software
Analyze resource-based policy dependencies across your AWS Organizations accounts
Managing multiple AWS accounts in an organization can get complicated, especially when trying to understand how services and permissions are connected. The Account Assessment …
Autorize: Burp Suite extension for automatic authorization enforcement detection
Autorize is an open-source Burp Suite extension that checks if users can access things they shouldn’t. It runs automatic tests to help security testers find …
Vuls: Open-source agentless vulnerability scanner
Vuls is an open-source tool that helps users find and manage security vulnerabilities. It was created to solve the daily problems admins face when trying to keep servers …
Hottest cybersecurity open-source tools of the month: April 2025
This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. GoSearch: …
Villain: Open-source framework for managing and enhancing reverse shells
Villain is an open-source Stage 0/1 command-and-control (C2) framework designed to manage multiple reverse TCP and HoaxShell-based shells. Beyond simply handling connections, …
GoSearch: Open-source OSINT tool for uncovering digital footprints
GoSearch is an open-source OSINT tool built to uncover digital footprints linked to specific usernames. Designed for speed and accuracy, it lets users quickly track …
SWE-agent: Open-source tool uses LLMs to fix issues in GitHub repositories
By connecting powerful language models like GPT-4o and Claude Sonnet 3.5 to real-world tools, the open-source tool SWE-agent allows them to autonomously perform complex tasks: …
Hawk Eye: Open-source scanner uncovers secrets and PII across platforms
Hawk Eye is an open-source tool that helps find sensitive data before it leaks. It runs from the command line and checks many types of storage for PII and secrets: passwords, …
Attack Flow: Learn how cyber adversaries combine and sequence offensive techniques
MITRE’s Attack Flow project aims to translate complex cyber operations into a structured language. By describing how adversaries sequence and combine offensive …
Tirreno: Open-source fraud prevention platform
Tirreno is an open-source fraud prevention platform designed as a universal analytics tool to monitor online platforms, web applications, SaaS products, digital communities, …
OpenSSL prepares for a quantum future with 3.5.0 release
The OpenSSL Project has released version 3.5.0 of its widely used open-source cryptographic library, introducing new features and notable changes that signal its evolution …
APTRS: Open-source automated penetration testing reporting system
APTRS is an open-source reporting tool built with Python and Django. It’s made for penetration testers and security teams who want to save time on reports. Instead of writing …
Featured news
Resources
Don't miss
- Google open-sources privacy tech for age verification
- You can’t trust AI chatbots not to serve you phishing pages, malicious downloads, or bad code
- Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)
- GitPhish: Open-source GitHub device code flow security assessment tool
- Healthcare CISOs must secure more than what’s regulated