open source - Security Ticks

Nuclei: Open-source vulnerability scanner

Don't miss, GitHub, Hot stuff, News, open source, penetration testing, scanning, software, vulnerability assessment / SecurityTicks

Nuclei: Open-source vulnerability scanner 2024-08-26 at 06:31 By Help Net Security Nuclei is a fast and customizable open-source vulnerability scanner powered by YAML-based templates. With its flexible templating system, Nuclei can be adapted to perform various security checks. It can send requests to multiple targets using customizable templates, ensuring zero false positives and enabling rapid […]

React to this headline:

Nuclei: Open-source vulnerability scanner Read More »

OpenCTI: Open-source cyber threat intelligence platform

Don't miss, Filigran, GitHub, Hot stuff, News, open source, software, Threat Intelligence / SecurityTicks

OpenCTI: Open-source cyber threat intelligence platform 2024-08-21 at 07:31 By Help Net Security OpenCTI is an open-source platform designed to help organizations manage their cyber threat intelligence (CTI) data and observables. The platform structures its data using a knowledge schema built on the STIX2 standards. It features a modern web application architecture with a GraphQL

React to this headline:

OpenCTI: Open-source cyber threat intelligence platform Read More »

x64dbg: Open-source binary debugger for Windows

bug hunting, GitHub, malware analysis, News, open source, reverse engineering, software, Windows / SecurityTicks

x64dbg: Open-source binary debugger for Windows 2024-08-19 at 07:01 By Mirko Zorz x64dbg is an open-source binary debugger for Windows, designed for malware analysis and reverse engineering of executables without access to the source code. It offers a wide range of features and a plugin system, allowing you to customize and extend its capabilities to

React to this headline:

x64dbg: Open-source binary debugger for Windows Read More »

Authentik: Open-source identity provider

authentication, Don't miss, GitHub, Hot stuff, News, open source, software / SecurityTicks

Authentik: Open-source identity provider 2024-08-16 at 07:01 By Mirko Zorz Authentik is an open-source identity provider designed for maximum flexibility and adaptability. It easily integrates into existing environments and supports new protocols. It’s a comprehensive solution for implementing features like sign-up, account recovery, and more in your application, eliminating the need to manage these tasks

React to this headline:

Authentik: Open-source identity provider Read More »

IntelOwl: Open-source threat intelligence management

Don't miss, GitHub, Hot stuff, News, open source, software, Threat Intelligence / SecurityTicks

IntelOwl: Open-source threat intelligence management 2024-08-14 at 07:31 By Mirko Zorz IntelOwl is an open-source solution designed for large-scale threat intelligence management. It integrates numerous online analyzers and advanced malware analysis tools, providing comprehensive insights in one platform. “In late 2019, I faced a significant challenge while working as a cybersecurity analyst in a Security

React to this headline:

IntelOwl: Open-source threat intelligence management Read More »

Scout Suite: Open-source cloud security auditing tool

Alibaba Cloud, auditing, AWS, Azure, cloud security, Don't miss, GitHub, Google Cloud, Hot stuff, NCC Group, News, open source, software / SecurityTicks

Scout Suite: Open-source cloud security auditing tool 2024-08-12 at 07:31 By Help Net Security Scout Suite is an open-source, multi-cloud security auditing tool designed to assess the security posture of cloud environments. By leveraging the APIs provided by cloud vendors, Scout Suite collects and organizes configuration data, making it easier to identify potential risks. Instead

React to this headline:

Scout Suite: Open-source cloud security auditing tool Read More »

SSHamble: Open-source security testing of SSH services

Don't miss, GitHub, Hot stuff, News, open source, software, SSH / SecurityTicks

SSHamble: Open-source security testing of SSH services 2024-08-08 at 09:33 By Help Net Security runZero published new research on Secure Shell (SSH) exposures and unveiled a corresponding open-source tool, SSHamble. This tool helps security teams validate SSH implementations by testing for uncommon but dangerous misconfigurations and software bugs. Discovered weaknesses During their presentation at Black

React to this headline:

SSHamble: Open-source security testing of SSH services Read More »

RustScan: Open-source port scanner

Docker, Don't miss, GitHub, Hot stuff, News, open source, penetration testing, scanning, software / SecurityTicks

RustScan: Open-source port scanner 2024-08-07 at 07:01 By Help Net Security RustScan is an open-source port scanner designed for speed and versatility. It combines a sleek interface with the power to adapt and improve over time. With RustScan’s Adaptive Learning, the tool continually optimizes its performance, making it the most efficient port scanner available. Discover

React to this headline:

RustScan: Open-source port scanner Read More »

Critical Apache OFBiz pre-auth RCE flaw fixed, update ASAP! (CVE-2024-38856)

Apache OFBiz, CVE, Don't miss, enterprise, Hot stuff, News, open source, SonicWall, vulnerability / SecurityTicks

Critical Apache OFBiz pre-auth RCE flaw fixed, update ASAP! (CVE-2024-38856) 2024-08-05 at 16:47 By Zeljka Zorz CVE-2024-38856, an incorrect authorization vulnerability affecting all but the latest version of Apache OFBiz, may be exploited by remote, unauthenticated attackers to execute arbitrary code on vulnerable systems. About CVE-2024-38856 Apache OFBiz is an open-source framework for enterprise resource

React to this headline:

Critical Apache OFBiz pre-auth RCE flaw fixed, update ASAP! (CVE-2024-38856) Read More »

MISP: Open-source threat intelligence and sharing platform

Don't miss, GitHub, Hot stuff, malware analysis, News, open source, SIEM, software, Threat Intelligence / SecurityTicks

MISP: Open-source threat intelligence and sharing platform 2024-08-05 at 07:01 By Help Net Security MISP is an open-source threat intelligence and sharing platform for collecting, storing, distributing, and sharing cybersecurity indicators and threats related to incident and malware analysis. MISP is designed by and for cybersecurity, ICT professionals, and malware reversers to support their daily

React to this headline:

MISP: Open-source threat intelligence and sharing platform Read More »

Open-source project enables Raspberry Pi Bluetooth Wi-Fi network configuration

Bluetooth, GitHub, networking, News, open source, remote.it, software / SecurityTicks

Open-source project enables Raspberry Pi Bluetooth Wi-Fi network configuration 2024-08-02 at 06:31 By Help Net Security Remote.It released its open-source project to enable Raspberry Pi Bluetooth (BLE) Wi-Fi network configuration. The project allows a computer or mobile device to easily transfer a Wi-Fi configuration via Bluetooth, the same way users set up smart devices around

React to this headline:

Open-source project enables Raspberry Pi Bluetooth Wi-Fi network configuration Read More »

Secretive: Open-source app for storing and managing SSH keys in the Secure Enclave

Don't miss, GitHub, Hot stuff, macOS, News, open source, software / SecurityTicks

Secretive: Open-source app for storing and managing SSH keys in the Secure Enclave 2024-07-31 at 07:02 By Help Net Security Secretive is an open-source, user-friendly app designed to store and manage SSH keys within the Secure Enclave. Typically, SSH keys are stored on disk with appropriate permissions, which is usually sufficient. However, it’s not overly

React to this headline:

Secretive: Open-source app for storing and managing SSH keys in the Secure Enclave Read More »

Cirrus: Open-source Google Cloud forensic collection

cloud security, computer forensics, cybersecurity, digital forensics, Don't miss, GitHub, Hot stuff, News, open source, software, Sygnia / SecurityTicks

Cirrus: Open-source Google Cloud forensic collection 2024-07-29 at 07:16 By Mirko Zorz Cirrus is an open-source Python-based tool designed to streamline Google Cloud forensic evidence collection. It can streamline environment access and evidence collection in investigations involving Google Workspace and GCP. The tool simplifies incident response activities and enhances an organization’s security posture. Key features

React to this headline:

Cirrus: Open-source Google Cloud forensic collection Read More »

Chainguard Raises $140 Million, Expands Tech to Secure AI Workloads

Chainguard, container, Funding/M&A, open source, Sequioa, Series C, Supply Chain Security / SecurityTicks

Chainguard Raises $140 Million, Expands Tech to Secure AI Workloads 2024-07-25 at 19:49 By Ryan Naraine Software supply chain security startup Chainguard raises a $140 million Series C round that values the company at $1.2 billion. The post Chainguard Raises $140 Million, Expands Tech to Secure AI Workloads appeared first on SecurityWeek. This article is

React to this headline:

Chainguard Raises $140 Million, Expands Tech to Secure AI Workloads Read More »

BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements

BIND, DNS, DNSSEC, Don't miss, networking, News, open source / SecurityTicks

BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements 2024-07-25 at 10:01 By Help Net Security BIND (Berkeley Internet Name Domain) is an open-source DNS software system with an authoritative server, a recursive resolver, and related utilities. BIND 9.20, a stable branch suitable for production use, has been released. According to the current software release

React to this headline:

BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements Read More »

Infisical: Open-source secret management platform

Don't miss, GitHub, Hot stuff, News, open source, software / SecurityTicks

Infisical: Open-source secret management platform 2024-07-24 at 07:01 By Help Net Security Infisical is an open-source secret management platform developers use to centralize application configurations and secrets, such as API keys and database credentials, while also managing their internal PKI. In addition to managing secrets with Infisical, you can scan your files, directories, and Git

React to this headline:

Infisical: Open-source secret management platform Read More »

Shuffle Automation: Open-source security automation platform

automation, Don't miss, GitHub, Hot stuff, News, open source, security operations, software / SecurityTicks

Shuffle Automation: Open-source security automation platform 2024-07-22 at 07:01 By Mirko Zorz Shuffle is an open-source automation platform designed by and for security professionals. While security operations are inherently complex, Shuffle simplifies the process. It’s designed to integrate with Managed Security Service Providers (MSSPs) and other service providers. Key features Feature-rich workflow editor. App creator

React to this headline:

Shuffle Automation: Open-source security automation platform Read More »

Grype: Open-source vulnerability scanner for container images, filesystems

cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, penetration testing, scanning, software / SecurityTicks

Grype: Open-source vulnerability scanner for container images, filesystems 2024-07-18 at 06:31 By Help Net Security Grype is an open-source vulnerability scanner designed for container images and filesystems that seamlessly integrates with Syft, a powerful Software Bill of Materials (SBOM) tool. Find vulnerabilities for major operating system packages Alpine Amazon Linux BusyBox CentOS CBL-Mariner Debian Distroless

React to this headline:

Grype: Open-source vulnerability scanner for container images, filesystems Read More »

Signatures should become cloud security history

cloud security, cybersecurity, Don't miss, Hot stuff, open source, RAD Security, standards, threat detection, Video / SecurityTicks

Signatures should become cloud security history 2024-07-18 at 06:01 By Help Net Security It’s becoming evident that the legacy practice of signature-based threat detection needs to be improved for cloud security challenges. In this Help Net Security video, Jimmy Mesta, CTO at RAD Security, discusses a new proposed standard for creating behavioral fingerprints of open-source

React to this headline:

Signatures should become cloud security history Read More »

SubSnipe: Open-source tool for finding subdomains vulnerable to takeover

cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, penetration testing, software / SecurityTicks

SubSnipe: Open-source tool for finding subdomains vulnerable to takeover 2024-07-17 at 07:01 By Mirko Zorz SubSnipe is an open-source, multi-threaded tool to help find subdomains vulnerable to takeover. It’s simpler, produces better output, and has more fingerprints than other subdomain takeover tools. “SubSnipe does some additional verification after the fingerprinting to find candidates more likely

React to this headline:

SubSnipe: Open-source tool for finding subdomains vulnerable to takeover Read More »