software

BadDNS: Open-source tool checks for subdomain takeovers

Don't miss, GitHub, News, open source, penetration testing, scanning, software /

BadDNS: Open-source tool checks for subdomain takeovers 2025-02-03 at 07:03 By Mirko Zorz BadDNS is an open-source Python DNS auditing tool designed to detect domain and subdomain takeovers of all types. BadDNS modules cname – Check for dangling CNAME records and interrogate them for subdomain takeover opportunities ns – Check for dangling NS records and […]

React to this headline:

Loading spinner

BadDNS: Open-source tool checks for subdomain takeovers Read More »

ExtensionHound: Open-source tool for Chrome extension DNS forensics

Chrome, computer forensics, DNS, Don't miss, GitHub, News, open source, software /

ExtensionHound: Open-source tool for Chrome extension DNS forensics 2025-01-30 at 07:03 By Mirko Zorz Traditional monitoring tools reveal only traffic from the Chrome process, leaving security teams uncertain about which extension is responsible for a suspicious DNS query. ExtensionHound solves this by analyzing Chrome’s internal network state and linking DNS activity to specific extensions. ExtensionHound

React to this headline:

Loading spinner

ExtensionHound: Open-source tool for Chrome extension DNS forensics Read More »

BloodyAD: Open-source Active Directory privilege escalation framework

Active Directory, Don't miss, GitHub, News, open source, software /

BloodyAD: Open-source Active Directory privilege escalation framework 2025-01-28 at 07:00 By Mirko Zorz BloodyAD is an open-source Active Directory privilege escalation framework that uses specialized LDAP calls to interact with domain controllers. It enables various privilege escalation techniques within Active Directory environments. Features “I created this tool because I do a lot of internal testing

React to this headline:

Loading spinner

BloodyAD: Open-source Active Directory privilege escalation framework Read More »

Don’t let these open-source cybersecurity tools slip under your radar

Android, cybersecurity, Don't miss, GitHub, Hot stuff, Linux, macOS, News, open source, software, Windows /

Don’t let these open-source cybersecurity tools slip under your radar 2025-01-27 at 07:07 By Help Net Security This article showcases free, open-source cybersecurity tools that help you identify and address vulnerabilities, detect intrusion, protect websites from cyber attacks, monitor and detect suspicious activities across your network. Am I Isolated: Open-source container security benchmark Am I

React to this headline:

Loading spinner

Don’t let these open-source cybersecurity tools slip under your radar Read More »

GUI frontends for GnuPG, the free implementation of the OpenPGP standard

Don't miss, Encryption, GitHub, Linux, News, open source, software /

GUI frontends for GnuPG, the free implementation of the OpenPGP standard 2025-01-24 at 07:20 By Help Net Security GnuPG is a free and comprehensive implementation of the OpenPGP standard. It enables encryption and signing of data and communications, featuring a key management system and support for public key directories. While primarily a command-line tool, GnuPG

React to this headline:

Loading spinner

GUI frontends for GnuPG, the free implementation of the OpenPGP standard Read More »

Web Cache Vulnerability Scanner: Open-source tool for detecting web cache poisoning

Don't miss, GitHub, News, open source, software /

Web Cache Vulnerability Scanner: Open-source tool for detecting web cache poisoning 2025-01-23 at 07:03 By Help Net Security The Web Cache Vulnerability Scanner (WCVS) is an open-source command-line tool for detecting web cache poisoning and deception. The scanner, developed by Maximilian Hildebrand, offers extensive support for various web cache poisoning and deception techniques. It features

React to this headline:

Loading spinner

Web Cache Vulnerability Scanner: Open-source tool for detecting web cache poisoning Read More »

Stratoshark: Wireshark for the cloud – now available!

Cloud, Don't miss, News, open source, penetration testing, software, Sysdig, wireless, Wireshark /

Stratoshark: Wireshark for the cloud – now available! 2025-01-22 at 20:33 By Help Net Security Stratoshark is an innovative open-source tool that brings Wireshark’s detailed network visibility to the cloud, providing users with a standardized approach to cloud observability. Stratoshark incorporates much of Wireshark’s codebase, including its user interface elements. The interface and workflows will

React to this headline:

Loading spinner

Stratoshark: Wireshark for the cloud – now available! Read More »

MSSqlPwner: Open-source tool for pentesting MSSQL servers

database security, Don't miss, GitHub, News, open source, penetration testing, software /

MSSqlPwner: Open-source tool for pentesting MSSQL servers 2025-01-17 at 07:48 By Help Net Security MSSqlPwner is an open-source pentesting tool tailored to interact with and exploit MSSQL servers. Built on Impacket, it enables users to authenticate with databases using various credentials, including clear-text passwords, NTLM hashes, and Kerberos tickets. The tool offers multiple methods for

React to this headline:

Loading spinner

MSSqlPwner: Open-source tool for pentesting MSSQL servers Read More »

Critical SimpleHelp vulnerabilities fixed, update your server instances!

Don't miss, enterprise, Horizon3.ai, Hot stuff, News, remote access, SimpleHelp, SMBs, software, tech support, vulnerability /

Critical SimpleHelp vulnerabilities fixed, update your server instances! 2025-01-16 at 17:04 By Zeljka Zorz If you’re an organization using SimpleHelp for your remote IT support/access needs, you should update or patch your server installation without delay, to fix security vulnerabilities that may be exploited by remote attackers to execute code on the underlying host. About

React to this headline:

Loading spinner

Critical SimpleHelp vulnerabilities fixed, update your server instances! Read More »

Contextal Platform: Open-source threat detection and intelligence

Don't miss, GitHub, Hot stuff, News, open source, software /

Contextal Platform: Open-source threat detection and intelligence 2025-01-15 at 07:34 By Mirko Zorz Contextal Platform is an open-source cybersecurity solution for contextual threat detection and intelligence. Developed by the original authors of ClamAV, it offers advanced features such as contextual threat analysis, custom detection scenarios through the ContexQL language, and AI-powered data processing—all operating locally

React to this headline:

Loading spinner

Contextal Platform: Open-source threat detection and intelligence Read More »

Chainsaw: Open-source tool for hunting through Windows forensic artefacts

Don't miss, GitHub, News, open source, software, Windows, WithSecure /

Chainsaw: Open-source tool for hunting through Windows forensic artefacts 2025-01-13 at 06:34 By Help Net Security Chainsaw is an open-source first-response tool for quickly detecting threats in Windows forensic artefacts, including Event Logs and the MFT file. It enables fast keyword searches through event logs and identifies threats using built-in Sigma detection and custom detection

React to this headline:

Loading spinner

Chainsaw: Open-source tool for hunting through Windows forensic artefacts Read More »

Wireshark 4.4.3 released: Updated protocol support, bug fixes

News, open source, software, Wireshark /

Wireshark 4.4.3 released: Updated protocol support, bug fixes 2025-01-09 at 11:07 By Help Net Security Wireshark, the popular network protocol analyzer, has reached version 4.4.3. Wireshark offers deep inspection across hundreds of protocols, live and offline analysis, and display filters. With multi-platform support, VoIP analysis, and capture file compatibility, it’s perfect for professionals seeking intuitive

React to this headline:

Loading spinner

Wireshark 4.4.3 released: Updated protocol support, bug fixes Read More »

Sara: Open-source RouterOS security inspector

Don't miss, GitHub, hardware, mikrotik, News, open source, router, software /

Sara: Open-source RouterOS security inspector 2025-01-09 at 07:03 By Mirko Zorz Sara is an open-source tool designed to analyze RouterOS configurations and identify security vulnerabilities on MikroTik hardware. Sara’s main feature is using regular expressions as the primary analysis mechanism. This allows you to quickly and accurately process RouterOS configuration text files, making the tool

React to this headline:

Loading spinner

Sara: Open-source RouterOS security inspector Read More »

Making the most of cryptography, now and in the future

cyber risk, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, quantum computing, Quantum Xchange, software /

Making the most of cryptography, now and in the future 2025-01-07 at 08:03 By Help Net Security Enterprise cryptography faces risks beyond just the advent of quantum computers. For starters, there is no guarantee that the traditional algorithms have not been broken. Though we believe that it is “unlikely” they can be, the reality is

React to this headline:

Loading spinner

Making the most of cryptography, now and in the future Read More »

Cyberbro: Open-source tool extracts IoCs and checks their reputation

GitHub, News, open source, software /

Cyberbro: Open-source tool extracts IoCs and checks their reputation 2025-01-07 at 07:03 By Help Net Security Cyberbro is an open-source application that extracts IoCs from garbage input and checks their reputation using multiple services. Cyberbro features Input handling: Paste raw logs, IoCs, or fanged IoCs, and let the regex parser do the rest. Multi-service reputation

React to this headline:

Loading spinner

Cyberbro: Open-source tool extracts IoCs and checks their reputation Read More »

Open source worldwide: Critical maintenance gaps exposed

code, Don't miss, Hot stuff, Lineaje, open source, software, Video, vulnerability /

Open source worldwide: Critical maintenance gaps exposed 2025-01-07 at 06:31 By Help Net Security Lineaje recently released a report identifying the US and Russia as the leading generators of open-source projects, with both countries also having the highest numbers of anonymous open-source contributions. In this Help Net Security video, Nick Mistry, SVP and CISO of

React to this headline:

Loading spinner

Open source worldwide: Critical maintenance gaps exposed Read More »

Kata Containers: Open-source container runtime, building lightweight VMs

containers, Don't miss, GitHub, Hot stuff, News, open source, software, virtualization /

Kata Containers: Open-source container runtime, building lightweight VMs 2025-01-02 at 07:04 By Mirko Zorz Kata Containers is an open-source project dedicated to creating a secure container runtime that combines the performance and simplicity of containers with the enhanced isolation of lightweight virtual machines. By leveraging hardware virtualization technology, it adds an extra layer of defense

React to this headline:

Loading spinner

Kata Containers: Open-source container runtime, building lightweight VMs Read More »

Why software is the key to FI risk management

cyber risk, cybersecurity, Don't miss, Hot stuff, Risk Management, software, Video, WolfPAC /

Why software is the key to FI risk management 2024-12-31 at 07:33 By Help Net Security Risk management is important, but it’s not always exciting. Many risk professionals still rely on spreadsheets and manual methods despite the availability of better options. Excel is familiar and cost-effective. Some spreadsheets are handy for certain risk management activities.

React to this headline:

Loading spinner

Why software is the key to FI risk management Read More »

Hottest cybersecurity open-source tools of the month: December 2024

cybersecurity, Don't miss, GitHub, News, open source, software /

Hottest cybersecurity open-source tools of the month: December 2024 2024-12-31 at 06:03 By Help Net Security This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. SafeLine: Open-source web application firewall (WAF) SafeLine is an open-source and self-hosted Web Application Firewall (WAF) that protects websites from cyber

React to this headline:

Loading spinner

Hottest cybersecurity open-source tools of the month: December 2024 Read More »

reconFTW: Open-source reconnaissance automation

cybersecurity, Don't miss, GitHub, News, open source, reconnaissance, software /

reconFTW: Open-source reconnaissance automation 2024-12-30 at 07:05 By Help Net Security reconFTW is an open-source tool that simplifies and automates the reconnaissance process, delivering subdomain enumeration, vulnerability assessment, and gathering intelligence about a target. Using various techniques — such as passive and brute-force methods, permutations, certificate transparency analysis, source code scraping, analytics tracking, and DNS

React to this headline:

Loading spinner

reconFTW: Open-source reconnaissance automation Read More »

Scroll to Top