GitHub

DriveFS Sleuth: Open-source tool for investigating Google Drive File Stream’s disk forensic artifacts

cloud security, computer forensics, Don't miss, GitHub, Google Drive, News, open source, software /

DriveFS Sleuth: Open-source tool for investigating Google Drive File Stream’s disk forensic artifacts 2024-01-04 at 07:31 By Mirko Zorz DriveFS Sleuth automates the investigation of Google Drive File Stream disk artifacts. The tool can parse the disk artifacts and build a filesystem tree-like structure enumerating the synchronized files along with their respective properties. “While engaged […]

React to this headline:

Loading spinner

DriveFS Sleuth: Open-source tool for investigating Google Drive File Stream’s disk forensic artifacts Read More »

15 open-source cybersecurity tools you’ll wish you’d known earlier

ARMO, CISA, Don't miss, Elastic, GitHub, Google, Mirantis, News, open source, Oryxlabs, report, SpecterOps, survey /

15 open-source cybersecurity tools you’ll wish you’d known earlier 2024-01-04 at 07:01 By Help Net Security Open-source tools represent a dynamic force in the technological landscape, embodying innovation, collaboration, and accessibility. These tools, developed with transparency and community-driven principles, empower users with the freedom to scrutinize, modify, and adapt solutions according to their unique needs.

React to this headline:

Loading spinner

15 open-source cybersecurity tools you’ll wish you’d known earlier Read More »

Subdominator: Open-source tool for detecting subdomain takeovers

cybersecurity, Don't miss, GitHub, News, open source, software, Stratus /

Subdominator: Open-source tool for detecting subdomain takeovers 20/12/2023 at 07:01 By Mirko Zorz Subdominator is a dependable and fast open-source command-line interface tool to identify subdomain takeovers. It boasts superior accuracy and reliability, offering improvements compared to other tools. “Initially, Subdominator was created internally because all the current subdomain takeover tools had gaps in their

React to this headline:

Loading spinner

Subdominator: Open-source tool for detecting subdomain takeovers Read More »

EMBA: Open-source security analyzer for embedded devices

cybersecurity, Don't miss, embedded systems, GitHub, News, open source, penetration testing, software /

EMBA: Open-source security analyzer for embedded devices 19/12/2023 at 08:02 By Mirko Zorz The EMBA open-source security analyzer is tailored as the central firmware analysis tool for penetration testers and product security groups. It assists throughout the security evaluation procedure, extracting firmware, conducting static and dynamic analysis through emulation, and creating a web-based report. EMBA

React to this headline:

Loading spinner

EMBA: Open-source security analyzer for embedded devices Read More »

Microsoft ICSpector: A leap forward in industrial PLC metadata analysis

GitHub, Microsoft, News, open source, software /

Microsoft ICSpector: A leap forward in industrial PLC metadata analysis 14/12/2023 at 07:33 By Help Net Security Microsoft ICSpector is an open-source forensics framework that enables the analysis of industrial PLC metadata and project files. Architecture The framework provides investigators with a convenient way to scan for PLCs and identify any suspicious artifacts within ICS

React to this headline:

Loading spinner

Microsoft ICSpector: A leap forward in industrial PLC metadata analysis Read More »

ThreatNG open-source datasets aim to improve cybersecurity practices

GitHub, News, open source, ThreatNG /

ThreatNG open-source datasets aim to improve cybersecurity practices 13/12/2023 at 07:32 By Mirko Zorz The ThreatNG Governance and Compliance Dataset is an open-source initiative that aims to democratize access to critical data, fostering transparency, collaboration, and improvement of cybersecurity practices globally. Datasets for organizational insight The open-source datasets offered by ThreatNG provide an understanding of

React to this headline:

Loading spinner

ThreatNG open-source datasets aim to improve cybersecurity practices Read More »

Nemesis: Open-source offensive data enrichment and analytic pipeline

cybersecurity, data, Don't miss, GitHub, Hot stuff, News, open source, scanning, software, SpecterOps /

Nemesis: Open-source offensive data enrichment and analytic pipeline 12/12/2023 at 07:32 By Mirko Zorz Nemesis is a centralized data processing platform that ingests, enriches, and performs analytics on offensive security assessment data (i.e., data collected during penetration tests and red team engagements).​​ Nemesis was created by Lee Chagolla-Christensen and Will Schroeder, both security researchers at

React to this headline:

Loading spinner

Nemesis: Open-source offensive data enrichment and analytic pipeline Read More »

Kubescape open-source project adds Vulnerability Exploitability eXchange (VEX) support

ARMO, GitHub, Industry news, open source, scanning, vulnerability management /

Kubescape open-source project adds Vulnerability Exploitability eXchange (VEX) support 11/12/2023 at 11:02 By Help Net Security With its innovative feature for generating reliable Vulnerability Exploitability eXchange (VEX) documents, Kubescape became the first open-source project to provide this functionality. This advancement offers security practitioners a powerful tool to effectively prioritize and address software vulnerabilities. What is

React to this headline:

Loading spinner

Kubescape open-source project adds Vulnerability Exploitability eXchange (VEX) support Read More »

OpenTofu: Open-source alternative to Terraform

GitHub, News, open source, The Linux Foundation /

OpenTofu: Open-source alternative to Terraform 07/12/2023 at 07:32 By Help Net Security OpenTofu is an open-source alternative to Terraform’s widely used Infrastructure as Code provisioning tool. Previously named OpenTF, OpenTofu is an open and community-driven response to Terraform’s recently announced license change from a Mozilla Public License v2.0 (MPLv2) to a Business Source License v1.1,

React to this headline:

Loading spinner

OpenTofu: Open-source alternative to Terraform Read More »

5 open-source tools for pentesting Kubernetes you should check out

Don't miss, GitHub, Hot stuff, Kubernetes, News, open source, penetration testing, software /

5 open-source tools for pentesting Kubernetes you should check out 06/12/2023 at 08:02 By Help Net Security Kubernetes, often called K8s, is an open-source platform designed to automate the deployment, scaling, and operations of containerized applications. Kubernetes has become a critical part of the infrastructure for many organizations. However, with its widespread adoption, Kubernetes environments

React to this headline:

Loading spinner

5 open-source tools for pentesting Kubernetes you should check out Read More »

SessionProbe: Open-source multi-threaded pentesting tool

Don't miss, GitHub, Hot stuff, News, open source, penetration testing, software /

SessionProbe: Open-source multi-threaded pentesting tool 05/12/2023 at 09:03 By Mirko Zorz SessionProbe is a multi-threaded pentesting tool designed to evaluate user privileges in web applications. It takes a user’s session token and checks for a list of URLs if access is possible, highlighting potential authorization issues. It deduplicates URL lists and provides real-time logging and

React to this headline:

Loading spinner

SessionProbe: Open-source multi-threaded pentesting tool Read More »

New infosec products of the week: December 1, 2023

Amazon, Datadog, Entrust, Fortanix, GitHub, News, Nitrokey, Paladin Cloud /

New infosec products of the week: December 1, 2023 01/12/2023 at 08:47 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from Amazon, Datadog, Entrust, Fortanix, GitHub, Nitrokey, and Paladin Cloud. Amazon One Enterprise palm-based identity service improves security of physical spaces, digital assets Amazon One

React to this headline:

Loading spinner

New infosec products of the week: December 1, 2023 Read More »

Mosint: Open-source automated email OSINT tool

Don't miss, Email, GitHub, Hot stuff, News, open source, OSINT /

Mosint: Open-source automated email OSINT tool 30/11/2023 at 08:31 By Mirko Zorz Mosint is an automated email OSINT tool written in Go designed to facilitate quick and efficient investigations of target emails. It integrates multiple services, providing security researchers with rapid access to a broad range of information. “In my previous job, I actively worked

React to this headline:

Loading spinner

Mosint: Open-source automated email OSINT tool Read More »

Infosec products of the month: November 2023

Action1, Amazon, Aqua Security, ARMO, Datadog, Devo Technology, Druva, Entrust, Enzoic, Fortanix, GitHub, Illumio, Immuta, Ironscales, Kasada, Lacework, Malwarebytes, News, OneSpan, Paladin Cloud, Snappt, ThreatModeler, Varonis /

Infosec products of the month: November 2023 30/11/2023 at 06:46 By Help Net Security Here’s a look at the most interesting products from the past month, featuring releases from: Action1, Amazon, Aqua Security, ARMO, Datadog, Devo Technology, Druva, Entrust, Enzoic, Fortanix, GitHub, Illumio, Immuta, IRONSCALES, Kasada, Lacework, Malwarebytes, OneSpan, Paladin Cloud, Snappt, ThreatModeler, and Varonis.

React to this headline:

Loading spinner

Infosec products of the month: November 2023 Read More »

Vigil: Open-source LLM security scanner

Artificial Intelligence, Don't miss, GitHub, Hot stuff, News, Python, scanning /

Vigil: Open-source LLM security scanner 29/11/2023 at 07:01 By Mirko Zorz Vigil is an open-source security scanner that detects prompt injections, jailbreaks, and other potential threats to Large Language Models (LLMs). Prompt injection arises when an attacker successfully influences an LLM using specially designed inputs. This leads to the LLM unintentionally carrying out the objectives

React to this headline:

Loading spinner

Vigil: Open-source LLM security scanner Read More »

AWS Kill Switch: Open-source incident response tool

AWS, GitHub, Incident Response, News, open source, software /

AWS Kill Switch: Open-source incident response tool 27/11/2023 at 09:01 By Mirko Zorz AWS Kill Switch is an open-source incident response tool for quickly locking down AWS accounts and IAM roles during a security incident. The solution includes a Lambda function and proof of concept client. You can either adopt this client or build your

React to this headline:

Loading spinner

AWS Kill Switch: Open-source incident response tool Read More »

Open-source AV/EDR bypassing lab for training and learning

cybersecurity, GitHub, News, open source, research, skill development, software /

Open-source AV/EDR bypassing lab for training and learning 22/11/2023 at 07:31 By Mirko Zorz Best EDR Of The Market is a user-mode endpoint detection and response (EDR) project designed to serve as a testing ground for understanding and bypassing EDR’s user-mode detection methods. These techniques are mainly based on a dynamic analysis of the target

React to this headline:

Loading spinner

Open-source AV/EDR bypassing lab for training and learning Read More »

PolarDNS: Open-source DNS server tailored for security evaluations

cybersecurity, DNS, Don't miss, GitHub, News, open source, Oryxlabs, software /

PolarDNS: Open-source DNS server tailored for security evaluations 21/11/2023 at 08:36 By Mirko Zorz PolarDNS is a specialized authoritative DNS server that allows the operator to produce custom DNS responses suitable for DNS protocol testing purposes. What can you do with PolarDNS? PolarDNS can be used for testing of: DNS resolvers (server-side) DNS clients DNS

React to this headline:

Loading spinner

PolarDNS: Open-source DNS server tailored for security evaluations Read More »

HARmor: Open-source tool for sanitizing and securing HAR files

Don't miss, Frontegg, GitHub, News, open source, software /

HARmor: Open-source tool for sanitizing and securing HAR files 15/11/2023 at 10:04 By Mirko Zorz HARmor is an open-source tool that sanitizes HTTP Archive files. Easy to install and run, it enables the safe handling and sharing of HAR files. What are HAR files? HAR files are critical for support teams working to debug and

React to this headline:

Loading spinner

HARmor: Open-source tool for sanitizing and securing HAR files Read More »

10 corporate cybersecurity blogs worth your time

Akamai, AT&T Cybersecurity, AWS, Cloudflare, cybersecurity, Don't miss, Dropbox, ESET, GitHub, Google Cloud, Hot stuff, IBM, Intel, Mandiant, News, Sophos /

10 corporate cybersecurity blogs worth your time 14/11/2023 at 09:02 By Help Net Security In this article, we’ve curated a list of insightful corporate cybersecurity blogs that provide analysis and actionable advice to help you keep your company’s digital assets secure. This list is not meant to be exhaustive since thousands of companies have infosec

React to this headline:

Loading spinner

10 corporate cybersecurity blogs worth your time Read More »

Scroll to Top