vuls

This is an open-source vulnerability scanner for Linux and FreeBSD, written in Go. It is an agentless scanner, meaning it does not require any additional software to be installed on the target systems. The scanner is designed to be easy to use and provides a simple command-line interface. The...

Guidance: Framing Software Component Transparency: Establishing a Common Software Bill of Materials (SBOM)

Today, CISA published the Framing Software Component Transparency, created by the Software Bill of Materials SBOM Tooling & Implementation Working Group, one of the five SBOM community-driven workstreams facilitated by CISA. CISA’s community-driven working groups publish documents and reports to...

Guidance: Assembling a Group of Products for SBOM

Today, CISA published Guidance on Assembling a Group of Products created by the Software Bill of Materials SBOM Tooling & Implementation Working Group, one of the five SBOM community-driven workstreams facilitated by CISA. CISA’s community-driven working groups publish documents and reports to...

Facad1ng - The Ultimate URL Masking Tool - An Open-Source URL Masking Tool Designed To Help You Hide Phishing URLs And Make Them Look Legit Using Social Engineering Techniques

Facad1ng is an open-source URL masking tool designed to help you Hide Phishing URLs and make them look legit using social engineering techniques. Your phishing link: https://example.com/whatever Give any custom URL: gmail.com Phishing keyword: anything-u-want Output:...

CVE-2023-45807 OpenSearch Issue with tenant read-only permissions

OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana following the license change in early 2021. There is an issue with the implementation of tenant permissions in OpenSearch Dashboards where authenticated users with read-only access to a tenant can perform create, edit...

CVE-2023-45807 OpenSearch Issue with tenant read-only permissions

OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana following the license change in early 2021. There is an issue with the implementation of tenant permissions in OpenSearch Dashboards where authenticated users with read-only access to a tenant can perform create, edit...

SOC-Multitool - A Powerful And User-Friendly Browser Extension That Streamlines Investigations For Security Professionals

Introducing SOC Multi-tool, a free and open-source browser extension that makes investigations faster and more efficient. Now available on the Chrome Web Store and compatible with all Chromium-based browsers such as Microsoft Edge, Chrome, Brave, and Opera. Now available on Chrome Web Store!...

BlueHound - Tool That Helps Blue Teams Pinpoint The Security Issues That Actually Matter

BlueHound is an open-source tool that helps blue teams pinpoint the security issues that actually matter. By combining information about user permissions, network access and unpatched vulnerabilities, BlueHound reveals the paths attackers would take if they were inside your network It is a fork o...

Information disclosure

OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. OpenSearch allows users to specify a local file when defining text analyzers to process data for text analysis. An issue in the implementation of this feature allows certain specially crafted queries to return a...

CVE-2022-41918

OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana. There is an issue with the implementation of fine-grained access control rules document-level security, field-level security and field masking where they are not correctly applied to the indices that back data streams...

Curious, Innovative, Creative, Community Driven: Meet Cyb3rWard0g, Roberto Rodriquez

When I grow up I want to be? Dancer or a veterinarian Happiest memories: Tearing up the dance floor at weddings and playing soccer in the streets of Lima, Peru Previous Job roles: Mopped floors for McDonalds, packed boxes at an Avon warehouse, Manager at Olive Garden, Beer taster/server and then...

vulhub

This is an offensive tool repository for testing and demonstrating vulnerabilities in various software and systems. The repository is maintained by Vulhub, a community-driven project that aims to provide a comprehensive collection of vulnerable environments for testing and learning purposes. The...

CVE-2022-31115 Unsafe YAML deserialization in opensearch-ruby

opensearch-ruby is a community-driven, open source fork of elasticsearch-ruby. In versions prior to 2.0.1 the ruby YAML.load function was used instead of YAML.safeload. As a result opensearch-ruby 2.0.0 and prior can lead to unsafe deserialization using YAML.load if the response is of type YAML. ...

nuclei-templates

This repository is an offensive tool for nuclei templates. It is a community-driven collection of templates for the nuclei engine to find security vulnerabilities in applications. The repository contains various templates, including CVEs, and is maintained by the projectdiscovery team. The...

vulhub

This repository is an open-source project for vulnerability research and training, maintained by phith0n. It contains a collection of vulnerable environments and tools for testing and learning about various security vulnerabilities. The repository is hosted on GitHub and has a community-driven...

vulhub

This is an open-source collection of vulnerable web applications and environments, designed for security training and testing. The repository contains a variety of applications, including web servers, databases, and other services, each with its own set of vulnerabilities. The goal is to provide ...

vulhub

This is an open-source, community-driven project called Vulhub, which provides a comprehensive collection of vulnerable systems and applications for educational and testing purposes. The repository contains a wide range of vulnerable systems, including web applications, databases, and networks, a...

vulhub

This repository is an offensive tool for creating vulnerable environments based on Docker-Compose. It is a pre-built collection of vulnerable environments for testing and practicing defensive security skills. The repository contains various vulnerable environments, including CouchDB, FFmpeg, Git,...

Akamai Launch Cohort 2 of Accelerator Program for Early-Stage Innovations in Water

Akamai Technologies India Pvt. Ltd. has chosen the grantees for Cohort 2 of Accelerator Program for Early-Stage Innovations in Water. The Accelerator Program enables grantees to ideate their technology-based solutions for water conservation. This year, two grantees -- SmartTerra and Jaljeevika --...

CVE-2020-26295

OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.5, an administrator with permission to import/export data and to edit cms pages was able to inject an executable file on the server via layout xml. The latest OpenMage Versions up from 19.4.9 an...