penetration testing

Damn Vulnerable RESTaurant: Open-source API service designed for learning

API security, cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, penetration testing, skill development /

Damn Vulnerable RESTaurant: Open-source API service designed for learning 2024-04-17 at 07:01 By Mirko Zorz Damn Vulnerable RESTaurant is an open-source project that allows developers to learn to identify and fix security vulnerabilities in their code through an interactive game. “I wanted to create a generic playground for ethical hackers, developers, and security engineers where […]

React to this headline:

Loading spinner

Damn Vulnerable RESTaurant: Open-source API service designed for learning Read More »

You Against the World: The Offenders Dilemma

Network Security, penetration testing, pentesting, Risk Management /

You Against the World: The Offenders Dilemma 2024-04-16 at 14:46 By Tom Eston Foreign attackers have many more toolsets at their disposal, so we need to make sure we’re selective about our modeling, preparation and how we assess and fortify ourselves. The post You Against the World: The Offenders Dilemma appeared first on SecurityWeek. This

React to this headline:

Loading spinner

You Against the World: The Offenders Dilemma Read More »

How can the energy sector bolster its resilience to ransomware attacks?

access management, cybercriminals, cybersecurity, Delinea, Don't miss, energy sector, Expert analysis, Expert corner, Hot stuff, identity management, News, opinion, penetration testing, Ransomware, strategy /

How can the energy sector bolster its resilience to ransomware attacks? 2024-04-08 at 08:01 By Help Net Security Since it plays a vital role in every functioning society, the energy sector has always been a prime target for state-backed cybercriminals. The cyber threats targeting this industry have grown significantly in recent years, as geopolitical tensions

React to this headline:

Loading spinner

How can the energy sector bolster its resilience to ransomware attacks? Read More »

How to design and deliver an effective cybersecurity exercise

cyberattacks, cybersecurity, digital transformation, Don't miss, Expert analysis, Expert corner, Hot stuff, Incident Response, Information Security Forum, News, opinion, penetration testing, red team /

How to design and deliver an effective cybersecurity exercise 2024-04-01 at 07:04 By Help Net Security Armed forces have always utilized war-gaming exercises for battlefield training to prepare for times of conflict. With today’s digital transformation, the same concept is being applied in the form of cybersecurity exercises – tests and simulations based on plausible

React to this headline:

Loading spinner

How to design and deliver an effective cybersecurity exercise Read More »

Drozer: Open-source Android security assessment framework

Android, Application Security, Don't miss, GitHub, Hot stuff, mobile security, News, open source, penetration testing, software, WithSecure /

Drozer: Open-source Android security assessment framework 2024-03-27 at 06:32 By Mirko Zorz Drozer is an open-source security testing framework for Android, whose primary purpose is to make the life of mobile application security testers easier. Drozer features The solution enables the identification of security vulnerabilities in applications and devices by taking on the role of

React to this headline:

Loading spinner

Drozer: Open-source Android security assessment framework Read More »

20 essential open-source cybersecurity tools that save you time

cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, penetration testing, software /

20 essential open-source cybersecurity tools that save you time 2024-03-25 at 08:01 By Mirko Zorz Open-source software’s adaptive nature ensures its durability, relevance, and compatibility with new technologies. When I started digging deeper into the open-source cybersecurity ecosystem, I discovered an engaged community of developers working to find practical solutions to many problems, one of

React to this headline:

Loading spinner

20 essential open-source cybersecurity tools that save you time Read More »

WebCopilot: Open-source automation tool enumerates subdomains, detects bugs

cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, penetration testing, scanning, software /

WebCopilot: Open-source automation tool enumerates subdomains, detects bugs 2024-03-21 at 07:31 By Mirko Zorz WebCopilot is an open-source automation tool that enumerates a target’s subdomains and discovers bugs using various free tools. It simplifies the application security workflow and reduces reliance on manual scripting. “I built this solution to streamline the application security process, specifically

React to this headline:

Loading spinner

WebCopilot: Open-source automation tool enumerates subdomains, detects bugs Read More »

Quicmap: Fast, open-source QUIC protocol scanner

Don't miss, GitHub, networking, News, open source, penetration testing, scanning, software /

Quicmap: Fast, open-source QUIC protocol scanner 2024-03-18 at 12:01 By Mirko Zorz Quicmap is a fast, open-source QUIC service scanner that streamlines the process by eliminating multiple tool requirements. It effectively identifies QUIC services, the protocol version, and the supported ALPNs. “As I started researching the QUIC protocol, I noticed that my favorite scanner had

React to this headline:

Loading spinner

Quicmap: Fast, open-source QUIC protocol scanner Read More »

What organizations need to know about the Digital Operational Resilience Act (DORA)

auditing, Compliance, cybersecurity, Don't miss, EU, Features, Hot stuff, Kyndryl, News, opinion, penetration testing, regulation, resilience, Risk Management /

What organizations need to know about the Digital Operational Resilience Act (DORA) 2024-03-05 at 06:31 By Mirko Zorz In this Help Net Security interview, Kris Lovejoy, Global Security and Resilience Leader at Kyndryl, discusses the impact of the Digital Operational Resilience Act (DORA) on organizations across the EU, particularly in ICT risk management and cybersecurity.

React to this headline:

Loading spinner

What organizations need to know about the Digital Operational Resilience Act (DORA) Read More »

Kali Linux 2024.1 released: New tools, new look, new Kali Nethunter kernels

Don't miss, Hot stuff, Kali Linux, News, OffSec, penetration testing /

Kali Linux 2024.1 released: New tools, new look, new Kali Nethunter kernels 2024-02-29 at 12:35 By Zeljka Zorz OffSec has released Kali Linux 2024.1, the latest version of its popular penetration testing and digital forensics platform. The new version comes with new tools, a fresh look (themes, wallpapers and icons for Kali and Kali Purple),

React to this headline:

Loading spinner

Kali Linux 2024.1 released: New tools, new look, new Kali Nethunter kernels Read More »

BobTheSmuggler: Open-source tool for undetectable payload delivery

cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, penetration testing, software /

BobTheSmuggler: Open-source tool for undetectable payload delivery 2024-02-29 at 08:03 By Mirko Zorz BobTheSmuggler is an open-source tool designed to easily compress, encrypt, and securely transport your payload. It basically enables you to hide a payload in plain sight. BobTheSmuggler is helpful in phishing campaign assessments, data exfiltration exercises, and assumed breach scenarios. Features Hiding

React to this headline:

Loading spinner

BobTheSmuggler: Open-source tool for undetectable payload delivery Read More »

Web Check: Open-source intelligence for any website

cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, OSINT, penetration testing, web analytics, web technologies /

Web Check: Open-source intelligence for any website 2024-02-26 at 08:02 By Mirko Zorz Web Check offers thorough open-source intelligence and enables users to understand a website’s infrastructure and security posture, equipping them with the knowledge to understand, optimize, and secure their online presence. Unlike similar services, Web Check is free. There’s no signup, tracking, logging,

React to this headline:

Loading spinner

Web Check: Open-source intelligence for any website Read More »

How purple teaming enhances inter-team collaboration and effectiveness in cybersecurity

AttackIQ, collaboration, cybersecurity, Don't miss, Hot stuff, penetration testing, red team, security controls, Video /

How purple teaming enhances inter-team collaboration and effectiveness in cybersecurity 2024-02-13 at 07:01 By Help Net Security In this Help Net Security video, Andrew Costis, Chapter Lead of the Adversary Research Team at AttackIQ, discusses how purple teaming allows security teams to break down barriers between teams and increase operational effectiveness. It’s no longer about

React to this headline:

Loading spinner

How purple teaming enhances inter-team collaboration and effectiveness in cybersecurity Read More »

Faction: Open-source pentesting report generation and collaboration framework

Don't miss, GitHub, News, open source, penetration testing, report, software /

Faction: Open-source pentesting report generation and collaboration framework 2024-01-30 at 07:31 By Mirko Zorz Faction is an open-source solution that enables pentesting report generation and assessment collaboration. Josh Summitt, the creator of Faction, has always disliked the process of writing reports, preferring to focus on uncovering bugs. A key frustration for him was the redundant

React to this headline:

Loading spinner

Faction: Open-source pentesting report generation and collaboration framework Read More »

CloudFoxable: Open-source AWS penetration testing playground

AWS, Bishop Fox, cybersecurity, News, penetration testing, research, skill development, software /

CloudFoxable: Open-source AWS penetration testing playground 2024-01-22 at 07:02 By Mirko Zorz CloudFoxable is a capture-the-flag (CTF) style learning platform you can deploy to your playground AWS account. It primarily targets current penetration testers seeking to learn exploitation of cloud-native attack paths, and cloud security experts aiming to practice offensive security techniques safely. “What makes

React to this headline:

Loading spinner

CloudFoxable: Open-source AWS penetration testing playground Read More »

Purple teaming and the role of threat categorization

cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, penetration testing, red team, SpecterOps, threats /

Purple teaming and the role of threat categorization 2024-01-11 at 07:31 By Help Net Security Organizations constantly work to ensure optimal threat detection and prevention across their systems. One question gets asked repeatedly: “Can we detect the threats we’re supposed to be able to detect?” Red team assessment, penetration testing, and even purple team assessments

React to this headline:

Loading spinner

Purple teaming and the role of threat categorization Read More »

Embracing offensive cybersecurity tactics for defense against dynamic threats

bug bounty, cloud computing, cybersecurity, Don't miss, Features, Hot stuff, opinion, penetration testing, red team, regulation, SIX, strategy, Threat Intelligence /

Embracing offensive cybersecurity tactics for defense against dynamic threats 2024-01-11 at 07:02 By Mirko Zorz In this Help Net Security, Alexander Hagenah, Head of Cyber Controls at SIX, discusses the critical steps in creating effective offensive security operations and their impact on organizational security strategies. What are the critical steps in creating effective offensive security

React to this headline:

Loading spinner

Embracing offensive cybersecurity tactics for defense against dynamic threats Read More »

Product showcase: ImmuniWeb AI Platform

Artificial Intelligence, cybersecurity, ImmuniWeb, News, penetration testing, Product showcase, software /

Product showcase: ImmuniWeb AI Platform 20/12/2023 at 08:31 By Help Net Security ImmuniWeb is a global application security company that currently serves over 1,000 customers from more than 50 countries. ImmuniWeb AI Platform has received numerous prestigious awards and industry recognitions for intelligent automation and acceleration of application security testing, which delivers better quality of

React to this headline:

Loading spinner

Product showcase: ImmuniWeb AI Platform Read More »

EMBA: Open-source security analyzer for embedded devices

cybersecurity, Don't miss, embedded systems, GitHub, News, open source, penetration testing, software /

EMBA: Open-source security analyzer for embedded devices 19/12/2023 at 08:02 By Mirko Zorz The EMBA open-source security analyzer is tailored as the central firmware analysis tool for penetration testers and product security groups. It assists throughout the security evaluation procedure, extracting firmware, conducting static and dynamic analysis through emulation, and creating a web-based report. EMBA

React to this headline:

Loading spinner

EMBA: Open-source security analyzer for embedded devices Read More »

CISA Flags Gaps in Healthcare Org’s Security Posture, Issues Security Guidance

CISA, healthcare, Network Security, penetration testing, Vulnerabilities /

CISA Flags Gaps in Healthcare Org’s Security Posture, Issues Security Guidance 18/12/2023 at 18:16 By Ionut Arghire The US cybersecurity agency CISA issues cybersecurity recommendations for the healthcare and public health sector. The post CISA Flags Gaps in Healthcare Org’s Security Posture, Issues Security Guidance appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

CISA Flags Gaps in Healthcare Org’s Security Posture, Issues Security Guidance Read More »

Scroll to Top