Damn Vulnerable RESTaurant: Open-source API service designed for learning
Damn Vulnerable RESTaurant is an open-source project that allows developers to learn to identify and fix security vulnerabilities in their code through an interactive game. …
5 free red teaming resources to get you started
Red teaming is evaluating the effectiveness of your cybersecurity by eliminating defender bias and adopting an adversarial perspective within your organization. Tactics may …
Zarf: Open-source continuous software delivery on disconnected networks
Zarf is a free, open-source tool that enables continuous software delivery on disconnected networks. It currently offers fully automated support for K3s, K3d, and Kind and is …
Graylog: Open-source log management
Graylog is an open-source solution with centralized log management capabilities. It enables teams to collect, store, and analyze data to get answers to security, application, …
EJBCA: Open-source public key infrastructure (PKI), certificate authority (CA)
EJBCA is open-source PKI and CA software. It can handle almost anything, and someone once called it the kitchen sink of PKI. With its extensive history as one of the …
XZ Utils backdoor: Detection tools, scripts, rules
As the analysis of the backdoor in XZ Utils continues, several security companies have provided tools and advice on how to detect its presence on Linux systems. What happened? …
Mantis: Open-source framework that automates asset discovery, reconnaissance, scanning
Mantis is an open-source command-line framework that automates asset discovery, reconnaissance, and scanning. You input a top-level domain, and it identifies associated …
Cloud Active Defense: Open-source cloud protection
Cloud Active Defense is an open-source solution that integrates decoys into cloud infrastructure. It creates a dilemma for attackers: risk attacking and being detected …
Infosec products of the month: March 2024
Here’s a look at the most interesting products from the past month, featuring releases from: Appdome, AuditBoard, Bedrock Security, Check Point, CyberArk, Cynerio, DataDome, …
Drozer: Open-source Android security assessment framework
Drozer is an open-source security testing framework for Android, whose primary purpose is to make the life of mobile application security testers easier. Drozer features The …
20 essential open-source cybersecurity tools that save you time
Open-source software’s adaptive nature ensures its durability, relevance, and compatibility with new technologies. When I started digging deeper into the open-source …
WebCopilot: Open-source automation tool enumerates subdomains, detects bugs
WebCopilot is an open-source automation tool that enumerates a target’s subdomains and discovers bugs using various free tools. It simplifies the application security …
Featured news
Resources
Don't miss
- AI isn’t one system, and your threat model shouldn’t be either
- LLMs work better together in smart contract audits
- Product showcase: NAKIVO v11.1 advances MSP service delivery with secure multi-tenant management
- Crypto theft in 2025: North Korean hackers continue to dominate
- Clipping Scripted Sparrow’s wings: Tracking a global phishing ring