitHub, News, open source, software, Windows, WithSecure /

Chainsaw: Open-source tool for hunting through Windows forensic artefacts 2025-01-13 at 06:34 By Help Net Security Chainsaw is an open-source first-response tool for quickly detecting threats in Windows forensic artefacts, including Event Logs and the MFT file. It enables fast keyword searches through event logs and identifies threats using built-in Sigma detection and custom detection

React to this headline:

Loading spinner

Chainsaw: Open-source tool for hunting through Windows forensic artefacts Read More »

Sara: Open-source RouterOS security inspector

Don't miss, GitHub, hardware, mikrotik, News, open source, router, software /

Sara: Open-source RouterOS security inspector 2025-01-09 at 07:03 By Mirko Zorz Sara is an open-source tool designed to analyze RouterOS configurations and identify security vulnerabilities on MikroTik hardware. Sara’s main feature is using regular expressions as the primary analysis mechanism. This allows you to quickly and accurately process RouterOS configuration text files, making the tool

React to this headline:

Loading spinner

Sara: Open-source RouterOS security inspector Read More »

Cyberbro: Open-source tool extracts IoCs and checks their reputation

GitHub, News, open source, software /

Cyberbro: Open-source tool extracts IoCs and checks their reputation 2025-01-07 at 07:03 By Help Net Security Cyberbro is an open-source application that extracts IoCs from garbage input and checks their reputation using multiple services. Cyberbro features Input handling: Paste raw logs, IoCs, or fanged IoCs, and let the regex parser do the rest. Multi-service reputation

React to this headline:

Loading spinner

Cyberbro: Open-source tool extracts IoCs and checks their reputation Read More »

Kata Containers: Open-source container runtime, building lightweight VMs

containers, Don't miss, GitHub, Hot stuff, News, open source, software, virtualization /

Kata Containers: Open-source container runtime, building lightweight VMs 2025-01-02 at 07:04 By Mirko Zorz Kata Containers is an open-source project dedicated to creating a secure container runtime that combines the performance and simplicity of containers with the enhanced isolation of lightweight virtual machines. By leveraging hardware virtualization technology, it adds an extra layer of defense

React to this headline:

Loading spinner

Kata Containers: Open-source container runtime, building lightweight VMs Read More »

Hottest cybersecurity open-source tools of the month: December 2024

cybersecurity, Don't miss, GitHub, News, open source, software /

Hottest cybersecurity open-source tools of the month: December 2024 2024-12-31 at 06:03 By Help Net Security This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. SafeLine: Open-source web application firewall (WAF) SafeLine is an open-source and self-hosted Web Application Firewall (WAF) that protects websites from cyber

React to this headline:

Loading spinner

Hottest cybersecurity open-source tools of the month: December 2024 Read More »

reconFTW: Open-source reconnaissance automation

cybersecurity, Don't miss, GitHub, News, open source, reconnaissance, software /

reconFTW: Open-source reconnaissance automation 2024-12-30 at 07:05 By Help Net Security reconFTW is an open-source tool that simplifies and automates the reconnaissance process, delivering subdomain enumeration, vulnerability assessment, and gathering intelligence about a target. Using various techniques — such as passive and brute-force methods, permutations, certificate transparency analysis, source code scraping, analytics tracking, and DNS

React to this headline:

Loading spinner

reconFTW: Open-source reconnaissance automation Read More »

Evilginx: Open-source man-in-the-middle attack framework

Don't miss, GitHub, Hot stuff, News, open source, penetration testing, software /

Evilginx: Open-source man-in-the-middle attack framework 2024-12-23 at 07:37 By Mirko Zorz Evilginx is an open-source man-in-the-middle attack framework designed to phish login credentials and session cookies, enabling attackers to bypass 2FA safeguards. “Back in 2017, I was experimenting with extracting cookies from one browser and importing them into another. I realized this technique could effectively

React to this headline:

Loading spinner

Evilginx: Open-source man-in-the-middle attack framework Read More »

Vanir: Open-source security patch validation for Android

Android, Don't miss, GitHub, Google, Hot stuff, News, open source, patch, software /

Vanir: Open-source security patch validation for Android 2024-12-18 at 06:34 By Help Net Security Google’s open-source tool Vanir enables Android developers to quickly scan custom platform code for missing or applicable security patches. By automating patch validation, Vanir helps OEMs deliver critical security updates faster, enhancing the security of the Android ecosystem. Vanir uses source-code-based

React to this headline:

Loading spinner

Vanir: Open-source security patch validation for Android Read More »

MUT-1244 targeting security researchers, red teamers, and threat actors

Checkmarx, cryptojacking, data theft, Datadog, Don't miss, GitHub, Hot stuff, News, phishing, WordPress /

MUT-1244 targeting security researchers, red teamers, and threat actors 2024-12-16 at 17:33 By Zeljka Zorz A threat actor tracked as MUT-1244 by DataDog researchers has been targeting academics, pentesters, red teamers, security researchers, as well as other threat actors, in order to steal AWS access keys, WordPress account credentials and other sensitive data. MUT-1244 has

React to this headline:

Loading spinner

MUT-1244 targeting security researchers, red teamers, and threat actors Read More »

Scroll to Top