Arkime: Open-source network analysis and packet capture system 2025-09-15 at 08:47 By Help Net Security Arkime is an open-source system for large-scale network analysis and packet capture. It works with your existing security tools to store and index network traffic in standard PCAP format, making it easy to search and access. The solution includes a […]
Arkime: Open-source network analysis and packet capture system Read More »
Garak: Open-source LLM vulnerability scanner 2025-09-10 at 09:00 By Help Net Security LLMs can make mistakes, leak data, or be tricked into doing things they were not meant to do. Garak is a free, open-source tool designed to test these weaknesses. It checks for problems like hallucinations, prompt injections, jailbreaks, and toxic outputs. By running
Garak: Open-source LLM vulnerability scanner Read More »
Fake npm 2FA reset email led to compromise of popular code packages 2025-09-09 at 16:51 By Zeljka Zorz Malicious versions of at least 18 widely used npm packages were uploaded to the npm Registry on Monday, following the compromise of their maintainer’s account. “The packages were updated to contain a piece of code that would
Fake npm 2FA reset email led to compromise of popular code packages Read More »
GitHub Workflows Attack Affects Hundreds of Repos, Thousands of Secrets 2025-09-08 at 16:20 By Eduard Kovacs A supply chain attack called GhostAction has enabled threat actors to steal secrets and exploit them. The post GitHub Workflows Attack Affects Hundreds of Repos, Thousands of Secrets appeared first on SecurityWeek. This article is an excerpt from SecurityWeek
GitHub Workflows Attack Affects Hundreds of Repos, Thousands of Secrets Read More »
Over 6,700 Private Repositories Made Public in Nx Supply Chain Attack 2025-09-08 at 13:46 By Ionut Arghire The private repositories of hundreds of organizations were published publicly in the second phase of the Nx supply chain attack. The post Over 6,700 Private Repositories Made Public in Nx Supply Chain Attack appeared first on SecurityWeek. This
Over 6,700 Private Repositories Made Public in Nx Supply Chain Attack Read More »
InterceptSuite: Open-source network traffic interception tool 2025-09-08 at 08:34 By Mirko Zorz InterceptSuite is an open-source, cross-platform network traffic interception tool designed for TLS/SSL inspection, analysis, and manipulation at the network level. “InterceptSuite is designed primarily for non-HTTP protocols, although it does support HTTP/1 and HTTP/2. It offers support for databases, SMTP, and custom protocols,
InterceptSuite: Open-source network traffic interception tool Read More »
BruteForceAI: Free AI-powered login brute force tool 2025-09-03 at 09:31 By Help Net Security BruteForceAI is a penetration testing tool that uses LLMs to improve the way brute-force attacks are carried out. Instead of relying on manual setup, the tool can analyze HTML content, detect login form selectors, and prepare the attack process automatically. It
BruteForceAI: Free AI-powered login brute force tool Read More »
Hottest cybersecurity open-source tools of the month: August 2025 2025-08-27 at 08:02 By Sinisa Markovic This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Buttercup: Open-source AI-driven system detects and patches vulnerabilities Buttercup is a free, automated, AI-powered platform that finds and fixes vulnerabilities in open-source
Hottest cybersecurity open-source tools of the month: August 2025 Read More »
Kopia: Open-source encrypted backup tool for Windows, macOS, Linux 2025-08-25 at 08:21 By Help Net Security Kopia is an open-source backup and restore tool that lets you create encrypted snapshots of your files and store them in cloud storage, on a remote server, on network-attached storage, or on your own computer. It doesn’t create a
Kopia: Open-source encrypted backup tool for Windows, macOS, Linux Read More »
LudusHound: Open-source tool brings BloodHound data to life 2025-08-20 at 08:31 By Mirko Zorz LudusHound is an open-source tool that takes BloodHound data and uses it to set up a working Ludus Range for safe testing. It creates a copy of an Active Directory environment using previously gathered BloodHound data. Red teams can use this
LudusHound: Open-source tool brings BloodHound data to life Read More »
Buttercup: Open-source AI-driven system detects and patches vulnerabilities 2025-08-18 at 09:42 By Help Net Security Buttercup is a free, automated, AI-powered platform that finds and fixes vulnerabilities in open-source software. Developed by Trail of Bits, it recently earned second place in DARPA’s AI Cyber Challenge (AIxCC). Main components Buttercup is made up of four main
Buttercup: Open-source AI-driven system detects and patches vulnerabilities Read More »
Obot MCP Gateway: Open-source platform to securely manage the adoption of MCP servers 2025-08-15 at 08:34 By Help Net Security Obot MCP Gateway is a free, open-source gateway that enables IT organizations to securely manage and scale adoption of Model Context Protocol (MCP) servers. MCPs are becoming the standard for how AI agents interface with
Obot MCP Gateway: Open-source platform to securely manage the adoption of MCP servers Read More »
EntraGoat: Vulnerable Microsoft Entra ID infrastructure to simulate identity security misconfigurations 2025-08-12 at 08:01 By Help Net Security EntraGoat is a purpose-built tool that sets up a vulnerable Microsoft Entra ID environment to mimic real-world identity security issues. It’s designed to help security professionals practice spotting and exploiting common misconfigurations. The tool creates a range
Concentric AI enhances data security with new platform integrations 2025-08-06 at 09:44 By Industry News Concentric AI announced new integrations that enhance the AI-driven capabilities of its Semantic Intelligence data security governance platform, expanding data governance functionality for organizations. Concentric AI’s new integration with Wiz, gives Wiz customers unique contextual insights into their cloud data
Concentric AI enhances data security with new platform integrations Read More »
BloodHound 8.0 debuts with major upgrades in attack path management 2025-08-05 at 10:11 By Help Net Security SpecterOps has released BloodHound 8.0, the latest iteration of its open-source attack path management platform, featuring major enhancements and expanded capabilities. BloodHound OpenGraph The release introduces BloodHound OpenGraph, a major advancement in identity attack path management that uncovers
BloodHound 8.0 debuts with major upgrades in attack path management Read More »
Open-source password recovery utility Hashcat 7.0.0 released 2025-08-04 at 08:10 By Anamarija Pogorelec Hashcat is an open-source password recovery tool that supports five attack modes and more than 300 highly optimized hashing algorithms. It runs on CPUs, GPUs, and other hardware accelerators across Linux, Windows, and macOS, and includes features for distributed password cracking at
Open-source password recovery utility Hashcat 7.0.0 released Read More »
Artemis: Open-source modular vulnerability scanner 2025-07-30 at 09:00 By Mirko Zorz Artemis is an open-source modular vulnerability scanner that checks different aspects of a website’s security and translates the results into easy-to-understand messages that can be shared with the organizations being scanned. “The most important feature of the tool is report generation. Besides scanning, it
Artemis: Open-source modular vulnerability scanner Read More »
Vulnhuntr: Open-source tool to identify remotely exploitable vulnerabilities 2025-07-28 at 08:13 By Mirko Zorz Vulnhuntr is an open-source tool that finds remotely exploitable vulnerabilities. It uses LLMs and static code analysis to trace how data moves through an application, from user input to server output. This helps it spot complex, multi-step vulnerabilities that traditional tools
Vulnhuntr: Open-source tool to identify remotely exploitable vulnerabilities Read More »
Autoswagger: Open-source tool to expose hidden API authorization flaws 2025-07-24 at 11:57 By Help Net Security Autoswagger is a free, open-source tool that scans OpenAPI-documented APIs for broken authorization vulnerabilities. These flaws are still common, even at large enterprises with mature security teams, and are especially dangerous because they can be exploited with little technical
Autoswagger: Open-source tool to expose hidden API authorization flaws Read More »
Cervantes: Open-source, collaborative platform for pentesters and red teams 2025-07-23 at 08:31 By Mirko Zorz Cervantes is an open-source collaborative platform built for pentesters and red teams. It offers a centralized workspace to manage projects, clients, vulnerabilities, and reports, all in one place. By streamlining data organization and team coordination, it helps reduce the time
Cervantes: Open-source, collaborative platform for pentesters and red teams Read More »