Security News

BadDNS: Open-source tool checks for subdomain takeovers
2025-02-03 05:00

BadDNS is an open-source Python DNS auditing tool designed to detect domain and subdomain takeovers of all types. BadDNS modules cname – Check for dangling CNAME records and interrogate them for...

ExtensionHound: Open-source tool for Chrome extension DNS forensics
2025-01-30 05:00

Traditional monitoring tools reveal only traffic from the Chrome process, leaving security teams uncertain about which extension is responsible for a suspicious DNS query. ExtensionHound solves...

North Koreans clone open source projects to plant backdoors, steal credentials
2025-01-29 23:29

Stealing crypto is so 2024. Supply-chain attacks leading to data exfil pays off better? North Korea's Lazarus Group compromised hundreds of victims across the globe in a massive secret-stealing...

BloodyAD: Open-source Active Directory privilege escalation framework
2025-01-28 05:00

BloodyAD is an open-source Active Directory privilege escalation framework that uses specialized LDAP calls to interact with domain controllers. It enables various privilege escalation techniques...

Don’t let these open-source cybersecurity tools slip under your radar
2025-01-27 05:00

This article showcases free, open-source cybersecurity tools that help you identify and address vulnerabilities, detect intrusion, protect websites from cyber attacks, monitor and detect...

Web Cache Vulnerability Scanner: Open-source tool for detecting web cache poisoning
2025-01-23 05:00

The Web Cache Vulnerability Scanner (WCVS) is an open-source command-line tool for detecting web cache poisoning and deception. The scanner, developed by Maximilian Hildebrand, offers extensive...

Fleet: Open-source platform for IT and security teams
2025-01-21 04:30

Fleet is an open-source platform for IT and security teams managing thousands of computers. It’s designed to work seamlessly with APIs, GitOps, webhooks, and YAML configurations. Fleet provides a...

MSSqlPwner: Open-source tool for pentesting MSSQL servers
2025-01-17 05:30

MSSqlPwner is an open-source pentesting tool tailored to interact with and exploit MSSQL servers. Built on Impacket, it enables users to authenticate with databases using various credentials,...

Contextal Platform: Open-source threat detection and intelligence
2025-01-15 05:30

Contextal Platform is an open-source cybersecurity solution for contextual threat detection and intelligence. Developed by the original authors of ClamAV, it offers advanced features such as...

GitHub CISO on security strategy and collaborating with the open-source community
2025-01-13 05:00

In this Help Net Security, Alexis Wales, CISO at GitHub, discusses how GitHub embeds security into every aspect of its platform to protect millions of developers and repositories, ensuring it...