reconFTW: Open-source reconnaissance automation
reconFTW is an open-source tool that simplifies and automates the reconnaissance process, delivering subdomain enumeration, vulnerability assessment, and gathering …
Evilginx: Open-source man-in-the-middle attack framework
Evilginx is an open-source man-in-the-middle attack framework designed to phish login credentials and session cookies, enabling attackers to bypass 2FA safeguards. “Back …
Vanir: Open-source security patch validation for Android
Google’s open-source tool Vanir enables Android developers to quickly scan custom platform code for missing or applicable security patches. By automating patch …
MUT-1244 targeting security researchers, red teamers, and threat actors
A threat actor tracked as MUT-1244 by DataDog researchers has been targeting academics, pentesters, red teamers, security researchers, as well as other threat actors, in order …
Trapster Community: Open-source, low-interaction honeypot
Trapster Community is an open-source, lightweight, low-interaction honeypot designed for deployment within internal networks. It enhances network security by creating a …
FuzzyAI: Open-source tool for automated LLM fuzzing
FuzzyAI is an open-source framework that helps organizations identify and address AI model vulnerabilities in cloud-hosted and in-house AI models, like guardrail bypassing and …
Keycloak: Open-source identity and access management
Keycloak is an open-source project for identity and access management (IAM). It provides user federation, strong authentication, user management, authorization, and more. …
Neosync: Open-source data anonymization, synthetic data orchestration
Neosync is an open-source, developer-centric solution designed to anonymize PII, generate synthetic data, and synchronize environments for improved testing and debugging. What …
SafeLine: Open-source web application firewall (WAF)
SafeLine is an open-source and self-hosted Web Application Firewall (WAF) that protects websites from cyber attacks. “SafeLine WAF was created to protect web …
The shocking speed of AWS key exploitation
It’s no secret that developers often inadvertently expose AWS access keys online and we know that these keys are being scraped and misused by attackers before …
Data scientists create tool to spot fake images
Pixelator v2 is a tool to spot fake images. It uses a new combination of image veracity techniques with capability beyond what can be seen by the human eye. It can identify …
Cybercriminals used a gaming engine to create undetectable malware loader
Threat actors are using an ingenious new way for covertly delivering malware to a wide variety of operating systems and platforms: they have created a malware loader that uses …