Finders Keypers: Open-source AWS KMS key usage finder 2025-03-24 at 07:32 By Mirko Zorz Finders Keypers is an open-source tool for analyzing the current usage of AWS KMS keys. It supports both AWS customer managed KMS keys and AWS Managed KMS keys. Use cases include: Identifying the blast radius of specific KMS keys and the […]
React to this headline:
Finders Keypers: Open-source AWS KMS key usage finder Read More »
Kali Linux 2025.1a drops with theme refresh, Kali NetHunter updates 2025-03-20 at 09:32 By Help Net Security Kali Linux 2025.1a is now available. This release enhances existing features with improvements designed to streamline your experience. 2025 theme refresh Kali Linux 2025.1a introduces an annual theme refresh, maintaining a modern interface. This year’s update debuts a
React to this headline:
Kali Linux 2025.1a drops with theme refresh, Kali NetHunter updates Read More »
Google Releases Major Update for Open Source Vulnerability Scanner 2025-03-18 at 18:02 By Ionut Arghire Google has integrated OSV-SCALIBR features into OSV-Scanner, its free vulnerability scanner for open source developers. The post Google Releases Major Update for Open Source Vulnerability Scanner appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
React to this headline:
Google Releases Major Update for Open Source Vulnerability Scanner Read More »
Hackers target AI and crypto as software supply chain risks grow 2025-03-18 at 07:47 By Help Net Security The growing sophistication of software supply chain attacks is driven by widespread flaws in open-source and third-party commercial software, along with malicious campaigns that specifically target AI and cryptocurrency development pipelines, according to a ReversingLabs report. According
React to this headline:
Hackers target AI and crypto as software supply chain risks grow Read More »
IntelMQ: Open-source tool for collecting and processing security feeds 2025-03-17 at 07:02 By Mirko Zorz IntelMQ is an open-source solution designed to help IT security teams (including CERTs, CSIRTs, SOCs, and abuse departments) streamline the collection and processing of security feeds using a message queuing protocol. “Originally designed for CSIRTs and later adopted by SOCs,
React to this headline:
IntelMQ: Open-source tool for collecting and processing security feeds Read More »
NetBird: Open-source network security 2025-03-12 at 08:03 By Help Net Security NetBird is an open-source solution that integrates a configuration-free peer-to-peer private network with centralized access control, providing a single platform to build secure private networks for your organization or home. NetBird features NetBird creates a WireGuard-based overlay network that automatically connects your machines over
React to this headline:
NetBird: Open-source network security Read More »
UK Government Report Calls for Stronger Open Source Supply Chain Security Practices 2025-03-11 at 19:05 By Kevin Townsend Report from the Department for Science, Innovation & Technology (DSIT) finds weaknesses in current practices. The post UK Government Report Calls for Stronger Open Source Supply Chain Security Practices appeared first on SecurityWeek. This article is an
React to this headline:
UK Government Report Calls for Stronger Open Source Supply Chain Security Practices Read More »
Hetty: Open-source HTTP toolkit for security research 2025-03-10 at 08:17 By Help Net Security Hetty is an open-source HTTP toolkit designed for security research, offering a free alternative to commercial tools like Burp Suite Pro. Built with the needs of penetration testers, security professionals, and bug bounty hunters in mind, Hetty provides a set of
React to this headline:
Hetty: Open-source HTTP toolkit for security research Read More »
Fix Inventory: Open-source cloud asset inventory tool 2025-03-05 at 08:04 By Help Net Security Fix Inventory is an open-source tool for detecting compliance and security risks in cloud infrastructure accounts. It was built from the ground up for cloud-native environments and provides broad support for over 300 cloud services, including AWS, Google Cloud Platform, Azure,
React to this headline:
Fix Inventory: Open-source cloud asset inventory tool Read More »
Commix: Open-source OS command injection exploitation tool 2025-03-03 at 08:08 By Help Net Security Commix is an open-source penetration testing tool designed to automate the detection and exploitation of command injection vulnerabilities, streamlining security assessments for researchers and ethical hackers. Commix features Easy to use: Commix simplifies the process of identifying and exploiting command injection
React to this headline:
Commix: Open-source OS command injection exploitation tool Read More »
MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) 2025-02-28 at 17:03 By Zeljka Zorz Users of the MITRE Caldera cyber security platform have been urged to plug a critical hole (CVE-2025–27364) that may allow unauthenticated attackers to achieve remote code execution. About MITRE Caldera MITRE Caldera is a platform built on the
React to this headline:
MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) Read More »
OSPS Baseline: Practical security best practices for open source software projects 2025-02-28 at 14:49 By Help Net Security The Open Source Security Foundation (OpenSSF), a cross-industry initiative by the Linux Foundation, has announced the initial release of the Open Source Project Security Baseline (OSPS Baseline), a tiered framework of security practices that evolve with the
React to this headline:
OSPS Baseline: Practical security best practices for open source software projects Read More »
Hottest cybersecurity open-source tools of the month: February 2025 2025-02-27 at 07:31 By Help Net Security This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Kunai: Open-source threat hunting tool for Linux Kunai is an open-source tool that provides deep and precise event monitoring for Linux
React to this headline:
Hottest cybersecurity open-source tools of the month: February 2025 Read More »
OpenSSF Releases Security Baseline for Open Source Projects 2025-02-26 at 13:45 By Eduard Kovacs The Open Source Security Foundation (OpenSSF) has created a structured set of security requirements for open source projects. The post OpenSSF Releases Security Baseline for Open Source Projects appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original
React to this headline:
OpenSSF Releases Security Baseline for Open Source Projects Read More »
Dalfox: Open-source XSS scanner 2025-02-26 at 08:20 By Mirko Zorz DalFox is an open-source tool for automating the detection of XSS vulnerabilities. With powerful testing capabilities and a wide range of features, it makes scanning, analyzing parameters, and verifying vulnerabilities faster and easier. “The uniqueness of Dalfox lies in its speed and ability to easily
React to this headline:
Dalfox: Open-source XSS scanner Read More »
Open source strikes back: Nextcloud Hub 10 challenges Big Tech’s monopoly on AI and privacy 2025-02-25 at 15:18 By Help Net Security Hyperscalers have perpetuated the narrative that open-source solutions cannot compete at scale. This perception has influenced funding priorities, shaped policy discussions, and reinforced organizational reliance on Big Tech. With the launch of Hub
React to this headline:
Misconfig Mapper: Open-source tool to uncover security misconfigurations 2025-02-24 at 07:33 By Mirko Zorz Misconfig Mapper is an open-source CLI tool built in Golang that discovers and enumerates instances of services used within your organization. It performs large-scale detection and misconfiguration assessments, leveraging customizable templates with detection and misconfiguration fingerprints to identify potential security risks
React to this headline:
Misconfig Mapper: Open-source tool to uncover security misconfigurations Read More »
PRevent: Open-source tool to detect malicious code in pull requests 2025-02-20 at 16:52 By Zeljka Zorz Apiiro security researchers have released open source tools that can help organizations detect malicious code as part of their software development lifecycle: PRevent (a scanner for pull requests), and a malicious code detection ruleset for Semgrep and Opengrep static
React to this headline:
PRevent: Open-source tool to detect malicious code in pull requests Read More »
Kunai: Open-source threat hunting tool for Linux 2025-02-19 at 08:19 By Mirko Zorz Kunai is an open-source tool that provides deep and precise event monitoring for Linux environments. “What sets Kunai apart is its ability to go beyond simple event generation. While most security monitoring tools rely on syscalls or kernel function hooking, Kunai takes
React to this headline:
Kunai: Open-source threat hunting tool for Linux Read More »
Orbit: Open-source Nuclei security scanning and automation platform 2025-02-17 at 07:50 By Mirko Zorz Orbit is an open-source platform built to streamline large-scale Nuclei scans, enabling teams to manage, analyze, and collaborate on security findings. It features a SvelteKit-based web frontend and a Go-powered backend, with Terraform and Ansible handling infrastructure and automation. “I built
React to this headline:
Orbit: Open-source Nuclei security scanning and automation platform Read More »