software

Automated Emulation: Open-source breach and attack simulation lab

cybersecurity, Don't miss, GitHub, News, open source, software, Terraform /

Automated Emulation: Open-source breach and attack simulation lab 2024-01-25 at 07:31 By Mirko Zorz Automated Emulation is an open-source Terraform template designed to create a customizable, automated breach and attack simulation lab. The solution automatically constructs the following resources hosted on AWS: One Linux server deploying Caldera, Prelude Operator Headless, and VECTR One Windows Client […]

React to this headline:

Loading spinner

Automated Emulation: Open-source breach and attack simulation lab Read More »

CISOs’ role in identifying tech components and managing supply chains

Artificial Intelligence, CISO, cybersecurity, Don't miss, Eclypsium, Features, hardware, Hot stuff, News, opinion, regulation, software, strategy, supply chain /

CISOs’ role in identifying tech components and managing supply chains 2024-01-25 at 07:01 By Mirko Zorz In this Help Net Security interview, Nate Warfield, Director of Threat Research and Intelligence at Eclypsium, outlines the crucial tasks for CISOs in protecting supply chains and achieving comprehensive visibility. Warfield also discusses the vital collaboration between security and

React to this headline:

Loading spinner

CISOs’ role in identifying tech components and managing supply chains Read More »

Software supply chain attacks are getting easier

cybercrime, cybersecurity, Don't miss, News, open source, report, ReversingLabs, software, supply chain attacks, survey /

Software supply chain attacks are getting easier 2024-01-24 at 06:03 By Help Net Security ReversingLabs identified close to 11,200 unique malicious packages across three major open-source software platforms in 2023: npm, PyPI, and RubyGems. These findings mark an astounding 1,300% increase in malicious packages from 2020 and an increase of 28% over 2022 when a

React to this headline:

Loading spinner

Software supply chain attacks are getting easier Read More »

CloudFoxable: Open-source AWS penetration testing playground

AWS, Bishop Fox, cybersecurity, News, penetration testing, research, skill development, software /

CloudFoxable: Open-source AWS penetration testing playground 2024-01-22 at 07:02 By Mirko Zorz CloudFoxable is a capture-the-flag (CTF) style learning platform you can deploy to your playground AWS account. It primarily targets current penetration testers seeking to learn exploitation of cloud-native attack paths, and cloud security experts aiming to practice offensive security techniques safely. “What makes

React to this headline:

Loading spinner

CloudFoxable: Open-source AWS penetration testing playground Read More »

Skytrack: Open-source aircraft reconnaissance tool

Don't miss, GitHub, News, open source, OSINT, software /

Skytrack: Open-source aircraft reconnaissance tool 2024-01-18 at 07:31 By Mirko Zorz Skytrack is an open-source command-line tool for plane spotting and aircraft OSINT reconnaissance. The tool utilizes multiple data sources to collect information on aircraft, can produce a PDF report for a specific aircraft, and offers conversion between ICAO and Tail Number designations. Suitable for

React to this headline:

Loading spinner

Skytrack: Open-source aircraft reconnaissance tool Read More »

Tsurugi Linux: Tailoring user experience for digital forensics and OSINT investigations

cybersecurity, DFIR, Linux, News, open source, software /

Tsurugi Linux: Tailoring user experience for digital forensics and OSINT investigations 2024-01-16 at 06:31 By Mirko Zorz Tsurugi Linux is a heavily customized open-source distribution focused on supporting DFIR investigations. The project focuses mainly on live forensics analysis, post-mortem analysis, and digital evidence acquisition. Users can also perform malware analysis, OSINT and computer vision activities.

React to this headline:

Loading spinner

Tsurugi Linux: Tailoring user experience for digital forensics and OSINT investigations Read More »

Adalanche: Open-source Active Directory ACL visualizer, explorer

Active Directory, cybersecurity, GitHub, News, open source, software /

Adalanche: Open-source Active Directory ACL visualizer, explorer 2024-01-15 at 07:01 By Mirko Zorz Adalanche provides immediate insights into the permissions of users and groups within an Active Directory. It’s an effective open-source tool for visualizing and investigating potential account, machine, or domain takeovers. Additionally, it helps identify and display any misconfigurations. What unique features make

React to this headline:

Loading spinner

Adalanche: Open-source Active Directory ACL visualizer, explorer Read More »

Fly Catcher: Detect aircraft spoofing by monitoring for malicious signals

cybersecurity, Don't miss, GitHub, hardware, Hot stuff, News, open source, Raspberry Pi, reconnaissance, software /

Fly Catcher: Detect aircraft spoofing by monitoring for malicious signals 2024-01-10 at 07:02 By Mirko Zorz Fly Catcher is an open-source device that can detect aircraft spoofing by monitoring for malicious ADS-B signals in the 1090MHz frequency. Angelina Tsuboi, the developer of Fly Catcher, is an enthusiastic pilot, cybersecurity researcher, and tinkerer. She was driven

React to this headline:

Loading spinner

Fly Catcher: Detect aircraft spoofing by monitoring for malicious signals Read More »

Researchers develop technique to prevent software bugs

Artificial Intelligence, code, Google, human error, News, software /

Researchers develop technique to prevent software bugs 2024-01-10 at 06:01 By Help Net Security A team of computer scientists led by the University of Massachusetts Amherst recently announced a new method for automatically generating whole proofs that can be used to prevent software bugs and verify that the underlying code is correct. This new method,

React to this headline:

Loading spinner

Researchers develop technique to prevent software bugs Read More »

AuthLogParser: Open-source tool for analyzing Linux authentication logs

cybersecurity, Don't miss, GitHub, Hot stuff, Linux, News, open source, software /

AuthLogParser: Open-source tool for analyzing Linux authentication logs 2024-01-08 at 07:31 By Mirko Zorz AuthLogParser is an open-source tool tailored for digital forensics and incident response, specifically crafted to analyze Linux authentication logs (auth.log). The tool examines the auth.log file, extracting crucial details like SSH logins, user creations, event names, IP addresses, among others. It

React to this headline:

Loading spinner

AuthLogParser: Open-source tool for analyzing Linux authentication logs Read More »

Vim 9.1 released: New features and bug fixes

News, open source, software, Unix /

Vim 9.1 released: New features and bug fixes 2024-01-08 at 06:31 By Help Net Security Vim, a highly adaptable text editor, is designed to efficiently create and modify all types of text. It comes included as vi in most UNIX systems and macOS. Renowned for its rock-solid stability, Vim is constantly evolving to improve further,

React to this headline:

Loading spinner

Vim 9.1 released: New features and bug fixes Read More »

DriveFS Sleuth: Open-source tool for investigating Google Drive File Stream’s disk forensic artifacts

cloud security, computer forensics, Don't miss, GitHub, Google Drive, News, open source, software /

DriveFS Sleuth: Open-source tool for investigating Google Drive File Stream’s disk forensic artifacts 2024-01-04 at 07:31 By Mirko Zorz DriveFS Sleuth automates the investigation of Google Drive File Stream disk artifacts. The tool can parse the disk artifacts and build a filesystem tree-like structure enumerating the synchronized files along with their respective properties. “While engaged

React to this headline:

Loading spinner

DriveFS Sleuth: Open-source tool for investigating Google Drive File Stream’s disk forensic artifacts Read More »

Product showcase: DCAP solution FileAuditor for data classification and access rights audit

cybersecurity, News, Product showcase, SearchInform, software /

Product showcase: DCAP solution FileAuditor for data classification and access rights audit 21/12/2023 at 14:02 By Help Net Security The concept of DCAP solutions was introduced by Gartner experts, as it was clear, that without such solutions information security (IS) specialists would not be able to cope with the protection of data in various silos

React to this headline:

Loading spinner

Product showcase: DCAP solution FileAuditor for data classification and access rights audit Read More »

Product showcase: ImmuniWeb AI Platform

Artificial Intelligence, cybersecurity, ImmuniWeb, News, penetration testing, Product showcase, software /

Product showcase: ImmuniWeb AI Platform 20/12/2023 at 08:31 By Help Net Security ImmuniWeb is a global application security company that currently serves over 1,000 customers from more than 50 countries. ImmuniWeb AI Platform has received numerous prestigious awards and industry recognitions for intelligent automation and acceleration of application security testing, which delivers better quality of

React to this headline:

Loading spinner

Product showcase: ImmuniWeb AI Platform Read More »

Subdominator: Open-source tool for detecting subdomain takeovers

cybersecurity, Don't miss, GitHub, News, open source, software, Stratus /

Subdominator: Open-source tool for detecting subdomain takeovers 20/12/2023 at 07:01 By Mirko Zorz Subdominator is a dependable and fast open-source command-line interface tool to identify subdomain takeovers. It boasts superior accuracy and reliability, offering improvements compared to other tools. “Initially, Subdominator was created internally because all the current subdomain takeover tools had gaps in their

React to this headline:

Loading spinner

Subdominator: Open-source tool for detecting subdomain takeovers Read More »

EMBA: Open-source security analyzer for embedded devices

cybersecurity, Don't miss, embedded systems, GitHub, News, open source, penetration testing, software /

EMBA: Open-source security analyzer for embedded devices 19/12/2023 at 08:02 By Mirko Zorz The EMBA open-source security analyzer is tailored as the central firmware analysis tool for penetration testers and product security groups. It assists throughout the security evaluation procedure, extracting firmware, conducting static and dynamic analysis through emulation, and creating a web-based report. EMBA

React to this headline:

Loading spinner

EMBA: Open-source security analyzer for embedded devices Read More »

Correct bad network behavior to bolster application experience

cybersecurity, Don't miss, Expert analysis, Expert corner, firewall, Hot stuff, monitoring, network, News, opinion, Progress, software /

Correct bad network behavior to bolster application experience 18/12/2023 at 08:31 By Help Net Security Legacy hardware-based applications existed happily in isolation, untethered from a network. The thing that really mattered was the speed of the hard drive and having enough memory. Today, even the software running from personal hard drives relies on other applications

React to this headline:

Loading spinner

Correct bad network behavior to bolster application experience Read More »

Microsoft ICSpector: A leap forward in industrial PLC metadata analysis

GitHub, Microsoft, News, open source, software /

Microsoft ICSpector: A leap forward in industrial PLC metadata analysis 14/12/2023 at 07:33 By Help Net Security Microsoft ICSpector is an open-source forensics framework that enables the analysis of industrial PLC metadata and project files. Architecture The framework provides investigators with a convenient way to scan for PLCs and identify any suspicious artifacts within ICS

React to this headline:

Loading spinner

Microsoft ICSpector: A leap forward in industrial PLC metadata analysis Read More »

Nemesis: Open-source offensive data enrichment and analytic pipeline

cybersecurity, data, Don't miss, GitHub, Hot stuff, News, open source, scanning, software, SpecterOps /

Nemesis: Open-source offensive data enrichment and analytic pipeline 12/12/2023 at 07:32 By Mirko Zorz Nemesis is a centralized data processing platform that ingests, enriches, and performs analytics on offensive security assessment data (i.e., data collected during penetration tests and red team engagements).​​ Nemesis was created by Lee Chagolla-Christensen and Will Schroeder, both security researchers at

React to this headline:

Loading spinner

Nemesis: Open-source offensive data enrichment and analytic pipeline Read More »

SCS 9001 2.0 reveals enhanced controls for global supply chains

critical infrastructure, cybersecurity, Don't miss, Features, Government, Hot stuff, legislation, News, opinion, regulation, software, standards, supply chain, TIA /

SCS 9001 2.0 reveals enhanced controls for global supply chains 11/12/2023 at 08:31 By Mirko Zorz In this Help Net Security interview, Mike Regan, VP of Business Performance at TIA, discusses SCS 9001 Release 2.0, a certifiable standard crafted to assist organizations in operationalizing the NIST and other government guidelines and frameworks. Enhancing its predecessor,

React to this headline:

Loading spinner

SCS 9001 2.0 reveals enhanced controls for global supply chains Read More »

Scroll to Top