software
Researchers unveil novel attack methods targeting Intel’s conditional branch predictor
Researchers have found two novel types of attacks that target the conditional branch predictor found in high-end Intel processors, which could be exploited to compromise …
Prompt Fuzzer: Open-source tool for strengthening GenAI apps
Prompt Fuzzer is an open-source tool that evaluates the security of your GenAI application’s system prompt against dynamic LLM-based threats. Prompt Fuzzer features …
LSA Whisperer: Open-source tools for interacting with authentication packages
LSA Whisperer consists of open-source tools designed to interact with authentication packages through their unique messaging protocols. Support is currently provided for the …
Cloud Console Cartographer: Open-source tool helps security teams transcribe log activity
Cloud Console Cartographer is an open-source tool that maps noisy log activity into highly consolidated, succinct events to help security practitioners cut through the noise …
Protobom: Open-source software supply chain tool
Protobom is an open-source software supply chain tool that enables all organizations, including system administrators and software development communities, to read and …
Zarf: Open-source continuous software delivery on disconnected networks
Zarf is a free, open-source tool that enables continuous software delivery on disconnected networks. It currently offers fully automated support for K3s, K3d, and Kind and is …
Graylog: Open-source log management
Graylog is an open-source solution with centralized log management capabilities. It enables teams to collect, store, and analyze data to get answers to security, application, …
EJBCA: Open-source public key infrastructure (PKI), certificate authority (CA)
EJBCA is open-source PKI and CA software. It can handle almost anything, and someone once called it the kitchen sink of PKI. With its extensive history as one of the …
Mantis: Open-source framework that automates asset discovery, reconnaissance, scanning
Mantis is an open-source command-line framework that automates asset discovery, reconnaissance, and scanning. You input a top-level domain, and it identifies associated …
Cloud Active Defense: Open-source cloud protection
Cloud Active Defense is an open-source solution that integrates decoys into cloud infrastructure. It creates a dilemma for attackers: risk attacking and being detected …
Finding software flaws early in the development process provides ROI
Enterprises spend enormous effort fixing software vulnerabilities that make their way into their publicly-facing applications. The Consortium for Information and Software …
Drozer: Open-source Android security assessment framework
Drozer is an open-source security testing framework for Android, whose primary purpose is to make the life of mobile application security testers easier. Drozer features The …