red team - Security Ticks

Cervantes: Open-source, collaborative platform for pentesters and red teams

cybersecurity, Don't miss, GitHub, News, open source, OWASP, penetration testing, red team, software / SecurityTicks

Cervantes: Open-source, collaborative platform for pentesters and red teams 2025-07-23 at 08:31 By Mirko Zorz Cervantes is an open-source collaborative platform built for pentesters and red teams. It offers a centralized workspace to manage projects, clients, vulnerabilities, and reports, all in one place. By streamlining data organization and team coordination, it helps reduce the time […]

React to this headline:

Cervantes: Open-source, collaborative platform for pentesters and red teams Read More »

GitPhish: Open-source GitHub device code flow security assessment tool

Don't miss, GitHub, News, open source, Praetorian, red team, software / SecurityTicks

GitPhish: Open-source GitHub device code flow security assessment tool 2025-07-03 at 09:30 By Help Net Security GitPhish is an open-source security research tool built to replicate GitHub’s device code authentication flow. It features three core operating modes: an authentication server, automated landing page deployment, and an administrative management interface. GitPhish can be accessed via a

React to this headline:

GitPhish: Open-source GitHub device code flow security assessment tool Read More »

Red Teaming AI: The Build Vs Buy Debate

AI, Artificial Intelligence, generative AI, red team, Red Teaming / SecurityTicks

Red Teaming AI: The Build Vs Buy Debate 2025-06-16 at 13:02 By Matt Honea A strong AI deployment starts with asking the right questions, mapping your risks, and thinking like an adversary — before it’s too late. The post Red Teaming AI: The Build Vs Buy Debate appeared first on SecurityWeek. This article is an

React to this headline:

Red Teaming AI: The Build Vs Buy Debate Read More »

Woodpecker: Open-source red teaming for AI, Kubernetes, APIs

Don't miss, GitHub, News, open source, Operant AI, red team, software / SecurityTicks

Woodpecker: Open-source red teaming for AI, Kubernetes, APIs 2025-05-28 at 08:17 By Mirko Zorz Woodpecker is an open-source tool that automates red teaming, making advanced security testing easier and more accessible. It helps teams find and fix security weaknesses in AI systems, Kubernetes environments, and APIs before attackers can exploit them. Key features of Woodpecker

React to this headline:

Woodpecker: Open-source red teaming for AI, Kubernetes, APIs Read More »

How do You Know if You’re Ready for a Red Team Partnership?

Network Security, red team, Risk Management / SecurityTicks

How do You Know if You’re Ready for a Red Team Partnership? 2025-04-29 at 19:23 By Trevin Edgeworth Before engaging in a full-scope exercise, it’s important to assess whether your program, people and processes are truly ready. The post How do You Know if You’re Ready for a Red Team Partnership? appeared first on SecurityWeek.

React to this headline:

How do You Know if You’re Ready for a Red Team Partnership? Read More »

MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364)

CVE, Don't miss, Hot stuff, MITRE, News, open source, PoC, red team, training / SecurityTicks

MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) 2025-02-28 at 17:03 By Zeljka Zorz Users of the MITRE Caldera cyber security platform have been urged to plug a critical hole (CVE-2025–27364) that may allow unauthenticated attackers to achieve remote code execution. About MITRE Caldera MITRE Caldera is a platform built on the

React to this headline:

MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) Read More »

Offensive AI Startup Dreadnode Secures $14M to Stress-Test AI Systems

AI Automation, Artificial Intelligence, Decibel, Dreadnode, Funding/M&A, Offensive Security, red team, Series A / SecurityTicks

Offensive AI Startup Dreadnode Secures $14M to Stress-Test AI Systems 2025-02-25 at 19:11 By Ryan Naraine Dreadnode is building “offensive machine learning” tools to safely simulate how AI models might be exploited in the wild. The post Offensive AI Startup Dreadnode Secures $14M to Stress-Test AI Systems appeared first on SecurityWeek. This article is an

React to this headline:

Offensive AI Startup Dreadnode Secures $14M to Stress-Test AI Systems Read More »

EchoStrike: Generate undetectable reverse shells, perform process injection

cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, penetration testing, red team, software, Windows / SecurityTicks

EchoStrike: Generate undetectable reverse shells, perform process injection 2024-09-16 at 07:31 By Mirko Zorz EchoStrike is an open-source tool designed to generate undetectable reverse shells and execute process injection on Windows systems. “EchoStrike allows you to generate binaries that, when executed, create an undetectable RevShell, which can be the first entry point into a company.

React to this headline:

EchoStrike: Generate undetectable reverse shells, perform process injection Read More »

Realm: Open-source adversary emulation framework

cybersecurity, Don't miss, GitHub, Hot stuff, News, open source, red team, software / SecurityTicks

Realm: Open-source adversary emulation framework 2024-07-15 at 07:32 By Mirko Zorz Realm is an open-source adversary emulation framework emphasizing scalability, reliability, and automation. It’s designed to handle engagements of any size. “Realm is unique in its custom interpreter written in Rust. This allows us to write complex TTPs as code. With these actions as code,

React to this headline:

Realm: Open-source adversary emulation framework Read More »

CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency

Application Security, attack surface management, CISA, Government, Incident Response, red team, spear-phishing / SecurityTicks

CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency 2024-07-12 at 17:31 By Ionut Arghire CISA says a SILENTSHIELD red team assessment found gaping holes in the security posture of a federal civilian executive branch organization. The post CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency appeared first on SecurityWeek.

React to this headline:

CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency Read More »

Red teaming: The key ingredient for responsible AI

Artificial Intelligence, bug bounty, cybersecurity, Don't miss, Expert analysis, Expert corner, hacker, HackerOne, Hot stuff, News, opinion, red team, regulation / SecurityTicks

Red teaming: The key ingredient for responsible AI 2024-05-13 at 08:31 By Help Net Security Developing responsible AI isn’t a straightforward proposition. On one side, organizations are striving to stay at the forefront of technological advancement. On the other hand, they must ensure strict compliance with ethical standards and regulatory requirements. Organizations attempting to balance

React to this headline:

Red teaming: The key ingredient for responsible AI Read More »

LSA Whisperer: Open-source tools for interacting with authentication packages

cybersecurity, GitHub, Microsoft, News, open source, red team, software / SecurityTicks

LSA Whisperer: Open-source tools for interacting with authentication packages 2024-04-26 at 07:32 By Mirko Zorz LSA Whisperer consists of open-source tools designed to interact with authentication packages through their unique messaging protocols. Support is currently provided for the cloudap, kerberos, msv1_0, negotiate, pku2u, schannel packages and cloudap’s AzureAD plugin. Partial or unstable support is provided

React to this headline:

LSA Whisperer: Open-source tools for interacting with authentication packages Read More »

5 free red teaming resources to get you started

cybersecurity, Don't miss, GitHub, Hot stuff, how-to, News, red team, strategy, tips / SecurityTicks

5 free red teaming resources to get you started 2024-04-16 at 07:32 By Help Net Security Red teaming is evaluating the effectiveness of your cybersecurity by eliminating defender bias and adopting an adversarial perspective within your organization. Tactics may include anything from social engineering to physical security breaches to simulate a real-world advanced persistent threat.

React to this headline:

5 free red teaming resources to get you started Read More »

How to design and deliver an effective cybersecurity exercise

cyberattacks, cybersecurity, digital transformation, Don't miss, Expert analysis, Expert corner, Hot stuff, Incident Response, Information Security Forum, News, opinion, penetration testing, red team / SecurityTicks

How to design and deliver an effective cybersecurity exercise 2024-04-01 at 07:04 By Help Net Security Armed forces have always utilized war-gaming exercises for battlefield training to prepare for times of conflict. With today’s digital transformation, the same concept is being applied in the form of cybersecurity exercises – tests and simulations based on plausible

React to this headline:

How to design and deliver an effective cybersecurity exercise Read More »

Red teaming in the AI era

Artificial Intelligence, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Lakera, News, opinion, red team, software / SecurityTicks

Red teaming in the AI era 2024-03-20 at 07:31 By Help Net Security As AI gets baked into enterprise tech stacks, AI applications are becoming prime targets for cyber attacks. In response, many cybersecurity teams are adapting existing cybersecurity practices to mitigate these new threats. One such practice measure is red teaming: the effort to

React to this headline:

Red teaming in the AI era Read More »

PyRIT: Open-source framework to find risks in generative AI systems

Adversa AI, AppOmni, Artificial Intelligence, cybersecurity, Don't miss, generative AI, Hot stuff, Microsoft, News, open source, Python, red team, software / SecurityTicks

PyRIT: Open-source framework to find risks in generative AI systems 2024-03-04 at 08:02 By Mirko Zorz Python Risk Identification Tool (PyRIT) is Microsoft’s open-source automation framework that enables security professionals and machine learning engineers to find risks in generative AI systems. PyRIT has been battle-tested by Microsoft’s AI red team. It started as a collection

React to this headline:

PyRIT: Open-source framework to find risks in generative AI systems Read More »

Artificial Arms Race: What Can Automation and AI do to Advance Red Teams

AI, Artificial Intelligence, automation, Network Security, red team / SecurityTicks

Artificial Arms Race: What Can Automation and AI do to Advance Red Teams 2024-02-27 at 14:31 By Tom Eston The best Red Team engagements are a balanced mix of technology, tools and human operators. The post Artificial Arms Race: What Can Automation and AI do to Advance Red Teams appeared first on SecurityWeek. This article

React to this headline:

Artificial Arms Race: What Can Automation and AI do to Advance Red Teams Read More »

Microsoft Releases Red Teaming Tool for Generative AI

AI, Artificial Intelligence, Microsoft, red team / SecurityTicks

Microsoft Releases Red Teaming Tool for Generative AI 2024-02-23 at 12:31 By Ionut Arghire Microsoft releases PyRIT red teaming tool to help identify risks in generative AI through automation. The post Microsoft Releases Red Teaming Tool for Generative AI appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Microsoft Releases Red Teaming Tool for Generative AI Read More »

How purple teaming enhances inter-team collaboration and effectiveness in cybersecurity

AttackIQ, collaboration, cybersecurity, Don't miss, Hot stuff, penetration testing, red team, security controls, Video / SecurityTicks

How purple teaming enhances inter-team collaboration and effectiveness in cybersecurity 2024-02-13 at 07:01 By Help Net Security In this Help Net Security video, Andrew Costis, Chapter Lead of the Adversary Research Team at AttackIQ, discusses how purple teaming allows security teams to break down barriers between teams and increase operational effectiveness. It’s no longer about

React to this headline:

How purple teaming enhances inter-team collaboration and effectiveness in cybersecurity Read More »

Enhancing adversary simulations: Learn the business to attack the business

attacks, cybersecurity, Don't miss, DVULN, Features, Hot stuff, News, red team, strategy / SecurityTicks

Enhancing adversary simulations: Learn the business to attack the business 2024-02-07 at 07:01 By Mirko Zorz In this Help Net Security interview, Jamieson O’Reilly, Founder of DVULN, discusses adversary simulations, shedding light on challenges rooted in human behavior, decision-making, and responses to evolving cyber threats. Unveiling the interplay between red and blue teams, O’Reilly talks

React to this headline:

Enhancing adversary simulations: Learn the business to attack the business Read More »