Security News
Realm is an open-source adversary emulation framework emphasizing scalability, reliability, and automation. It's designed to handle engagements of any size.
BunkerWeb is an open-source Web Application Firewall distributed under the AGPLv3 free license. The solution's core code is entirely auditable by a third party and the community.
Four unpatched security flaws, including three critical ones, have been disclosed in the Gogs open-source, self-hosted Git service that could enable an authenticated attacker to breach susceptible instances, steal or wipe source code, and even plant backdoors. Successful exploitation of the first three shortcomings could permit an attacker to execute arbitrary commands on the Gogs server, while the fourth flaw allows attackers to read arbitrary files such as source code, and configuration secrets.
Monocle is open-source tooling backed by a large language model for performing natural language searches against compiled target binaries. Monocle can be provided with a binary and search criteria, and it will decompile the binary to identify and score areas of the code that meet the criteria.
Recently the Office of the Director of National Intelligence (ODNI) unveiled a new strategy for open-source intelligence (OSINT) and referred to OSINT as the “INT of first resort”. Public and...
Please turn on your JavaScript for this page to function normally. Secator is an open-source task and workflow runner tailored for security assessments.
More than half of open-source projects contain code written in a memory-unsafe language, a report from the U.S.'s Cybersecurity and Infrastructure Security Agency has found. "Hence, we determine that most critical open source projects analysed, even those written in memory-safe languages, potentially contain memory safety vulnerabilities," wrote the authors.
Portainer Community Edition is an open-source, lightweight service delivery platform for containerized applications. "I created Portainer, initially for my own needs. Back in 2016 I was operating a Public Cloud provider in Asia, and wanted to offer a Container as a Service solution to market. At the time, that meant Docker. There were no Cloud Provider management UI's for Docker then, so I created Portainer to act as such. In a way, Portainer enabled a domestic market version of AWS ECS before ECS was popular. However, Portainer quickly took on a life of its own. I open-sourced the UI, which was"discovered" and blogged about, and it took off.
Open-source Rafel RAT steals info, locks Android devices, asks for ransomThe open-source Rafel RAT is being leveraged by multiple threat actors to compromise Android devices and, in some cases, to lock them, encrypt their contents, and demand money to restore the device to its original state. Future trends in cyber warfare: Predictions for AI integration and space-based operationsIn this Help Net Security interview, Morgan Wright, Chief Security Advisor at SentinelOne, discusses how AI is utilized in modern cyber warfare by state and non-state actors.
Gitleaks is an open-source SAST tool designed to detect and prevent hardcoded secrets such as passwords, API keys, and tokens in Git repositories. With more than 15 million Docker downloads, 16,200 GitHub stars, 7 million GitHub downloads, thousands of weekly clones, and over 700,000 Homebrew installs, Gitleaks is one of the most trusted secret scanners among security professionals, enterprises, and developers.