Vulnerablecode – A Free And Open Vulnerabilities Database And The Packages They Impact And The Tools To Aggregate And Correlate These Vulnerabilities

VulnerableCode is a free and open database of FOSS software package vulnerabilities and the tools to create and keep the data current. It is made by the FOSS community to improve and secure the open source software ecosystem. Why? The existing solutions are commercial proprietary vulnerability databases, which in itself does not make sense becauseRead More

OWASP ASST (Automated Software Security Toolkit) – A Novel Open Source Web Security Scanner

OWASP ASST (Automated Software Security Toolkit) | A Novel Open Source Web Security Scanner. Note: AWSS is the older name of ASST Introduction Web applications have become an integral part of everyday life, but many of these applications are deployed with critical vulnerabilities that can be fatally exploited. As the technology used to develop theseRead More

OpenWifiPass – An Open Source Implementation Of Apple’s Wi-Fi Password Sharing Protocol In Python

An open source implementation of the grantor role in Apple’s Wi-Fi Password Sharing protocol. Disclaimer OpenWifiPass is experimental software and is the result of reverse engineering efforts by the Open Wireless Link project. The code serves solely documentary and educational purposes. It is untested and incomplete. For example, the code does not verify the identityRead More

RAT-el – An Open Source Penetration Test Tool That Allows You To Take Control Of A Windows Machine

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software. Please do not upload to virustotalRead More

Horusec – An Open Source Tool That Improves Identification Of Vulnerabilities In Your Project With Just One Command

Horusec is an open source tool that performs static code analysis to identify security flaws during the development process. Currently, the languages for analysis are: C#, Java, Kotlin, Python, Ruby, Golang, Terraform, Javascript, Typescript, Kubernetes, PHP, C, HTML, JSON, Dart. The tool has options to search for key leaks and security flaws in all filesRead More

OSV – Open Source Vulnerability DB And Triage Service

OSV is a vulnerability database and triage infrastructure for open source projects aimed at helping both open source maintainers and consumers of open source. For open source maintainers, OSV’s automation helps reduce the burden of triage. Each vulnerability undergoes automated bisection and impact analysis to determine precise affected commit and version ranges. For open sourceRead More

OpenCSPM – Open Cloud Security Posture Management Engine

Open Cloud Security Posture Management, OpenCSPM, is an open-source platform for gaining deeper insight into your cloud configuration and metadata to help understand and reduce risk over time. Who is OpenCSPM for? Security teams running infrastructure in cloud environments looking to gain visibility into security risk across the entire account and track the resolution ofRead More

Watcher – Open Source Cybersecurity Threat Hunting Platform

Watcher is a Django & React JS automated platform for discovering new potentially cybersecurity threats targeting your organisation. It should be used on webservers and available on Docker. Watcher capabilities Detect emerging vulnerability, malware using social network & other RSS sources (www.cert.ssi.gouv.fr, www.cert.europa.eu, www.us-cert.gov, www.cyber.gov.au…). Detect Keywords in pastebin & in other IT content exchangeRead More

Doctrack – Tool To Manipulate And Insert Tracking Pixels Into Office Open XML Documents (Word, Excel)

Tool to manipulate and insert tracking pixels into Office Open XML documents. Features Insert tracking pixels into Office Open XML documents (Word and Excel) Inject template URL for remote template injection attack Inspect external target URLs and metadata Create Office Open XML documents (#TODO) Installation You will need to download .Net Core SDK for yourRead More

X