open-source
-
Beelzebub is an open-source honeypot framework engineered to create a secure environment for detecting and analyzing cyber threats. It features a low-code design for seamless deployment and leverages AI to emulate the behavior of a high-interaction honeypot. “I created Beelzebub because my research activities require deploying numerous honeypots from different families (e.g., WordPress, Joomla, SSH,…
-
Could Open-Source AI Redefine the Future? Here’s What Experts SayOpen-source AI is shaking up the industry, challenging traditional large and small language models and raising new security concerns. With DeepSeek-R1 leading the charge, experts weigh in on the risks, rewards and the future of AI monetization. Is the future of AI open – or are…
-
While the archived projects remain available for download, users will be provided a warning banner to help them make informed dependency choices. PyPI aims to enhance supply-chain security by preventing attackers from hijacking abandoned projects and injecting malicious updates.
-
The World Economic Forum (WEF) highlighted the growing challenge of securing software supply chains, emphasizing the rising need to safeguard against hidden dependencies. As businesses increasingly rely on third-party software suppliers and open-source solutions, they face significant hurdles in ensuring the security and integrity of their software ecosystems. Also, these challenges extend beyond IT to…
-
A team of researchers from Ben Gurion University of the Negev has pioneered a novel memory forensics framework for analyzing Unified Extensible Firmware Interface (UEFI) memory during the pre-operating system (pre-OS) phase. Their study, published on January 28, 2025, introduces a groundbreaking approach to addressing the growing threat of UEFI-based malware, which has become a…
-
BadDNS is an open-source Python DNS auditing tool designed to detect domain and subdomain takeovers of all types. BadDNS modules cname – Check for dangling CNAME records and interrogate them for subdomain takeover opportunities ns – Check for dangling NS records and interrogate them for takeover opportunities mx – Check for dangling MX records and…
-
Traditional monitoring tools reveal only traffic from the Chrome process, leaving security teams uncertain about which extension is responsible for a suspicious DNS query. ExtensionHound solves this by analyzing Chrome’s internal network state and linking DNS activity to specific extensions. ExtensionHound features Scans Chrome profiles for extension DNS request history Provides detailed analysis of network…
-
Opengrep, which is forked from Semgrep, will keep the older tool’s open source nature and provide users complete access to its scanning capabilities, according to the consortium, which emphasized the establishment of dedicated Opengrep development, testing, and deployment teams while ensuring the tool’s long-term stability. Introduction to Malware Binary Triage (IMBT) Course Looking to level…
-
BloodyAD is an open-source Active Directory privilege escalation framework that uses specialized LDAP calls to interact with domain controllers. It enables various privilege escalation techniques within Active Directory environments. Features “I created this tool because I do a lot of internal testing on Active Directory infrastructures and at the time in 2021 there was no…
-
This article showcases free, open-source cybersecurity tools that help you identify and address vulnerabilities, detect intrusion, protect websites from cyber attacks, monitor and detect suspicious activities across your network. Am I Isolated: Open-source container security benchmark Am I Isolated is an open-source container security benchmark that probes users’ runtime environments and tests for container isolation.…
-
Fleet is an open-source platform for IT and security teams managing thousands of computers. It’s designed to work seamlessly with APIs, GitOps, webhooks, and YAML configurations. Fleet provides a single platform to secure and maintain all computing devices over the air. It offers a centralized solution, from mobile device management (MDM) to patching and verifying…
-
Sara is an open-source tool designed to analyze RouterOS configurations and identify security vulnerabilities on MikroTik hardware. Sara’s main feature is using regular expressions as the primary analysis mechanism. This allows you to quickly and accurately process RouterOS configuration text files, making the tool powerful and easy to use. “Sara is entirely standalone and requires…
-
Evilginx is an open-source man-in-the-middle attack framework designed to phish login credentials and session cookies, enabling attackers to bypass 2FA safeguards. “Back in 2017, I was experimenting with extracting cookies from one browser and importing them into another. I realized this technique could effectively take over accounts, bypassing the need for credentials or even MFA…
-
submitted by /u/Candace_Owens_4225 [link] [comments]
-
https://crypt.fyi https://github.com/osbytes/crypt.fyi I built this project as a learning experience to further my knowledge of web security best practices as well as to improve on existing tools that solve for a similar niche. Curious to receive any thoughts/suggestions/feedback. submitted by /u/codectl [link] [comments]
-
Kindly suggest an android application to wipe deleted files completly. TIA! submitted by /u/blueinklet [link] [comments]
-
A recent report by Lineaje AI Labs has revealed that the United States is the top contributor to open-source projects, but it also leads in anonymous contributions, raising significant concerns about transparency and security in the global software supply chain. Geopolitical Risks in Open-Source Contributions The report, titled “Crossing Boundaries: Breaking Trust,” highlights the geopolitical…
-
Open-source AI offers many opportunities, including high levels of innovation, while also presenting security admins with unique challenges. Leaders in AI, such as Clem Delangue from Hugging Face and Rahul Roy-Chowdhury from Grammarly, stress the significance of transparency and ethical decision-making when building trustworthy AI systems. Delangue advocates for greater transparency even at the expense…
-
Trapster Community is an open-source, lightweight, low-interaction honeypot designed for deployment within internal networks. It enhances network security by creating a deceptive layer that monitors and detects suspicious activities.
-
FuzzyAI is an open-source framework that helps organizations identify and address AI model vulnerabilities in cloud-hosted and in-house AI models, like guardrail bypassing and harmful output generation.