Ghostwriter: Open-source project management platform for pentesters
In this Help Net Security video, Christopher Maddalena, Director of Internal and Community Product at SpecterOps, showcases Ghostwriter, which helps you manage clients, …
MyOpenVDP: Open-source web application to securely disclose vulnerabilities
MyOpenVDP is a turnkey open-source solution allowing anyone to host their own vulnerability disclosure policy (VDP). Developed by YesWeHack, the web application is available …
cert-manager: Automatically provision and manage TLS certificates in Kubernetes
cert-manager adds certificates and certificate issuers as resource types in Kubernetes clusters and simplifies the process of obtaining, renewing, and using those …
CISA releases RedEye open-source analytic tool
CISA has released RedEye, an interactive open-source analytic tool to visualize and report Red Team command and control activities. RedEye, available on GitHub, allows an …
Critical vm2 sandbox escape flaw uncovered, patch ASAP! (CVE-2022-36067)
Oxeye researchers discovered a severe vm2 vulnerability (CVE-2022-36067) that has received the maximum CVSS score of 10.0. Called SandBreak, this new vulnerability requires …
Legit Security Legitify detects security and compliance issues across GitHub assets
Legit Security announced Legitify, an open-source security tool to secure GitHub implementations. Legitify is a GitHub misconfiguration scanner that helps security teams and …
Dissect: Open-source framework for collecting, analyzing forensic data
A game changer in cyber incident response, the Dissect framework enables data acquisition on thousands of systems within hours, regardless of the nature and size of the IT …
SpyCast: Cross-platform mDNS enumeration tool
SpyCast is a cross-platform mDNS enumeration tool that can work either in active mode by recursively querying services or in passive mode by only listening to multicast …
The holy trifecta for developing a secure API
It’s hard to write good API specifications, and since most API gateways use them as IAC, they should be carefully checked for common mistakes. Writing an API that sticks …
CI Fuzz CLI: Open-source tool simplifies fuzz testing for C++
Fuzz testing helps developers protect their applications against memory corruptions, crashes that cause downtime, and other security issues, including DoS and uncaught …
The 25 most popular programming languages and trends
CircleCI released the 2022 State of Software Delivery report, which examines two years of data from more than a quarter billion workflows and nearly 50,000 organizations …
5 open-source vulnerability assessment tools to try out
A vulnerability assessment is a methodical examination of network infrastructure, computer systems, and software with the goal of identifying and addressing known security …
Featured news
Resources
Don't miss
- Building cybersecurity culture in science-driven organizations
- How Kim Crawley challenges big tech in “Digital Safety in a Dangerous World”
- Google strengthens secure enterprise access from BYOD Android devices
- Southwest Airlines CISO on tackling cyber risks in the aviation industry
- Insider risk management needs a human strategy