open source
Web Check: Open-source intelligence for any website
Web Check offers thorough open-source intelligence and enables users to understand a website’s infrastructure and security posture, equipping them with the knowledge to …
TruffleHog: Open-source solution for scanning secrets
TruffleHog is an open-source scanner that identifies and addresses exposed secrets throughout your entire technology stack. “TruffleHog was originally a research tool I …
CVE Prioritizer: Open-source tool to prioritize vulnerability patching
CVE Prioritizer is an open-source tool designed to assist in prioritizing the patching of vulnerabilities. It integrates data from CVSS, EPSS, and CISA’s KEV catalog to …
Fabric: Open-source framework for augmenting humans using AI
Fabric is an open-source framework, created to enable users to granularly apply AI to everyday challenges. Key features “I created it to enable humans to easily augment …
SiCat: Open-source exploit finder
SiCat is an open-source tool for exploit research designed to source and compile information about exploits from open channels and internal databases. Its primary aim is to …
SOAPHound: Open-source tool to collect Active Directory data via ADWS
SOAPHound is an open-source data collection tool capable of enumerating Active Directory environments through the Active Directory Web Services (ADWS) protocol. How SOAPHound …
Prowler: Open-source security tool for AWS, Google Cloud Platform, Azure
Prowler is an open-source security tool designed to assess, audit, and enhance the security of AWS, GCP, and Azure. It’s also equipped for incident response, continuous …
Latio Application Security Tester: Use AI to scan your code
Latio Application Security Tester is an open-source tool that enables the usage of OpenAI to scan code from the CLI for security and health issues. Features and future plans …
CVEMap: Open-source tool to query, browse and search CVEs
CVEMap is an open-source command-line interface (CLI) tool that allows you to explore Common Vulnerabilities and Exposures (CVEs). It’s designed to offer a streamlined …
Faction: Open-source pentesting report generation and collaboration framework
Faction is an open-source solution that enables pentesting report generation and assessment collaboration. Josh Summitt, the creator of Faction, has always disliked the …
Critical Jenkins RCE flaw exploited in the wild. Patch now! (CVE-2024-23897)
Several proof-of-concept (PoC) exploits for a recently patched critical vulnerability (CVE-2024-23897) in Jenkins have been made public and there’s evidence of …
Automated Emulation: Open-source breach and attack simulation lab
Automated Emulation is an open-source Terraform template designed to create a customizable, automated breach and attack simulation lab. The solution automatically constructs …
Featured news
Resources
Don't miss
- AI isn’t one system, and your threat model shouldn’t be either
- LLMs work better together in smart contract audits
- Product showcase: NAKIVO v11.1 advances MSP service delivery with secure multi-tenant management
- Crypto theft in 2025: North Korean hackers continue to dominate
- Clipping Scripted Sparrow’s wings: Tracking a global phishing ring