open source

Nemesis: Open-source offensive data enrichment and analytic pipeline

cybersecurity, data, Don't miss, GitHub, Hot stuff, News, open source, scanning, software, SpecterOps /

Nemesis: Open-source offensive data enrichment and analytic pipeline 12/12/2023 at 07:32 By Mirko Zorz Nemesis is a centralized data processing platform that ingests, enriches, and performs analytics on offensive security assessment data (i.e., data collected during penetration tests and red team engagements).​​ Nemesis was created by Lee Chagolla-Christensen and Will Schroeder, both security researchers at […]

React to this headline:

Loading spinner

Nemesis: Open-source offensive data enrichment and analytic pipeline Read More »

Kubescape open-source project adds Vulnerability Exploitability eXchange (VEX) support

ARMO, GitHub, Industry news, open source, scanning, vulnerability management /

Kubescape open-source project adds Vulnerability Exploitability eXchange (VEX) support 11/12/2023 at 11:02 By Help Net Security With its innovative feature for generating reliable Vulnerability Exploitability eXchange (VEX) documents, Kubescape became the first open-source project to provide this functionality. This advancement offers security practitioners a powerful tool to effectively prioritize and address software vulnerabilities. What is

React to this headline:

Loading spinner

Kubescape open-source project adds Vulnerability Exploitability eXchange (VEX) support Read More »

ERC-2771 integration introduces address spoofing vulnerability — OpenZeppelin

DAO Attack, open source, smart contracts /

ERC-2771 integration introduces address spoofing vulnerability — OpenZeppelin 08/12/2023 at 10:02 By Cointelegraph by Arijit Sarkar The smart contract vulnerability arises after the integration of ERC-2771 and Multicall standards. OpenZepplin identified 13 sets of vulnerable smart contracts. This article is an excerpt from Cointelegraph.com News View Original Source React to this headline:

React to this headline:

Loading spinner

ERC-2771 integration introduces address spoofing vulnerability — OpenZeppelin Read More »

OpenTofu: Open-source alternative to Terraform

GitHub, News, open source, The Linux Foundation /

OpenTofu: Open-source alternative to Terraform 07/12/2023 at 07:32 By Help Net Security OpenTofu is an open-source alternative to Terraform’s widely used Infrastructure as Code provisioning tool. Previously named OpenTF, OpenTofu is an open and community-driven response to Terraform’s recently announced license change from a Mozilla Public License v2.0 (MPLv2) to a Business Source License v1.1,

React to this headline:

Loading spinner

OpenTofu: Open-source alternative to Terraform Read More »

21 high-risk vulnerabilities in OT/IoT routers found

Don't miss, Forescout, Hot stuff, Internet of Things, News, open source, Sierra Wireless, software, vulnerability /

21 high-risk vulnerabilities in OT/IoT routers found 06/12/2023 at 12:53 By Help Net Security Forescout detailed the discovery of 21 new vulnerabilities in OT/IoT routers and open-source software elements. The “SIERRA:21 – Living on the Edge” report features research into Sierra Wireless AirLink cellular routers and some open-source components, such as TinyXML and OpenNDS. Sierra

React to this headline:

Loading spinner

21 high-risk vulnerabilities in OT/IoT routers found Read More »

5 open-source tools for pentesting Kubernetes you should check out

Don't miss, GitHub, Hot stuff, Kubernetes, News, open source, penetration testing, software /

5 open-source tools for pentesting Kubernetes you should check out 06/12/2023 at 08:02 By Help Net Security Kubernetes, often called K8s, is an open-source platform designed to automate the deployment, scaling, and operations of containerized applications. Kubernetes has become a critical part of the infrastructure for many organizations. However, with its widespread adoption, Kubernetes environments

React to this headline:

Loading spinner

5 open-source tools for pentesting Kubernetes you should check out Read More »

Kali Linux 2023.4 released: New tools, Kali for Raspberry Pi 5, and more!

Don't miss, Hot stuff, Kali Linux, Linux, News, OffSec, open source, penetration testing /

Kali Linux 2023.4 released: New tools, Kali for Raspberry Pi 5, and more! 05/12/2023 at 21:31 By Zeljka Zorz OffSec (previously Offensive Security) has released Kali Linux 2023.4, the latest version of its penetration testing and digital forensics platform. New tools in Kali Linux 2023.4 The list of tools freshly added to Kali Linux includes:

React to this headline:

Loading spinner

Kali Linux 2023.4 released: New tools, Kali for Raspberry Pi 5, and more! Read More »

SessionProbe: Open-source multi-threaded pentesting tool

Don't miss, GitHub, Hot stuff, News, open source, penetration testing, software /

SessionProbe: Open-source multi-threaded pentesting tool 05/12/2023 at 09:03 By Mirko Zorz SessionProbe is a multi-threaded pentesting tool designed to evaluate user privileges in web applications. It takes a user’s session token and checks for a list of URLs if access is possible, highlighting potential authorization issues. It deduplicates URL lists and provides real-time logging and

React to this headline:

Loading spinner

SessionProbe: Open-source multi-threaded pentesting tool Read More »

Nitrokey releases NetHSM, a fully open-source hardware security module

Encryption, Industry news, News, Nitrokey, open source, public-key cryptography /

Nitrokey releases NetHSM, a fully open-source hardware security module 30/11/2023 at 16:32 By Help Net Security German company Nitrokey has released NetHSM 1.0, an open-source hardware security module (HSM). Nitrokey NetHSM 1.0 features The module can be used for storing and managing a variety of cryptographic keys (e.g., keys to enable HTTPS, DNSSEC, secure blockchain

React to this headline:

Loading spinner

Nitrokey releases NetHSM, a fully open-source hardware security module Read More »

Mosint: Open-source automated email OSINT tool

Don't miss, Email, GitHub, Hot stuff, News, open source, OSINT /

Mosint: Open-source automated email OSINT tool 30/11/2023 at 08:31 By Mirko Zorz Mosint is an automated email OSINT tool written in Go designed to facilitate quick and efficient investigations of target emails. It integrates multiple services, providing security researchers with rapid access to a broad range of information. “In my previous job, I actively worked

React to this headline:

Loading spinner

Mosint: Open-source automated email OSINT tool Read More »

Tails 5.2.0 comes with several improvements, updated Tor Browser

News, open source, operating system, Privacy, software, Tails /

Tails 5.2.0 comes with several improvements, updated Tor Browser 29/11/2023 at 13:33 By Help Net Security Tails is a portable operating system that protects against surveillance and censorship. Tails can be installed on any USB stick with a minimum of 8 GB. Tails works on most computers under ten years old. You can start again

React to this headline:

Loading spinner

Tails 5.2.0 comes with several improvements, updated Tor Browser Read More »

OpenSSL 3.2.0 released: New cryptographic algorithms, support for TCP fast open, and more!

AdRem Software, Encryption, News, open source, OpenSSL /

OpenSSL 3.2.0 released: New cryptographic algorithms, support for TCP fast open, and more! 27/11/2023 at 10:32 By Help Net Security OpenSSL is a full-featured toolkit for general-purpose cryptography and secure communication. The final version of OpenSSL 3.2.0 is now available. Major changes in OpenSSL 3.2.0 This release incorporates the following potentially significant or incompatible changes:

React to this headline:

Loading spinner

OpenSSL 3.2.0 released: New cryptographic algorithms, support for TCP fast open, and more! Read More »

AWS Kill Switch: Open-source incident response tool

AWS, GitHub, Incident Response, News, open source, software /

AWS Kill Switch: Open-source incident response tool 27/11/2023 at 09:01 By Mirko Zorz AWS Kill Switch is an open-source incident response tool for quickly locking down AWS accounts and IAM roles during a security incident. The solution includes a Lambda function and proof of concept client. You can either adopt this client or build your

React to this headline:

Loading spinner

AWS Kill Switch: Open-source incident response tool Read More »

Open-source AV/EDR bypassing lab for training and learning

cybersecurity, GitHub, News, open source, research, skill development, software /

Open-source AV/EDR bypassing lab for training and learning 22/11/2023 at 07:31 By Mirko Zorz Best EDR Of The Market is a user-mode endpoint detection and response (EDR) project designed to serve as a testing ground for understanding and bypassing EDR’s user-mode detection methods. These techniques are mainly based on a dynamic analysis of the target

React to this headline:

Loading spinner

Open-source AV/EDR bypassing lab for training and learning Read More »

FreeBSD 14.0 released, OpenSSH and OpenSSL updated

Absolute Software, FreeBSD, FreeBSD Foundation, News, open source /

FreeBSD 14.0 released, OpenSSH and OpenSSL updated 21/11/2023 at 17:17 By Help Net Security FreeBSD 14.0 is now available for the amd64, aarch64, i386, powerpc, powerpc64, powerpc64le, powerpcspe, armv7, and riscv64 architectures. FreeBSD provides sophisticated features in networking, performance, security, and compatibility. It serves as an excellent choice for an Internet or Intranet server. It

React to this headline:

Loading spinner

FreeBSD 14.0 released, OpenSSH and OpenSSL updated Read More »

PolarDNS: Open-source DNS server tailored for security evaluations

cybersecurity, DNS, Don't miss, GitHub, News, open source, Oryxlabs, software /

PolarDNS: Open-source DNS server tailored for security evaluations 21/11/2023 at 08:36 By Mirko Zorz PolarDNS is a specialized authoritative DNS server that allows the operator to produce custom DNS responses suitable for DNS protocol testing purposes. What can you do with PolarDNS? PolarDNS can be used for testing of: DNS resolvers (server-side) DNS clients DNS

React to this headline:

Loading spinner

PolarDNS: Open-source DNS server tailored for security evaluations Read More »

Organizations’ serious commitment to software risk management pays off

Application Security, cybercrime, cybersecurity, News, open source, penetration testing, report, software, survey, Synopsys, Vulnerabilities /

Organizations’ serious commitment to software risk management pays off 21/11/2023 at 07:32 By Industry News There has been a significant decrease in vulnerabilities found in target applications – from 97% in 2020 to 83% in 2022 – an encouraging sign that code reviews, automated testing and continuous integration are helping to reduce common programming errors,

React to this headline:

Loading spinner

Organizations’ serious commitment to software risk management pays off Read More »

Wireshark 4.2.0 released, open-source packet analysis gets even better

News, open source, packet analysis, software, Wireshark /

Wireshark 4.2.0 released, open-source packet analysis gets even better 17/11/2023 at 11:49 By Help Net Security Wireshark, the popular network protocol analyzer, has reached version 4.2.0. Wireshark 4.2.0: Notable changes Wireshark supports dark mode on Windows. Packet list sorting has been improved. Wireshark and TShark are now better about generating valid UTF-8 output. A new

React to this headline:

Loading spinner

Wireshark 4.2.0 released, open-source packet analysis gets even better Read More »

HARmor: Open-source tool for sanitizing and securing HAR files

Don't miss, Frontegg, GitHub, News, open source, software /

HARmor: Open-source tool for sanitizing and securing HAR files 15/11/2023 at 10:04 By Mirko Zorz HARmor is an open-source tool that sanitizes HTTP Archive files. Easy to install and run, it enables the safe handling and sharing of HAR files. What are HAR files? HAR files are critical for support teams working to debug and

React to this headline:

Loading spinner

HARmor: Open-source tool for sanitizing and securing HAR files Read More »

Enhancing mainframe security with proven best practices

cybersecurity, Data Protection, DevOps, Don't miss, Hot stuff, hybrid cloud, mainframe security, network, open source, risk, Rocket Software, Video /

Enhancing mainframe security with proven best practices 15/11/2023 at 08:35 By Help Net Security Mainframe systems have served as the bedrock of enterprise networks for years, standing unmatched in terms of reliability, scalability, and data protection. However, security risks have become a pressing concern as the digital landscape evolves, emerging practices like DevOps, the rise

React to this headline:

Loading spinner

Enhancing mainframe security with proven best practices Read More »

Scroll to Top