Here is a curated selection of open source cybersecurity solutions that have made people realize their potential to improve security levels in a variety of different situations.
BlacksmithAI: Open-source AI-powered penetration testing framework
BlacksmithAI is an open source penetration testing framework that uses multiple AI agents to perform various phases of the security testing lifecycle. BlacksmithAI works as a high-level system where orchestration coordinates the execution of tasks to specialized agents.
mquire: An open source Linux memory forensics tool
Linux memory forensics has long relied on debug flags tied to specific kernel versions. These symbols are not installed in production systems by default, and getting them from external storage causes a recurring problem: repositories get corrupted, kernels build up fragmentation, and active event response analysts often do not find published symbols for the kernel they need to analyze. Trail of Bits was published by mquire to solve this problem. The open source tool analyzes Linux memory snapshots without requiring external debug information.
Cloud-Audit: A fast, open source AWS security tool
Performing AWS security audits without a dedicated security team often means choosing between enterprise platforms that have a per-scan fee and open source scanners that generate results without remediation guidance. Cloud-audit, a Python CLI tool published on GitHub by Mariusz Gebala, takes a small amount of space and adds an audit trail to everything it finds.
VulHunt: An open source vulnerability detection framework
Binarly has announced VulHunt Community Edition, making the core search engine from Binarly’s Transparency Platform available to independent researchers and practitioners. VulHunt Community Edition is a framework for detecting vulnerabilities in compiled software. It works against multiple binary representations simultaneously, works across disassembly, intermediate representation, and broken code.
Betterleaks: Open source secrets scanner
Leak testing has become the norm in all engineering organizations, and Gitleaks has become one of the most widely used tools in the field. The author of that project, Zach Rice, has now released a new tool called Betterleaks, designed to scan git repositories, directories, and common access for leaked credentials, API keys, tokens, and passwords.
Plumber: An open-source scanner of GitLab CI/CD pipelines for compliance gaps
GitLab CI/CD pipelines often accumulate configuration decisions that move to security centers over time. Container images are added to variable tags, branches lose security settings, and required templates are missing. An open-source tool called Plumber automatically detects those conditions by directly checking plumbing and storage configurations.
ShipSec Studio brings open source orchestration to the security process
Security teams have long relied on a combination of shells, cron jobs, and loosely coupled tools for operational and vulnerability management. ShipSec Studio, an open source security monitoring platform from ShipSec AI, aims to replace that configuration with a unique orchestration built specifically for security operations.
Must read:
Subscribe to Help Net Security’s ad-free monthly newsletter to stay up-to-date on important open source cybersecurity tools. Register here!
#open #source #cybersecurity #tools #month #March #Net #Security