GitHub project maintainers targeted with fake security alert
A phishing campaign targeting GitHub account owners has been trying to scare them with a fake security alert into allowing a malicious OAuth app access to their account and …
IntelMQ: Open-source tool for collecting and processing security feeds
IntelMQ is an open-source solution designed to help IT security teams (including CERTs, CSIRTs, SOCs, and abuse departments) streamline the collection and processing of …
NetBird: Open-source network security
NetBird is an open-source solution that integrates a configuration-free peer-to-peer private network with centralized access control, providing a single platform to build …
Hetty: Open-source HTTP toolkit for security research
Hetty is an open-source HTTP toolkit designed for security research, offering a free alternative to commercial tools like Burp Suite Pro. Built with the needs of penetration …
Fix Inventory: Open-source cloud asset inventory tool
Fix Inventory is an open-source tool for detecting compliance and security risks in cloud infrastructure accounts. It was built from the ground up for cloud-native …
Commix: Open-source OS command injection exploitation tool
Commix is an open-source penetration testing tool designed to automate the detection and exploitation of command injection vulnerabilities, streamlining security assessments …
Hottest cybersecurity open-source tools of the month: February 2025
This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Kunai: Open-source …
Hundreds of GitHub repos served up malware for years
Kaspersky researchers have unearthed an extensive and long-running malware delivery campaign that exploited users’ propensity for downloading code from GitHub and using …
Dalfox: Open-source XSS scanner
DalFox is an open-source tool for automating the detection of XSS vulnerabilities. With powerful testing capabilities and a wide range of features, it makes scanning, …
Misconfig Mapper: Open-source tool to uncover security misconfigurations
Misconfig Mapper is an open-source CLI tool built in Golang that discovers and enumerates instances of services used within your organization. It performs large-scale …
PRevent: Open-source tool to detect malicious code in pull requests
Apiiro security researchers have released open source tools that can help organizations detect malicious code as part of their software development lifecycle: PRevent (a …
Kunai: Open-source threat hunting tool for Linux
Kunai is an open-source tool that provides deep and precise event monitoring for Linux environments. “What sets Kunai apart is its ability to go beyond simple event …
Featured news
Resources
Don't miss
- Cozy Bear targets EU diplomats with wine-tasting invites (again)
- Funding uncertainty may spell the end of MITRE’s CVE program
- When companies merge, so do their cyber threats
- Strategic AI readiness for cybersecurity: From hype to reality
- Attack Flow: Learn how cyber adversaries combine and sequence offensive techniques