Security News

Google Open Sources Magika: AI-Powered File Identification Tool
2024-02-17 07:26

Google has announced that it's open-sourcing Magika, an artificial intelligence (AI)-powered tool to identify file types, to help defenders accurately detect binary and textual file types. "Magika...

Google open sources file-identifying Magika AI for malware hunters and others
2024-02-17 02:10

Google has open sourced Magika, an in-house machine-learning-powered file identifier, as part of its AI Cyber Defense Initiative, which aims to give IT network defenders and others better automated tools. Enter Magika, which uses a trained model to rapidly identify file types from file data, and it's an approach the Big G thinks works well enough to use in production.

Fabric: Open-source framework for augmenting humans using AI
2024-02-14 05:30

Fabric is an open-source framework, created to enable users to granularly apply AI to everyday challenges. "I created it to enable humans to easily augment themselves with AI. I believe it's currently too difficult for people to use AI. I think there are too many tools, too many websites, and too few practical use cases that combine a problem with a solution. Fabric is a way of addressing those problems," Daniel Miessler, the creator of Fabric, told Help Net Security.

SiCat: Open-source exploit finder
2024-02-12 04:30

SiCat is an open-source tool for exploit research designed to source and compile information about exploits from open channels and internal databases. Performing exploit searches based on desired inputs and sources such as Exploit-DB, Exploit Alert, Packetstorm Security, NVD Database, and Metasploit modules.

SOAPHound: Open-source tool to collect Active Directory data via ADWS
2024-02-08 05:00

SOAPHound is an open-source data collection tool capable of enumerating Active Directory environments through the Active Directory Web Services protocol. SOAPHound is a substitute for various open-source security tools typically employed for extracting data from Active Directory via the LDAP protocol.

Prowler: Open-source security tool for AWS, Google Cloud Platform, Azure
2024-02-07 05:30

Prowler is an open-source security tool designed to assess, audit, and enhance the security of AWS, GCP, and Azure. "Easy to use from the command line with simple, understandable output, Prowler offers standard reporting formats like CSV and JSON, enabling users to thoroughly examine findings across any cloud provider, all in a uniform format. Its seamless integrations with Security Hub and S3 facilitate easy incorporation with other SIEMs, databases, and more. The ability to write custom checks and develop custom security frameworks is crucial for our expanding community," Toni de la Fuente, the creator of Prowler, told Help Net Security.

CVEMap: Open-source tool to query, browse and search CVEs
2024-02-01 05:00

CVEMap is an open-source command-line interface tool that allows you to explore Common Vulnerabilities and Exposures. Security experts, who must be constantly alert to thwart adversaries seeking any vulnerability, are distracted by the sheer volume of CVEs.

Faction: Open-source pentesting report generation and collaboration framework
2024-01-30 05:30

Faction is an open-source solution that enables pentesting report generation and assessment collaboration. Josh Summitt, the creator of Faction, has always disliked the process of writing reports, preferring to focus on uncovering bugs.

Automated Emulation: Open-source breach and attack simulation lab
2024-01-25 05:30

Automated Emulation is an open-source Terraform template designed to create a customizable, automated breach and attack simulation lab. The creator of Automated Emulation, Jason Ostrom, aimed to develop an infrastructure security lab to enhance skills in adversary simulation, focusing on linking TTPs and evaluating various endpoint security products.

CloudFoxable: Open-source AWS penetration testing playground
2024-01-22 05:00

CloudFoxable is a capture-the-flag style learning platform you can deploy to your playground AWS account. It primarily targets current penetration testers seeking to learn exploitation of cloud-native attack paths, and cloud security experts aiming to practice offensive security techniques safely.