open source

PRevent: Open-source tool to detect malicious code in pull requests

Apiiro, code analysis, Don't miss, GitHub, Hot stuff, Java, JavaScript, Kotlin, News, open source, PHP, programming, Python, Ruby, software development, threat detection /

PRevent: Open-source tool to detect malicious code in pull requests 2025-02-20 at 16:52 By Zeljka Zorz Apiiro security researchers have released open source tools that can help organizations detect malicious code as part of their software development lifecycle: PRevent (a scanner for pull requests), and a malicious code detection ruleset for Semgrep and Opengrep static […]

React to this headline:

Loading spinner

PRevent: Open-source tool to detect malicious code in pull requests Read More »

Kunai: Open-source threat hunting tool for Linux

Don't miss, GitHub, Linux, News, open source, software, threat hunting /

Kunai: Open-source threat hunting tool for Linux 2025-02-19 at 08:19 By Mirko Zorz Kunai is an open-source tool that provides deep and precise event monitoring for Linux environments. “What sets Kunai apart is its ability to go beyond simple event generation. While most security monitoring tools rely on syscalls or kernel function hooking, Kunai takes

React to this headline:

Loading spinner

Kunai: Open-source threat hunting tool for Linux Read More »

Orbit: Open-source Nuclei security scanning and automation platform

Don't miss, GitHub, News, open source, penetration testing, scanning, software, Terraform /

Orbit: Open-source Nuclei security scanning and automation platform 2025-02-17 at 07:50 By Mirko Zorz Orbit is an open-source platform built to streamline large-scale Nuclei scans, enabling teams to manage, analyze, and collaborate on security findings. It features a SvelteKit-based web frontend and a Go-powered backend, with Terraform and Ansible handling infrastructure and automation. “I built

React to this headline:

Loading spinner

Orbit: Open-source Nuclei security scanning and automation platform Read More »

Beelzebub: Open-source honeypot framework

Don't miss, GitHub, honeypots, News, open source, software /

Beelzebub: Open-source honeypot framework 2025-02-10 at 06:30 By Mirko Zorz Beelzebub is an open-source honeypot framework engineered to create a secure environment for detecting and analyzing cyber threats. It features a low-code design for seamless deployment and leverages AI to emulate the behavior of a high-interaction honeypot. “I created Beelzebub because my research activities require

React to this headline:

Loading spinner

Beelzebub: Open-source honeypot framework Read More »

Ghidra 11.3 released: New features, performance improvements, bug fixes

Don't miss, GitHub, News, NSA, open source, software /

Ghidra 11.3 released: New features, performance improvements, bug fixes 2025-02-07 at 07:53 By Help Net Security NSA’s Research Directorate released version 11.3 of Ghidra, an open-source software reverse engineering (SRE) framework. It offers advanced analysis tools, enabling users to dissect and examine compiled code across multiple platforms, including Windows, macOS, and Linux. Ghidra 11.3 is

React to this headline:

Loading spinner

Ghidra 11.3 released: New features, performance improvements, bug fixes Read More »

OpenNHP: Cryptography-driven zero trust protocol

Don't miss, Encryption, GitHub, News, open source, software, zero trust /

OpenNHP: Cryptography-driven zero trust protocol 2025-02-05 at 07:01 By Mirko Zorz OpenNHP is the open-source implementation of NHP (Network-resource Hiding Protocol), a cryptography-based zero trust protocol for safeguarding servers and data. OpenNHP offers the following benefits: Reduces attack surface by hiding infrastructure Prevents unauthorized network reconnaissance Mitigates vulnerability exploitation Stops phishing via encrypted DNS Protects

React to this headline:

Loading spinner

OpenNHP: Cryptography-driven zero trust protocol Read More »

BadDNS: Open-source tool checks for subdomain takeovers

Don't miss, GitHub, News, open source, penetration testing, scanning, software /

BadDNS: Open-source tool checks for subdomain takeovers 2025-02-03 at 07:03 By Mirko Zorz BadDNS is an open-source Python DNS auditing tool designed to detect domain and subdomain takeovers of all types. BadDNS modules cname – Check for dangling CNAME records and interrogate them for subdomain takeover opportunities ns – Check for dangling NS records and

React to this headline:

Loading spinner

BadDNS: Open-source tool checks for subdomain takeovers Read More »

ExtensionHound: Open-source tool for Chrome extension DNS forensics

Chrome, computer forensics, DNS, Don't miss, GitHub, News, open source, software /

ExtensionHound: Open-source tool for Chrome extension DNS forensics 2025-01-30 at 07:03 By Mirko Zorz Traditional monitoring tools reveal only traffic from the Chrome process, leaving security teams uncertain about which extension is responsible for a suspicious DNS query. ExtensionHound solves this by analyzing Chrome’s internal network state and linking DNS activity to specific extensions. ExtensionHound

React to this headline:

Loading spinner

ExtensionHound: Open-source tool for Chrome extension DNS forensics Read More »

BloodyAD: Open-source Active Directory privilege escalation framework

Active Directory, Don't miss, GitHub, News, open source, software /

BloodyAD: Open-source Active Directory privilege escalation framework 2025-01-28 at 07:00 By Mirko Zorz BloodyAD is an open-source Active Directory privilege escalation framework that uses specialized LDAP calls to interact with domain controllers. It enables various privilege escalation techniques within Active Directory environments. Features “I created this tool because I do a lot of internal testing

React to this headline:

Loading spinner

BloodyAD: Open-source Active Directory privilege escalation framework Read More »

Endor Labs and Allies Launch Opengrep, Reviving True OSS for SAST

Application Security, open source, Opengrep, Supply Chain Security /

Endor Labs and Allies Launch Opengrep, Reviving True OSS for SAST 2025-01-27 at 17:20 By Kevin Townsend Opengrep is a new consortium-backed fork of Semgrep, intended to be and remain a true genuine OSS SAST tool. The post Endor Labs and Allies Launch Opengrep, Reviving True OSS for SAST appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Endor Labs and Allies Launch Opengrep, Reviving True OSS for SAST Read More »

Don’t let these open-source cybersecurity tools slip under your radar

Android, cybersecurity, Don't miss, GitHub, Hot stuff, Linux, macOS, News, open source, software, Windows /

Don’t let these open-source cybersecurity tools slip under your radar 2025-01-27 at 07:07 By Help Net Security This article showcases free, open-source cybersecurity tools that help you identify and address vulnerabilities, detect intrusion, protect websites from cyber attacks, monitor and detect suspicious activities across your network. Am I Isolated: Open-source container security benchmark Am I

React to this headline:

Loading spinner

Don’t let these open-source cybersecurity tools slip under your radar Read More »

GUI frontends for GnuPG, the free implementation of the OpenPGP standard

Don't miss, Encryption, GitHub, Linux, News, open source, software /

GUI frontends for GnuPG, the free implementation of the OpenPGP standard 2025-01-24 at 07:20 By Help Net Security GnuPG is a free and comprehensive implementation of the OpenPGP standard. It enables encryption and signing of data and communications, featuring a key management system and support for public key directories. While primarily a command-line tool, GnuPG

React to this headline:

Loading spinner

GUI frontends for GnuPG, the free implementation of the OpenPGP standard Read More »

Web Cache Vulnerability Scanner: Open-source tool for detecting web cache poisoning

Don't miss, GitHub, News, open source, software /

Web Cache Vulnerability Scanner: Open-source tool for detecting web cache poisoning 2025-01-23 at 07:03 By Help Net Security The Web Cache Vulnerability Scanner (WCVS) is an open-source command-line tool for detecting web cache poisoning and deception. The scanner, developed by Maximilian Hildebrand, offers extensive support for various web cache poisoning and deception techniques. It features

React to this headline:

Loading spinner

Web Cache Vulnerability Scanner: Open-source tool for detecting web cache poisoning Read More »

Stratoshark: Wireshark for the cloud – now available!

Cloud, Don't miss, News, open source, penetration testing, software, Sysdig, wireless, Wireshark /

Stratoshark: Wireshark for the cloud – now available! 2025-01-22 at 20:33 By Help Net Security Stratoshark is an innovative open-source tool that brings Wireshark’s detailed network visibility to the cloud, providing users with a standardized approach to cloud observability. Stratoshark incorporates much of Wireshark’s codebase, including its user interface elements. The interface and workflows will

React to this headline:

Loading spinner

Stratoshark: Wireshark for the cloud – now available! Read More »

Decentralization is happening everywhere, so why are crypto wallets “walled gardens”?

blockchain, Crypto, cybersecurity, digital wallet, Don't miss, Expert analysis, Expert corner, Foundation Devices, Hot stuff, News, open source, opinion /

Decentralization is happening everywhere, so why are crypto wallets “walled gardens”? 2025-01-20 at 07:34 By Help Net Security The twin cryptocurrency and digital identity revolutions are supposed to be building a better future, where anybody can take charge of their sovereignty and security in a world where both face unprecedented threats. Yet at one crucial

React to this headline:

Loading spinner

Decentralization is happening everywhere, so why are crypto wallets “walled gardens”? Read More »

MSSqlPwner: Open-source tool for pentesting MSSQL servers

database security, Don't miss, GitHub, News, open source, penetration testing, software /

MSSqlPwner: Open-source tool for pentesting MSSQL servers 2025-01-17 at 07:48 By Help Net Security MSSqlPwner is an open-source pentesting tool tailored to interact with and exploit MSSQL servers. Built on Impacket, it enables users to authenticate with databases using various credentials, including clear-text passwords, NTLM hashes, and Kerberos tickets. The tool offers multiple methods for

React to this headline:

Loading spinner

MSSqlPwner: Open-source tool for pentesting MSSQL servers Read More »

Contextal Platform: Open-source threat detection and intelligence

Don't miss, GitHub, Hot stuff, News, open source, software /

Contextal Platform: Open-source threat detection and intelligence 2025-01-15 at 07:34 By Mirko Zorz Contextal Platform is an open-source cybersecurity solution for contextual threat detection and intelligence. Developed by the original authors of ClamAV, it offers advanced features such as contextual threat analysis, custom detection scenarios through the ContexQL language, and AI-powered data processing—all operating locally

React to this headline:

Loading spinner

Contextal Platform: Open-source threat detection and intelligence Read More »

GitHub CISO on security strategy and collaborating with the open-source community

CISO, cybersecurity, Don't miss, Features, GitHub, Hot stuff, News, open source, opinion, software development, strategy, tips /

GitHub CISO on security strategy and collaborating with the open-source community 2025-01-13 at 07:06 By Mirko Zorz In this Help Net Security, Alexis Wales, CISO at GitHub, discusses how GitHub embeds security into every aspect of its platform to protect millions of developers and repositories, ensuring it remains a trustworthy platform for building secure software.

React to this headline:

Loading spinner

GitHub CISO on security strategy and collaborating with the open-source community Read More »

Chainsaw: Open-source tool for hunting through Windows forensic artefacts

Don't miss, GitHub, News, open source, software, Windows, WithSecure /

Chainsaw: Open-source tool for hunting through Windows forensic artefacts 2025-01-13 at 06:34 By Help Net Security Chainsaw is an open-source first-response tool for quickly detecting threats in Windows forensic artefacts, including Event Logs and the MFT file. It enables fast keyword searches through event logs and identifies threats using built-in Sigma detection and custom detection

React to this headline:

Loading spinner

Chainsaw: Open-source tool for hunting through Windows forensic artefacts Read More »

Wireshark 4.4.3 released: Updated protocol support, bug fixes

News, open source, software, Wireshark /

Wireshark 4.4.3 released: Updated protocol support, bug fixes 2025-01-09 at 11:07 By Help Net Security Wireshark, the popular network protocol analyzer, has reached version 4.4.3. Wireshark offers deep inspection across hundreds of protocols, live and offline analysis, and display filters. With multi-platform support, VoIP analysis, and capture file compatibility, it’s perfect for professionals seeking intuitive

React to this headline:

Loading spinner

Wireshark 4.4.3 released: Updated protocol support, bug fixes Read More »

Scroll to Top