Legit Security Legitify detects security and compliance issues across GitHub assets
Legit Security announced Legitify, an open-source security tool to secure GitHub implementations. Legitify is a GitHub misconfiguration scanner that helps security teams and …
Dissect: Open-source framework for collecting, analyzing forensic data
A game changer in cyber incident response, the Dissect framework enables data acquisition on thousands of systems within hours, regardless of the nature and size of the IT …
SpyCast: Cross-platform mDNS enumeration tool
SpyCast is a cross-platform mDNS enumeration tool that can work either in active mode by recursively querying services or in passive mode by only listening to multicast …
The holy trifecta for developing a secure API
It’s hard to write good API specifications, and since most API gateways use them as IAC, they should be carefully checked for common mistakes. Writing an API that sticks …
CI Fuzz CLI: Open-source tool simplifies fuzz testing for C++
Fuzz testing helps developers protect their applications against memory corruptions, crashes that cause downtime, and other security issues, including DoS and uncaught …
The 25 most popular programming languages and trends
CircleCI released the 2022 State of Software Delivery report, which examines two years of data from more than a quarter billion workflows and nearly 50,000 organizations …
5 open-source vulnerability assessment tools to try out
A vulnerability assessment is a methodical examination of network infrastructure, computer systems, and software with the goal of identifying and addressing known security …
DevSpace 6: Client-only developer tool for cloud-native development with Kubernetes
Loft Labs released DevSpace 6, open-source software for Kubernetes that enables users to develop, troubleshoot and deploy cloud-native software faster. DevSpace is a …
Photos: Black Hat USA 2022
Here’s a photo gallery that provides a look inside Black Hat USA 2022. For our complete coverage of the conference, live from Las Vegas, check out our microsite. Bayside …
Black Hat USA 2022 video walkthrough
In this Help Net Security video, we take you inside Black Hat USA 2022 at the Mandalay Bay Convention Center in Las Vegas. The video features the following vendors: Abnormal …
AWSGoat: Easy to deploy vulnerable AWS infrastructure for pentesters
Compromising an organization’s cloud infrastructure is like sitting on a gold mine for attackers. And sometimes, a simple misconfiguration or a vulnerability in web …
Stratus Red Team: Open-source tool for adversary emulation in the cloud
In this Help Net Security video, Christophe Tafani-Dereeper, Cloud Security Researcher and Advocate at DataDog, talks about Stratus Red Team, an open-source project for …
Featured news
Resources
Don't miss
- CERT UEFI Parser: Open-source tool exposes UEFI architecture to uncover vulnerabilities
- Why prevention-first secrets security will define enterprise scale: Learnings from a leading telecom
- Fortinet starts patching exploited FortiCloud SSO zero-day (CVE-2026-24858)
- Attackers use Windows App-V scripts to slip infostealer past enterprise defenses
- Microsoft reveals actively exploited Office zero-day, provides emergency fix (CVE-2026-21509)