Topic: cybersecurity tools
-
Top Cybersecurity Open-Source Tools for January 2026
Open-source tools like OpenAEV and StackRox provide robust security solutions, enabling comprehensive adversary simulations and specialized Kubernetes security for diverse environments. Specialized auditing tools such as AuraInspector for Salesforce and code scanners like Bandit for Python help i...
Read More » -
Top Cybersecurity Open-Source Tools: November 2025
Open-source cybersecurity tools are increasingly popular for providing robust, budget-friendly defense capabilities, including vulnerability scanning and threat hunting. Specific tools like Heisenberg, VulnRisk, and sqlmap offer targeted solutions for software supply chain health checks, context-...
Read More » -
Top Open-Source Cybersecurity Tools for August 2025
Open-source cybersecurity tools are rapidly advancing, offering cost-effective solutions for vulnerability management, identity security, and penetration testing. Notable tools include Buttercup for AI-driven vulnerability patching, EntraGoat for safe identity management training, and LudusHound ...
Read More » -
Strix: Open-Source AI Agents for Penetration Testing
Strix is an open-source platform that uses autonomous agents to identify security flaws by mimicking human attackers and validating vulnerabilities with proof-of-concept demonstrations. The system employs multiple specialized agents that collaborate dynamically, covering various testing dimension...
Read More » -
Top Infosec Products Launched This Week: September 12, 2025
Several leading vendors launched innovative security tools this week, addressing key areas such as vendor risk management, data encryption, threat detection, and AI governance. Cynomi's TPRM platform significantly reduces vendor assessment times by up to 79%, boosting operational efficiency and p...
Read More » -
Garak: Open-Source AI Security Scanner for LLMs
Garak is an open-source security scanner designed to identify vulnerabilities in large language models, such as unexpected outputs, sensitive data leaks, or responses to malicious prompts. It tests for weaknesses including prompt injection attacks, model jailbreaks, factual inaccuracies, and toxi...
Read More » -
Kerberoasting in 2025: Protect Your Service Accounts Now
Kerberoasting is a persistent attack exploiting Kerberos authentication to escalate privileges and compromise service accounts in Active Directory environments. Attackers use compromised standard user accounts to request encrypted service tickets, which they crack offline to gain control of high-...
Read More » -
Conjur: Open-Source Secrets Management for Secure Apps
Conjur is an open-source secrets management solution that provides a centralized, policy-driven system to securely control access to credentials like passwords and API keys, eliminating the risks of hardcoding them in code or config files. It operates on a core philosophy of identity and policy, ...
Read More » -
Secure File Upload Scanning for Node.js: Open-Source Pompelmi
Pompelmi is an open-source Node.js toolkit that embeds real-time file scanning directly into applications, allowing developers to evaluate and block dangerous uploads before they reach storage or business logic. It scans files in memory without external network calls, ensuring data privacy and lo...
Read More » -
CISA Steps In as Federal MS-ISAC Funding Ends
The longstanding cooperative agreement between CISA and the Center for Internet Security has ended, shifting cybersecurity support for state, local, tribal, and territorial governments to be provided directly by CISA through grants, tools, and expert assistance. Federal funding for the MS-ISAC's ...
Read More » -
Uncover Hidden Secrets: Nosey Parker Finds Sensitive Data in Git & Text
Nosey Parker is an open-source command-line tool that finds sensitive information like passwords and API keys hidden in text files, serving as a specialized alternative to grep. Developed for offensive security, it is also used defensively to audit environments for accidental data leaks and has b...
Read More » -
Detect Malicious Traffic with Maltrail: Open-Source Security Tool
Maltrail is an open-source cybersecurity tool that detects malicious network traffic by comparing data against public blacklists of known threats like domains, IPs, and URLs. Its architecture uses sensors to monitor network traffic and send alerts to a central server, which logs events and suppor...
Read More » -
Secure Your Android with Aegis: Free Open-Source 2FA App
Aegis Authenticator is a free, open-source two-factor authentication app for Android, offering robust security and user-friendly features to protect online accounts. It provides military-grade encryption, supports HOTP and TOTP protocols, and works with most services requiring 2FA, ensuring relia...
Read More » -
Bastion: Open-Source Access Control for Complex Infrastructure
The Bastion is an open-source project that centralizes and secures SSH access to infrastructure by acting as a hardened entry point, simplifying credential management and enabling controlled, auditable workflows. It enhances security with strong authentication methods like TOTP and Yubico PIV key...
Read More » -
Metis: AI-Powered Open-Source Security Code Analyzer
Metis is an AI-driven, open-source security analysis tool that identifies subtle vulnerabilities in large or legacy codebases, surpassing traditional scanners. It uses large language models and retrieval augmented generation to understand code context and relationships, providing precise recommen...
Read More » -
ProxyBridge: Open-Source App Routing for Windows
ProxyBridge is a free, open-source utility for Windows that routes specific application traffic through SOCKS5 or HTTP proxies, offering granular control over TCP and UDP connections without altering individual program settings. It operates at the kernel level using WinDivert, enabling it to mana...
Read More » -
Scan Your MCP Security with Proximity's Open-Source Tool
Proximity is an open-source tool that scans Model Context Protocol (MCP) servers to catalog exposed prompts, tools, and resources, helping identify security vulnerabilities before deployment. It integrates with NOVA to detect threats like prompt injection and data exfiltration, allowing security ...
Read More » -
Wireshark 4.6.0: Major Packet Analysis & Decryption Upgrades
Wireshark 4.6.0 enhances packet analysis and decryption, including support for NTP with Network Time Security and expanded MACsec decryption, improving troubleshooting capabilities for network traffic. Platform-specific updates include macOS gaining detailed process information dissection and a u...
Read More » -
EFF's Rayhunter: Open-Source Tool to Detect Cellular Spying
The Electronic Frontier Foundation (EFF) has released Rayhunter, an open-source tool that detects cell site simulators used for unauthorized mobile surveillance. Rayhunter runs on affordable hardware, analyzes metadata without capturing personal data, and alerts users via a visual interface when ...
Read More » -
Portmaster: Free Open-Source Firewall for Your Apps
Portmaster is a free, open-source application firewall for Windows and Linux that provides granular control over network traffic to enhance user privacy through intelligent automation. It inspects all network packets at a low level, identifies connections by application, and allows users to set d...
Read More » -
Tech We Lost in 2025: A Final Farewell
The tech industry saw several notable retirements in 2025, including the end of the TiVo hardware era, the final shutdown of the pioneering Skype service, and the closure of the popular read-it-later app Pocket. Microsoft fully retired its password manager in favor of passkeys for enhanced securi...
Read More » -
Master Network Security with pfSense: Open-Source Firewall & Router
pfSense CE is a free, open-source firewall and routing platform that provides a cost-effective, flexible alternative to commercial solutions for network security. It functions as a stateful firewall and router with an intuitive web interface, supporting IPv4/IPv6, VLANs, multi-WAN, and integrated...
Read More » -
Anubis: Open-Source AI Firewall to Block Scraper Bots
Anubis is an open-source tool that protects websites from automated scraping by requiring clients to solve a small, browser-based proof-of-work challenge before accessing content, which adds negligible friction for human users. Administrators can fine-tune the challenge difficulty and define rule...
Read More » -
Unleash DeepTeam: Open-Source LLM Red Teaming
DeepTeam is an open-source framework that rigorously tests large language models for hidden flaws before deployment, using advanced methods like jailbreaking and prompt injection to identify issues such as bias or data leaks. It supports a wide range of model configurations, including chatbots an...
Read More » -
Superagent: Open-Source Guardrails for AI Agents
Superagent is an open-source framework for building and managing AI agents with integrated safety controls, allowing developers to govern agent actions, data access, and behavior to ensure security and oversight. It provides configurable guardrails and a dedicated Safety Agent for real-time polic...
Read More » -
Nagios: The Ultimate Open-Source Monitoring Solution
Nagios is a premier open-source monitoring solution that provides complete visibility across an organization's entire technological landscape, enabling proactive problem identification and infrastructure reliability. It offers extensive monitoring of network protocols and host-level resources, su...
Read More » -
AIDEFEND: Free AI Security Framework for Robust Defense
AIDEFEND is an open-source framework that provides practical defensive strategies and best practices to protect AI and ML systems from threats, enabling real-world implementation. It aligns its defensive techniques with established threat catalogs like MITRE ATLAS and OWASP Top 10 for LLMs, ensur...
Read More » -
Open-Source Pentesting Platform for Red Teams | Cervantes
Cervantes is an open-source collaborative platform for red teams and security professionals, centralizing project management, vulnerability tracking, and reporting to improve efficiency in security assessments. The platform offers native collaboration features, a customizable knowledge base, and ...
Read More »