open source
Hetty: Open-source HTTP toolkit for security research
Hetty is an open-source HTTP toolkit designed for security research, offering a free alternative to commercial tools like Burp Suite Pro. Built with the needs of penetration …
Fix Inventory: Open-source cloud asset inventory tool
Fix Inventory is an open-source tool for detecting compliance and security risks in cloud infrastructure accounts. It was built from the ground up for cloud-native …
Commix: Open-source OS command injection exploitation tool
Commix is an open-source penetration testing tool designed to automate the detection and exploitation of command injection vulnerabilities, streamlining security assessments …
MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364)
Users of the MITRE Caldera cyber security platform have been urged to plug a critical hole (CVE-2025–27364) that may allow unauthenticated attackers to achieve remote code …
OSPS Baseline: Practical security best practices for open source software projects
The Open Source Security Foundation (OpenSSF), a cross-industry initiative by the Linux Foundation, has announced the initial release of the Open Source Project Security …
Hottest cybersecurity open-source tools of the month: February 2025
This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Kunai: Open-source …
Dalfox: Open-source XSS scanner
DalFox is an open-source tool for automating the detection of XSS vulnerabilities. With powerful testing capabilities and a wide range of features, it makes scanning, …
Open source strikes back: Nextcloud Hub 10 challenges Big Tech’s monopoly on AI and privacy
Hyperscalers have perpetuated the narrative that open-source solutions cannot compete at scale. This perception has influenced funding priorities, shaped policy discussions, …
Misconfig Mapper: Open-source tool to uncover security misconfigurations
Misconfig Mapper is an open-source CLI tool built in Golang that discovers and enumerates instances of services used within your organization. It performs large-scale …
PRevent: Open-source tool to detect malicious code in pull requests
Apiiro security researchers have released open source tools that can help organizations detect malicious code as part of their software development lifecycle: PRevent (a …
Kunai: Open-source threat hunting tool for Linux
Kunai is an open-source tool that provides deep and precise event monitoring for Linux environments. “What sets Kunai apart is its ability to go beyond simple event …
Orbit: Open-source Nuclei security scanning and automation platform
Orbit is an open-source platform built to streamline large-scale Nuclei scans, enabling teams to manage, analyze, and collaborate on security findings. It features a …
Featured news
Resources
Don't miss
- Attackers are exploiting critical SAP S/4HANA vulnerability (CVE-2025-42957)
- Stealthy attack serves poisoned web pages only to AI agents
- September 2025 Patch Tuesday forecast: The CVE matrix
- Google fixes actively exploited Android vulnerabilities (CVE-2025-48543, CVE-2025-38352)
- CyberFlex: Flexible Pen testing as a Service with EASM