Security News

CVEMap: Open-source tool to query, browse and search CVEs
2024-02-01 05:00

CVEMap is an open-source command-line interface tool that allows you to explore Common Vulnerabilities and Exposures. Security experts, who must be constantly alert to thwart adversaries seeking any vulnerability, are distracted by the sheer volume of CVEs.

Faction: Open-source pentesting report generation and collaboration framework
2024-01-30 05:30

Faction is an open-source solution that enables pentesting report generation and assessment collaboration. Josh Summitt, the creator of Faction, has always disliked the process of writing reports, preferring to focus on uncovering bugs.

Automated Emulation: Open-source breach and attack simulation lab
2024-01-25 05:30

Automated Emulation is an open-source Terraform template designed to create a customizable, automated breach and attack simulation lab. The creator of Automated Emulation, Jason Ostrom, aimed to develop an infrastructure security lab to enhance skills in adversary simulation, focusing on linking TTPs and evaluating various endpoint security products.

CloudFoxable: Open-source AWS penetration testing playground
2024-01-22 05:00

CloudFoxable is a capture-the-flag style learning platform you can deploy to your playground AWS account. It primarily targets current penetration testers seeking to learn exploitation of cloud-native attack paths, and cloud security experts aiming to practice offensive security techniques safely.

Skytrack: Open-source aircraft reconnaissance tool
2024-01-18 05:30

Skytrack is an open-source command-line tool for plane spotting and aircraft OSINT reconnaissance. The tool utilizes multiple data sources to collect information on aircraft, can produce a PDF report for a specific aircraft, and offers conversion between ICAO and Tail Number designations.

Wazuh: Building robust cybersecurity architecture with open source tools
2024-01-17 15:04

Building a cybersecurity architecture requires organizations to leverage several security tools to provide multi-layer security in an ever-changing threat landscape. Organizations require various security tools that satisfy the key areas of a security architecture as they each play a role in securing digital assets.

Adalanche: Open-source Active Directory ACL visualizer, explorer
2024-01-15 05:00

Adalanche provides immediate insights into the permissions of users and groups within an Active Directory. "The visual attack graph representation of your Active Directory pops up in your browser, and you can explore things from there. The more data you add, the more insights you get: if you run the open-source Windows collector, you get local accounts, groups, services, file/registry permissions, etc., from both workstations and servers in the graph."

AuthLogParser: Open-source tool for analyzing Linux authentication logs
2024-01-08 05:30

AuthLogParser is an open-source tool tailored for digital forensics and incident response, specifically crafted to analyze Linux authentication logs. Log file, extracting crucial details like SSH logins, user creations, event names, IP addresses, among others.

Week in review: 15 open-source cybersecurity tools, Patch Tuesday forecast
2024-01-07 09:00

January 2024 Patch Tuesday forecast: A Focus on PrintingThis article aims to provide a quick summary of some of the latest trends, announcements, and changes associated with IT patch operations while looking at the upcoming Patch Tuesday and what software updates to expect. Emerging cybersecurity trends and expectations for 2024In this Help Net Security video, John Dwyer, Head of Research at IBM X-Force, discusses how 2024 is poised to be an incredibly impactful year for cyber attacks, driven by world events and access to advanced technologies like AI. 15 open-source cybersecurity tools you'll wish you'd known earlierIn this article, you will find a list of open-source cybersecurity tools that you should definitely check out.

DriveFS Sleuth: Open-source tool for investigating Google Drive File Stream’s disk forensic artifacts
2024-01-04 05:30

DriveFS Sleuth automates the investigation of Google Drive File Stream disk artifacts. The tool can parse the disk artifacts and build a filesystem tree-like structure enumerating the synchronized files along with their respective properties.