software
Subdominator: Open-source tool for detecting subdomain takeovers
Subdominator is a dependable and fast open-source command-line interface tool to identify subdomain takeovers. It boasts superior accuracy and reliability, offering …
EMBA: Open-source security analyzer for embedded devices
The EMBA open-source security analyzer is tailored as the central firmware analysis tool for penetration testers and product security groups. It assists throughout the …
Correct bad network behavior to bolster application experience
Legacy hardware-based applications existed happily in isolation, untethered from a network. The thing that really mattered was the speed of the hard drive and having enough …
Microsoft ICSpector: A leap forward in industrial PLC metadata analysis
Microsoft ICSpector is an open-source forensics framework that enables the analysis of industrial PLC metadata and project files. Architecture The framework provides …
Nemesis: Open-source offensive data enrichment and analytic pipeline
Nemesis is a centralized data processing platform that ingests, enriches, and performs analytics on offensive security assessment data (i.e., data collected during penetration …
SCS 9001 2.0 reveals enhanced controls for global supply chains
In this Help Net Security interview, Mike Regan, VP of Business Performance at TIA, discusses SCS 9001 Release 2.0, a certifiable standard crafted to assist organizations in …
Product showcase: Apiiro unifies AppSec and SSCS in a deep ASPM
With the rapidly evolving threat landscape and complexity of interconnected applications, identifying real, business-critical application risks is more challenging than ever. …
21 high-risk vulnerabilities in OT/IoT routers found
Forescout detailed the discovery of 21 new vulnerabilities in OT/IoT routers and open-source software elements. The “SIERRA:21 – Living on the Edge” report features research …
5 open-source tools for pentesting Kubernetes you should check out
Kubernetes, often called K8s, is an open-source platform designed to automate the deployment, scaling, and operations of containerized applications. Kubernetes has become a …
SessionProbe: Open-source multi-threaded pentesting tool
SessionProbe is a multi-threaded pentesting tool designed to evaluate user privileges in web applications. It takes a user’s session token and checks for a list of URLs …
Key drivers of software security for financial services
Nearly 72% of applications in the financial services sector contain security flaws, according to Veracode. Despite the alarming figure, this rate of software vulnerability was …
Tails 5.2.0 comes with several improvements, updated Tor Browser
Tails is a portable operating system that protects against surveillance and censorship. Tails can be installed on any USB stick with a minimum of 8 GB. Tails works on most …