software
7 open-source malware analysis tools you should try out
There are two main types of malware analysis: static and dynamic. Performing static analysis of a malicious binary means concentrating on analyizing its code without executing …
Vulnerability in Amazon Ring app allowed access to private camera recordings
A vulnerability in the Android version of the Ring app, which is used to remotely manage Amazon Ring outdoor (video doorbell) and indoor surveillance cameras, could have been …
Google releases Android 13 with improved privacy and security features
Google released Android 13, and it is already rolling out to eligible Pixel smartphones. In this Help Net Security video, you’ll learn more about the latest privacy and …
Why organizations should control Active Directory permissions
In this Help Net Security video, Matthew Vinton, Strategic Systems Consultant at Quest Software, illustrates the importance of regularly analyzing, controlling and adapting …
SquarePhish: Advanced phishing tool combines QR codes and OAuth 2.0 device code flow
In this Help Net Security video, Security Consultant Kam Talebzadeh and Senior Security Researcher Nevada Romsdahl from Secureworks, showcase SquarePhish, a tool that combines …
AWSGoat: Easy to deploy vulnerable AWS infrastructure for pentesters
Compromising an organization’s cloud infrastructure is like sitting on a gold mine for attackers. And sometimes, a simple misconfiguration or a vulnerability in web …
Kali Linux 2022.3 released: Packages for test labs, new tools, and a community Discord server
Offensive Security has released Kali Linux 2022.3, the latest version of its popular penetration testing and digital forensics platform. Packaged apps to set up test labs The …
MI-X: Open source project helps you understand whether you are exploitable
In this Help Net Security video, Ofri Ouzan, Security Researcher at Rezilion, talks about MI-X (Am I Exploitable?), an open source tool aimed at effectively determining …
SimpleRisk: Enterprise risk management simplified
In this Help Net Security video, CEO/CISO Josh Sokol, showcases SimpleRisk, a fully integrated GRC platform that can be used for all of your governance, risk management, and …
Detectree: Open-source tool simplifies data analysis for blue teams, reduces alert fatigue
Many companies struggle to understand malicious activity and its effects while a security incident is in progress. It eats up time and resources that defenders need to contain …
The past, present and future of Metasploit
Metasploit is the most used penetration testing framework. In this Help Net Security video, Spencer McIntyre, Lead Security Researcher at Rapid7, talks about how Metasploit …
Why SBOMs aren’t the silver bullet they’re portrayed as
A Software Bill of Materials, often shortened to the acronym SBOM, is a formal, machine-readable inventory of software components and dependencies, information about those …