security
A Burp Extension for GraphQL Security Testing. A security testing tool to facilitate GraphQL technology security auditing efforts.
Depuis 1999, l'équipe Vigil@nce veille les vulnérabilités publiques qui affectent votre parc informatique, puis propose des correctifs sécurité, une base et des outils pour y remédier. Chaque personne du SOC choisit la liste des logiciels à surveiller. Dès que Vigil@nce publie une alerte pour l'un de ses logiciels, la personne reçoit un bulletin de vigilance, contenant une explication simple de la faille, ses correctifs et ses contre-mesures.
OSINT Community Open Source Intelligence. OSINT-FR is a global community, gathering experts and learners, willing to develop their knowledge on open source intelligence techniques.
La plateforme communautaire dédiée à l'OSINT. Plateforme dédiée à la pratique de l'Osint.
Open Source Threat Intelligence Platform & Open Standards For Threat Information Sharing.
The MISP threat sharing platform is a free and open source software helping information sharing of threat and cybersecurity indicators.
Open Cyber Threat Intelligence Platform.
OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. It has been created in order to structure, store, organize and visualize technical and non-technical information about cyber threats.
Related contents:
Software for Adversary Simulations and Red Team Operations. Adversary Simulations and Red Team Operations are security assessments that replicate the tactics and techniques of an advanced adversary in a network. While penetration tests focus on unpatched vulnerabilities and misconfigurations, these assessments benefit security operations and incident response.
Detect security threats in real time
Falco is a cloud-native security tool designed for Linux systems. It employs custom rules on kernel events, which are enriched with container and Kubernetes metadata, to provide real-time alerts. Falco helps you gain visibility into abnormal behavior, potential security threats, and compliance violations, contributing to comprehensive runtime security.
Related contents:
- k8s-custom-detections @ GitHub.
- Réagir à temps aux menaces dans Kubernetes avec Falco (Rachid Zarouali, Thomas Labarussias) @ Voxxed Days Luxembourg's YouTube :fr:.
- Extending Falco for Bitcoin @ sysdig.
- Falcoctl: Artifact Management for Falco @ Cloud Native Computing Foundation.
- How Falco and Stratoshark close the gap between open source runtime detection and deep forensic analysis @ sysdig.
- Blueprinting Security in CI/CD: Building Trust Through Open Source @ CD Foundation.
Enterprise-grade open source web application firewall library. Coraza is an open source, high performance, Web Application Firewall ready to protect your beloved applications.
Advanced vm/sandbox for Node.js. vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Securely!
Confidential Containers is an open source community working to enable cloud native confidential computing by leveraging Trusted Execution Environments to protect containers and data.
enable cross-origin resource sharing. Cross-Origin Resource Sharing (CORS) is a specification that enables truly open access across domain-boundaries. If you serve public content, please consider using CORS to open it up for universal JavaScript/browser access.
The Burp extension helps you to find authorization bugs. Just navigate through the web application with a high privileged user and let the Auth Analyzer repeat your requests for any defined non-privileged user. With the possibility to define Parameters the Auth Analyzer is able to extract and replace parameter values automatically. With this for instance, CSRF tokens or even whole session characteristics can be auto extracted from responses and replaced in further requests. Each response will be analyzed and tagged on its bypass status.
FREE Desktop app to clean image metadata. Privacy and Performance. Attackers use GPS and device metadata to profile their victims. It also increases image file size. Sweep it away, with ExifCleaner.
EDRSandBlast is a tool written in C that weaponize a vulnerable signed driver to bypass EDR detections (Notify Routine callbacks, Object Callbacks and ETW TI provider) and LSASS protections. Multiple userland unhooking techniques are also implemented to evade userland monitoring.
As of release, combination of userland (--usermode) and Kernel-land (--kernelmode) techniques were used to dump LSASS memory under EDR scrutiny, without being blocked nor generating "OS Credential Dumping"-related events in the product (cloud) console. The tests were performed on 3 distinct EDR products and were successful in each case.
holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function. Efficiently finding registered accounts from emails. Holehe checks if an email is attached to an account on sites like twitter, instagram, imgur and more than 120 others.
Developer security | Develop fast. Stay secure. Developer loved, Security trusted. Find and automatically fix vulnerabilities in your code, open source dependencies, containers, and infrastructure as code — all powered by Snyk’s industry-leading security intelligence.
Search Engine for the Internet of Everything Shodan is the world's first search engine for Internet-connected devices. Discover how Internet intelligence can help you make better decisions.
Daily feed of bad IPs (with blacklist hit scores). IPsum is a threat intelligence feed based on 30+ different publicly available lists of suspicious and/or malicious IP addresses. All lists are automatically retrieved and parsed on a daily (24h) basis and the final result is pushed to this repository. List is made of IP addresses together with a total number of (black)list occurrence (for each). Greater the number, lesser the chance of false positive detection and/or dropping in (inbound) monitored traffic. Also, list is sorted from most (problematic) to least occurent IP addresses.
Impacket is a collection of Python classes for working with network protocols. Impacket is focused on providing low-level programmatic access to the packets and for some protocols (e.g. SMB1-3 and MSRPC) the protocol implementation itself. Packets can be constructed from scratch, as well as parsed from raw data, and the object-oriented API makes it simple to work with deep hierarchies of protocols. The library provides a set of tools as examples of what can be done within the context of this library.
INSECA is a set of tools to build and manage very secure live Linux based endpoint systems.
It builds on top of Debian's livebuild technology and adds many security oriented features to ensure a high level of security while keeping the overall usage as simple as any system.
ShredOS is a USB bootable (BIOS or UEFI) small linux distribution with the sole purpose of securely erasing the entire contents of your disks using the program nwipe. If you are familiar with dwipe from DBAN then you will feel right at home with ShredOS and nwipe. What are the advantages of nwipe over dwipe/DBAN? Well as everybody probably knows, DBAN development stopped in 2015 which means it has not received any further bug fixes or support for new hardware since that date. Nwipe originally was a fork of dwipe but has continued to have improvements and bug fixes and is now available in many Linux distros. ShredOS hopefully will always provide the latest nwipe on a up to date Linux kernel so it will support modern hardware.
Opt Out from Data Brokers. Get your personal data off the market.
Thousands of companies are collecting, aggregating and trading your personal data without you knowing anything about it. We make them remove it.
Buttercup is a beautifully-simple password manager designed to help manage your credentials. Buttercup uses very strong encryption to protect your sensitive details under a single master password - Feel free to use stronger and more complex passwords for each service and let Buttercup store them securely.
An OSINT tool to search for accounts by username in social networks. An OSINT tool to search fast for accounts by username across 574 sites.
Open Source Identity and Access Management. Add authentication to applications and secure services with minimum effort. No need to deal with storing users or authenticating users. Keycloak provides user federation, strong authentication, user management, fine-grained authorization, and more.
Related contents:
Making authentication simple.
authentik is an open-source Identity Provider focused on flexibility and versatility. It can be seamlessly integrated into existing environments to support new protocols. authentik is also a great solution for implementing sign-up, recovery, and other similar features in your application, saving you the hassle of dealing with them.
Sources:
- GoAuthentik de A à Y @ Une tasse de café :fr:.
- La veille des Ours n°31 @ Bearstech's LinkedIn :fr:.
- Ultimate Authentik Docker Compose Guide with Traefik 2025 @ SmartHomeBeginner.
- Improving Security with Hardware Keys - Authentik & Pocket-ID @ Jim's Garage's YouTube.
- Secure Jellyfin with Authentik (SSO + LDAP + 2FA/MFA Tutorial) @ IBRACORP's YouTube.
- Manage Authentik Resources in Terraform @ Christian Lempa's YouTube.
Check if an in-app browser is injecting JavaScript code Some iOS and Android apps make use of a custom in-app browser (full details). This causes potential security and privacy risks to the user.
The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Related contents:
- Sécuriser son homelab (et les PC des ados) avec Wazuh : une plateforme open source qui a tout d’une grande @ Cyril Beaufrere's LinkedIn :fr:.
- Wazuh - The FREE SIEM You Need to Try! - Installation Guide [Part 1] @ Jim's Garage's YouTube.
- You Probably Have 1000s of Vulnerabilities... Wazuh Walkthrough @ Jim's Garage's YouTube.
World's Most Widely Used Host Intrusion Detection System - HIDS. OSSEC offers comprehensive host-based intrusion detection across multiple platforms including Linux, Solaris, AIX, HP-UX, BSD, Windows, Mac and VMware ESX.
The Samhain host-based intrusion detection system (HIDS) provides file integrity checking and log file monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes.
A simple wildlife camera for Raspberry Pis. Sentry-Picam is a simple wildlife / security camera solution for the Raspberry Pi Zero W, providing 1080p/30fps motion activated H.264 video capture. The built in web interface makes it easy to review video clips and identify the busiest times of day.
Suricata is a high performance, open source network analysis and threat detection software used by most private and public organizations, and embedded by major vendors to protect their assets.
Deep Packet Inspection circumvention utility (for Windows).
This software designed to bypass Deep Packet Inspection systems found in many Internet Service Providers which block access to certain websites.
It handles DPI connected using optical splitter or port mirroring (Passive DPI) which do not block any data but just replying faster than requested destination, and Active DPI connected in sequence.
Manage Secrets & Protect Sensitive Data
Secure, store and tightly control access to tokens, passwords, certificates, encryption keys for protecting secrets and other sensitive data using a UI, CLI, or HTTP API.
Related contents:
WebGoat is a deliberately insecure application that allows interested developers just like you to test vulnerabilities commonly found in Java-based applications that use common and popular open source components.
Related contents:
Welcome to RasPwn OS, The intentionally vulnerable image for the Raspberry Pi.
Raspwn OS is a GNU/Linux distro in the spirit of Damn Vulnerable Linux and uses a Raspberry Pi 2B or 3 to emulate a vulnerable Linux Server. RasPwn was designed as a training tool and exists only to be attacked and pwned. Everything from the OS itself to the daemons and services to the web applications installed are all vulnerable to some degree. The idea is to provide a 'safe' (relatively) and affordable training environment and playground for hackers and pen-testers. By loading Raspwn OS and connecting to the Raspberry Pi via WiFi, one can practice pen-testing as well as both offensive and defensive hacking techniques without ever even getting on the internet for only around $50.
AutoPWN Suite is a project for scanning vulnerabilities and exploiting systems automatically.
This plugin is a small implementation of a fail2ban instance as a middleware plugin for Traefik.
Can You Block It was built to help you test if your ad-blocker is working as intended. The various tests help you in identifying what formats of advertisements are blocked or unblocked so that you can understand your ad-blockers effectiveness. Use the various tests to test ad-blockers such as AdBlock, AdBlock Plus, AdBlocker Ultimate, AdGuard, Ghostery, uBlock Origin, Pi-Hole, NoScript and more with various ad formats such as Web Banners, Native Ads, Pop-Unders, In-Page Push Ads, etc from popular Ad Networks.
An ACME-based certificate authority, written in Go. This is an implementation of an ACME-based CA. The ACME protocol allows the CA to automatically verify that an applicant for a certificate actually controls an identifier, and allows domain holders to issue and revoke certificates for their domains. Boulder is the software that runs Let's Encrypt.
The world's most widely used web app scanner. Free and open source. Actively maintained by a dedicated international team of volunteers.
Authentication server providing two-factor and SSO. Protect your applications with Single Sign-On and 2 Factor. Authelia is an open-source full-featured authentication server available on Github .
Related contents:
Discover everything that is happening on your computer. Expose every connection your applications make and detect evil ones. Finally get the power to act accordingly.
A reasonably secure operating system.
Qubes OS is a free and open-source, security-oriented operating system for single-user desktop computing. Qubes OS leverages Xen-based virtualization to allow for the creation and management of isolated compartments called qubes.
From the cloud to your endpoints to your IoT, TEHTRIS technologies neutralize ransomware and 0-days attacks in real time. Our solutions are modular and can be deployed individually or in a suite within the TEHTRIS XDR Platform.
Checkov scans cloud infrastructure configurations to find misconfigurations before they're deployed.
Checkov uses a common command line interface to manage and analyze infrastructure as code (IaC) scan results across platforms such as Terraform, CloudFormation, Kubernetes, Helm, ARM Templates and Serverless framework.
Related contents:
Canary tokens are a free, quick, painless way to help defenders discover they've been breached (by having attackers announce themselves. How tokens works (in 3 short steps):
- Visit the site and get a free token (which could look like an URL or a hostname, depending on your selection.)
- If an attacker ever uses the token somehow, we will give you an out of band (email or sms) notification that it's been visited.
- As an added bonus, we give you a bunch of hints and tools that increase the likelihood of an attacker tripping on a canary token.
DaProfiler allows you to get emails, social medias, adresses, works and more on your target using web scraping and google dorking techniques, based in France Only. The particularity of this program is its ability to find your targets e-mail adresses.
FreeOTP is a two-factor authentication application for systems utilizing one-time password protocols. Tokens can be added easily by scanning a QR code. If you need to generate a QR code, try our QR code generator.
OpenSnitch is a GNU/Linux port of the Little Snitch application firewall.
désactive OneDrive, Cortana, Bing, le fameux Wifi Sense, et bien sûr tout ce qui envoie des données à Microsoft, le partage des mises à jour en P2P, les services Xbox Live, les pubs dans le menu Démarrer, les popups de mise à jour reloues, boucher quelques failles qui permettent la fuite de données via Edge et Defender et même supprimer les identifiants uniques qui permettent de différencier votre installation Windows d'un autre.
Open source password manager for teams The password manager your team was waiting for. Free, open source, extensible, based on OpenPGP.
Related contents:
FastNetMon is a very high performance DDoS detector built on top of multiple packet capture engines: NetFlow, IPFIX, sFLOW.
An Efficient Communication System With Strong Anonymity
Keybase maps your identity to your public keys, and vice versa. Keybase is secure messaging and file-sharing.