Security News
Ghidra, a cutting-edge open-source software reverse engineering framework, is a product of the National Security Agency Research Directorate. The framework features high-end software analysis tools, enabling users to analyze compiled code across various platforms, including Windows, macOS, and Linux.
Cloud identity protection company Permiso has created YetiHunter, a threat detection and hunting tool companies can use to query their Snowflake environments for evidence of compromise. Cloud-based data storage and analytics company Snowflake has recently stated that attackers have accessed accounts of some of its customers by leveraging compromised credentials.
Many of the underlying open-source projects are unvetted for the purpose of AI. In return for the massive financial benefits corporations receive by leveraging open source in AI, it is in their best interest to contribute towards community efforts and to the foundational security of the open-source components up front. Making deep and lasting positive change for security universally will require collaboration across industry participants, both for ease and financial gain, as well as to avoid the involvement of further oversight by governmental organizations in both the open source and private sectors.
Radare is an open-source UNIX-like reverse engineering framework and command-line toolset. "I started the project in 2006 when I was working as a forensic analyst, and I wrote a simple command-line hexadecimal editor to scan a hard drive looking for keywords and dump the results to disk to recover some files. Over time, the project evolved to meet my diverse requirements, serving as a debugger, a disassembler, and a platform for exploring various architectures. It proved invaluable during CTF competitions, at work, and for personal reverse engineering projects," Sergi Àlvarez, the creator of Radare, told Help Net Security.
Sniffnet is a free, open-source network monitoring tool to help you easily track your Internet traffic. Unlike most network analyzers, Sniffnet is built to be easily usable by everyone, regardless of technical expertise.
NethSecurity is a free, open-source Linux firewall that simplifies network security deployment. It integrates various security features into one platform, including firewalling, intrusion detection and prevention, antivirus, multi-WAN, DNS, and content filtering.
Encrypted Notepad, an open-source text editor, ensures your files are saved and loaded encrypted with AES-256. With no ads, no network connection required, and no unnecessary features, it's a tool that simply works.
RansomLord is an open-source tool that automates the creation of PE files, which are used to exploit ransomware pre-encryption. "I created RansomLord to demonstrate ransomware is not invincible, has vulnerabilities and its developers make mistakes and can write bad code just like everyone else," hyp3rlinx, developer of RansomLord, told Help Net Security.
Chronon is an open-source, end-to-end feature platform designed for machine learning teams to build, deploy, manage, and monitor data pipelines for machine learning. Chronon enables you to harness all the data within your organization, including batch tables, event streams, and services, to drive your AI/ML projects without the need to manage the typically required orchestration.
Authelia is an open-source authentication and authorization server that offers 2FA and SSO for applications through a web portal. Authelia connects directly to the reverse proxy but never to the application backends.