Topic: github availability
-
VulnRisk: Open-Source Vulnerability Risk Assessment
VulnRisk is a free, open-source platform for vulnerability risk assessment that uses context-aware analysis to provide more relevant security insights than traditional CVSS scoring. It reduces alert fatigue by filtering out up to 90% of irrelevant noise through contextual factors like exploit lik...
Read More » -
Uncover Hidden Secrets: Nosey Parker Finds Sensitive Data in Git & Text
Nosey Parker is an open-source command-line tool that finds sensitive information like passwords and API keys hidden in text files, serving as a specialized alternative to grep. Developed for offensive security, it is also used defensively to audit environments for accidental data leaks and has b...
Read More » -
Metis: AI-Powered Open-Source Security Code Analyzer
Metis is an AI-driven, open-source security analysis tool that identifies subtle vulnerabilities in large or legacy codebases, surpassing traditional scanners. It uses large language models and retrieval augmented generation to understand code context and relationships, providing precise recommen...
Read More » -
Open-Source CAI: The Ultimate AI Security Framework
Cybersecurity AI (CAI) is an open-source framework that enables the creation of AI agents for both offensive and defensive security operations, such as vulnerability scanning and exploitation. Its modular, agent-based design includes built-in safeguards and supports integration with over 300 AI m...
Read More » -
OpenAEV: Free Open-Source Adversarial Exposure Validation Tool
OpenAEV is a free, open-source platform for managing comprehensive adversary simulation campaigns, integrating technical testing with operational workflows and human response elements. The framework is built around reusable scenario templates that define threat contexts and structured plans, whic...
Read More » -
BloodHound 8.0 Launches with Enhanced Attack Path Management
BloodHound 8.0 introduces **OpenGraph**, enabling visualization and analysis of attack paths across diverse platforms like GitHub, Snowflake, and Microsoft SQL Server, expanding beyond traditional Active Directory focus. Key enhancements include **Microsoft PIM Role Visibility**, **ServiceNow and...
Read More » -
Vulnhuntr: Find Remotely Exploitable Vulnerabilities Fast
Vulnhuntr combines static code analysis with large language models (LLMs) to detect complex, multi-step vulnerabilities that traditional scanners miss by tracking data flow across applications. The tool systematically breaks down code analysis to overcome LLM context limitations, tracing user inp...
Read More » -
Kanvas: Open-Source Incident Response Tool for Teams
Kanvas is an open-source case management tool for incident response, offering a centralized Python-built desktop interface to handle SOD files and streamline investigations. The tool uses Excel as its backend and features Markdown-based note-taking, external lookups, visualization capabilities, a...
Read More » -
InterceptSuite: Open-Source Network Traffic Interception Tool
InterceptSuite is an open-source tool for intercepting and analyzing network traffic, with strong support for TLS/SSL inspection and handling of both HTTP and non-HTTP protocols. It features cross-platform compatibility, efficient C-based architecture, and advanced capabilities like STARTTLS inte...
Read More » -
Secure Your Android with Aegis: Free Open-Source 2FA App
Aegis Authenticator is a free, open-source two-factor authentication app for Android, offering robust security and user-friendly features to protect online accounts. It provides military-grade encryption, supports HOTP and TOTP protocols, and works with most services requiring 2FA, ensuring relia...
Read More » -
Autoswagger: Open-Source Tool to Detect API Security Flaws
Autoswagger is an open-source tool that detects critical API security vulnerabilities, particularly broken authorization flaws, by scanning OpenAPI-documented APIs to prevent unauthorized access or data exposure. The tool discovers API schemas, parses endpoint definitions, and tests for deviation...
Read More » -
Open-Source Pentesting Platform for Red Teams | Cervantes
Cervantes is an open-source collaborative platform for red teams and security professionals, centralizing project management, vulnerability tracking, and reporting to improve efficiency in security assessments. The platform offers native collaboration features, a customizable knowledge base, and ...
Read More »