GitHub

RansomLord: Open-source anti-ransomware exploit tool

cybercrime, Don't miss, GitHub, Hot stuff, News, open source, Ransomware, software /

RansomLord: Open-source anti-ransomware exploit tool 2024-05-29 at 07:01 By Mirko Zorz RansomLord is an open-source tool that automates the creation of PE files, which are used to exploit ransomware pre-encryption. “I created RansomLord to demonstrate ransomware is not invincible, has vulnerabilities and its developers make mistakes and can write bad code just like everyone else,” […]

React to this headline:

Loading spinner

RansomLord: Open-source anti-ransomware exploit tool Read More »

Chronon: Open-source data platform for AI/ML applications

Airbnb, Don't miss, GitHub, Hot stuff, News, open source, software /

Chronon: Open-source data platform for AI/ML applications 2024-05-27 at 07:01 By Mirko Zorz Chronon is an open-source, end-to-end feature platform designed for machine learning (ML) teams to build, deploy, manage, and monitor data pipelines for machine learning. Chronon enables you to harness all the data within your organization, including batch tables, event streams, and services,

React to this headline:

Loading spinner

Chronon: Open-source data platform for AI/ML applications Read More »

GitHub fixes maximum severity Enterprise Server auth bypass bug (CVE-2024-4985)

Don't miss, enterprise, GitHub, Hot stuff, News, software development, vulnerability /

GitHub fixes maximum severity Enterprise Server auth bypass bug (CVE-2024-4985) 2024-05-23 at 13:16 By Zeljka Zorz A critical, 10-out-of-10 vulnerability (CVE-2024-4985) allowing unrestricted access to vulnerable GitHub Enterprise Server (GHES) instances has been fixed by Microsoft-owned GitHub. Fortunately, there is a catch that may narrow down the pool of potential victims: instances are vulnerable to

React to this headline:

Loading spinner

GitHub fixes maximum severity Enterprise Server auth bypass bug (CVE-2024-4985) Read More »

Critical Authentication Bypass Resolved in GitHub Enterprise Server

GitHub, Vulnerabilities, vulnerability /

Critical Authentication Bypass Resolved in GitHub Enterprise Server 2024-05-22 at 16:01 By Ionut Arghire Critical vulnerability in GitHub Enterprise Server allows unauthenticated attackers to obtain administrative privileges. The post Critical Authentication Bypass Resolved in GitHub Enterprise Server appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

Critical Authentication Bypass Resolved in GitHub Enterprise Server Read More »

Authelia: Open-source authentication and authorization server

authentication, cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, OpenSSF, software /

Authelia: Open-source authentication and authorization server 2024-05-22 at 07:33 By Mirko Zorz Authelia is an open-source authentication and authorization server that offers 2FA and SSO for applications through a web portal. It works alongside reverse proxies to permit, deny, or redirect requests. Authelia connects directly to the reverse proxy but never to the application backends.

React to this headline:

Loading spinner

Authelia: Open-source authentication and authorization server Read More »

Grafana: Open-source data visualization platform

cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, software /

Grafana: Open-source data visualization platform 2024-05-20 at 07:31 By Mirko Zorz Grafana is an open-source solution for querying, visualizing, alerting, and exploring metrics, logs, and traces regardless of where they are stored. Grafana provides tools to transform your time-series database (TSDB) data into meaningful graphs and visualizations. Additionally, its plugin framework lets you integrate various

React to this headline:

Loading spinner

Grafana: Open-source data visualization platform Read More »

Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002)

DevOps, Don't miss, Git, GitHub, Hot stuff, News, open source, security update, vulnerability /

Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002) 2024-05-16 at 14:16 By Zeljka Zorz New versions of Git are out, with fixes for five vulnerabilities, the most critical (CVE-2024-32002) of which can be used by attackers to remotely execute code during a “clone” operation. About Git Git is a widely-popular distributed version

React to this headline:

Loading spinner

Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002) Read More »

OWASP dep-scan: Open-source security and risk audit tool

AppThreat, Don't miss, GitHub, Hot stuff, News, open source, OWASP, risk assessment, software /

OWASP dep-scan: Open-source security and risk audit tool 2024-05-16 at 08:01 By Mirko Zorz OWASP dep-scan is an open-source security and risk assessment tool that leverages information on vulnerabilities, advisories, and licensing restrictions for project dependencies. It supports local repositories and container images as input sources, making it suitable for integration with ASPM/VM platforms and

React to this headline:

Loading spinner

OWASP dep-scan: Open-source security and risk audit tool Read More »

BLint: Open-source tool to check the security properties of your executables

Android, AppThreat, Don't miss, GitHub, Linux, mobile apps, News, open source, programming, software, Windows /

BLint: Open-source tool to check the security properties of your executables 2024-05-14 at 07:31 By Mirko Zorz BLint is a Binary Linter designed to evaluate your executables’ security properties and capabilities, utilizing LIEF for its operations. From version 2, BLint can also produce Software Bill-of-Materials (SBOM) for compatible binaries. BLint features “Several source code analysis

React to this headline:

Loading spinner

BLint: Open-source tool to check the security properties of your executables Read More »

Pktstat: Open-source ethernet interface traffic monitor

GitHub, Linux, networking, News, open source, software /

Pktstat: Open-source ethernet interface traffic monitor 2024-05-08 at 07:01 By Mirko Zorz Pktstat is an open-source tool that is a straightforward alternative to ncurses-based Pktstat. On Linux, it utilizes AF_PACKET, while on other platforms, it employs generic PCAP live wire capture. Pktstat is a versatile tool that doesn’t rely on advanced or recent Linux kernel

React to this headline:

Loading spinner

Pktstat: Open-source ethernet interface traffic monitor Read More »

reNgine: Open-source automated reconnaissance framework for web applications

automation, Don't miss, GitHub, Hot stuff, News, open source, penetration testing, reconnaissance, software /

reNgine: Open-source automated reconnaissance framework for web applications 2024-05-02 at 07:31 By Mirko Zorz reNgine is an open-source automated reconnaissance framework for web applications that focuses on a highly configurable and streamlined recon process. Developing reNgine reNgine was developed to overcome the constraints of conventional reconnaissance tools. It is a good choice for bug bounty

React to this headline:

Loading spinner

reNgine: Open-source automated reconnaissance framework for web applications Read More »

MicroStrategy to launch Bitcoin-based decentralized ID solution

Bitcoin For Coporations Conference, Digital Signatures, GitHub, Michael Saylor, Microstrategy, MicroStrategy Orange, Orange For Outlook, private key, Public Key /

MicroStrategy to launch Bitcoin-based decentralized ID solution 2024-05-02 at 06:02 By Cointelegraph by Brayden Lindrea MicroStrategy has already built an application on “MicroStrategy Orange” — Orange For Outlook — which integrates digital signatures into emails to verify the identity of the sender. This article is an excerpt from Cointelegraph.com News View Original Source React to

React to this headline:

Loading spinner

MicroStrategy to launch Bitcoin-based decentralized ID solution Read More »

Tracecat: Open-source SOAR

automation, cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, SOAR, software /

Tracecat: Open-source SOAR 2024-04-30 at 07:31 By Mirko Zorz Tracecat is an open-source automation platform for security teams. The developers believe security automation should be accessible to everyone, especially understaffed small- to mid-sized teams. Core features, user interfaces, and day-to-day workflows are based on existing best practices from best-in-class security teams. Use specialized AI models

React to this headline:

Loading spinner

Tracecat: Open-source SOAR Read More »

Prompt Fuzzer: Open-source tool for strengthening GenAI apps

Artificial Intelligence, Don't miss, generative AI, GitHub, Hot stuff, News, open source, software /

Prompt Fuzzer: Open-source tool for strengthening GenAI apps 2024-04-29 at 08:01 By Mirko Zorz Prompt Fuzzer is an open-source tool that evaluates the security of your GenAI application’s system prompt against dynamic LLM-based threats. Prompt Fuzzer features Simulation of over a dozen types of GenAI attacks The tool contextualizes itself automatically based on the system

React to this headline:

Loading spinner

Prompt Fuzzer: Open-source tool for strengthening GenAI apps Read More »

LSA Whisperer: Open-source tools for interacting with authentication packages

cybersecurity, GitHub, Microsoft, News, open source, red team, software /

LSA Whisperer: Open-source tools for interacting with authentication packages 2024-04-26 at 07:32 By Mirko Zorz LSA Whisperer consists of open-source tools designed to interact with authentication packages through their unique messaging protocols. Support is currently provided for the cloudap, kerberos, msv1_0, negotiate, pku2u, schannel packages and cloudap’s AzureAD plugin. Partial or unstable support is provided

React to this headline:

Loading spinner

LSA Whisperer: Open-source tools for interacting with authentication packages Read More »

Cloud Console Cartographer: Open-source tool helps security teams transcribe log activity

AWS, cloud security, Don't miss, GitHub, Hot stuff, News, Permiso, software /

Cloud Console Cartographer: Open-source tool helps security teams transcribe log activity 2024-04-22 at 07:32 By Mirko Zorz Cloud Console Cartographer is an open-source tool that maps noisy log activity into highly consolidated, succinct events to help security practitioners cut through the noise and understand console behavior in their environment. “Infrastructure as code has replaced a

React to this headline:

Loading spinner

Cloud Console Cartographer: Open-source tool helps security teams transcribe log activity Read More »

Protobom: Open-source software supply chain tool

CISA, DHS, Don't miss, GitHub, News, open source, OpenSSF, software /

Protobom: Open-source software supply chain tool 2024-04-19 at 07:31 By Mirko Zorz Protobom is an open-source software supply chain tool that enables all organizations, including system administrators and software development communities, to read and generate Software Bill of Materials (SBOMs), file data, and translate this data across standard industry SBOM formats. “he Protobom project was

React to this headline:

Loading spinner

Protobom: Open-source software supply chain tool Read More »

Damn Vulnerable RESTaurant: Open-source API service designed for learning

API security, cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, penetration testing, skill development /

Damn Vulnerable RESTaurant: Open-source API service designed for learning 2024-04-17 at 07:01 By Mirko Zorz Damn Vulnerable RESTaurant is an open-source project that allows developers to learn to identify and fix security vulnerabilities in their code through an interactive game. “I wanted to create a generic playground for ethical hackers, developers, and security engineers where

React to this headline:

Loading spinner

Damn Vulnerable RESTaurant: Open-source API service designed for learning Read More »

5 free red teaming resources to get you started

cybersecurity, Don't miss, GitHub, Hot stuff, how-to, News, red team, strategy, tips /

5 free red teaming resources to get you started 2024-04-16 at 07:32 By Help Net Security Red teaming is evaluating the effectiveness of your cybersecurity by eliminating defender bias and adopting an adversarial perspective within your organization. Tactics may include anything from social engineering to physical security breaches to simulate a real-world advanced persistent threat.

React to this headline:

Loading spinner

5 free red teaming resources to get you started Read More »

Zarf: Open-source continuous software delivery on disconnected networks

DevSecOps, Don't miss, GitHub, News, open source, software /

Zarf: Open-source continuous software delivery on disconnected networks 2024-04-15 at 06:32 By Help Net Security Zarf is a free, open-source tool that enables continuous software delivery on disconnected networks. It currently offers fully automated support for K3s, K3d, and Kind and is also compatible with EKS, AKS, GKE, RKE2, and many other distro services. The

React to this headline:

Loading spinner

Zarf: Open-source continuous software delivery on disconnected networks Read More »

Scroll to Top