Collaborate Disseminate
Sniffnet is a free, open-source network monitoring tool to help you easily track your Internet traffic. What sets it apart is its strong focus on user experience. Unlike most network analyzers, Sniffnet is built to be easily usable by everyone, regardl… Continue reading Sniffnet: Free, open-source network monitoring
Our own Dan Maloney has been on a Voyager kick for the past couple of years. Voyager, the space probe. As a long-term project, he has been trying to figure …read more Continue reading Institutional Memory, On Paper
Nmap is a free, open-source tool for network discovery and security auditing. It’s valued by systems and network administrators for network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap identifies avai… Continue reading Nmap 7.95 released: New OS and service detection signatures
WebCopilot is an open-source automation tool that enumerates a target’s subdomains and discovers bugs using various free tools. It simplifies the application security workflow and reduces reliance on manual scripting. “I built this solution… Continue reading WebCopilot: Open-source automation tool enumerates subdomains, detects bugs
Lynis is a comprehensive open-source security auditing tool for UNIX-based systems, including Linux, macOS, and BSD. Hardening with Lynis Lynis conducts a thorough security examination of the system directly. Its main objective is to evaluate security … Continue reading Lynis: Open-source security auditing tool
Quicmap is a fast, open-source QUIC service scanner that streamlines the process by eliminating multiple tool requirements. It effectively identifies QUIC services, the protocol version, and the supported ALPNs. “As I started researching the QUIC… Continue reading Quicmap: Fast, open-source QUIC protocol scanner
RiskInDroid (Risk Index for Android) is an open-source tool for quantitative risk analysis of Android applications based on machine learning techniques. How RiskInDroid works “A user should be able to quickly assess an application’s level o… Continue reading RiskInDroid: Open-source risk analysis of Android apps
TruffleHog is an open-source scanner that identifies and addresses exposed secrets throughout your entire technology stack. “TruffleHog was originally a research tool I independently authored in 2016. When I published it, no tools were scanning G… Continue reading TruffleHog: Open-source solution for scanning secrets
In this Help Net interview, Isaac Evans, CEO at Semgrep, discusses the balance between speed and thoroughness in CI/CD pipeline security scanning. Stressing the need to avoid slowing down the process, he recommends a nuanced approach, utilizing custom … Continue reading Custom rules in security tools can be a game changer for vulnerability detection
Nemesis is a centralized data processing platform that ingests, enriches, and performs analytics on offensive security assessment data (i.e., data collected during penetration tests and red team engagements). Nemesis was created by Lee Chagolla-Chris… Continue reading Nemesis: Open-source offensive data enrichment and analytic pipeline