Kaitai Struct WebIDE, (Sun, Oct 26th)
When I have a binary file to analyze, I often use tools like 010 Editor or format-bytes.py (a tool I develop). Sometimes I also use Kaitai Struct .
Articles tagged with: #security-tools
Clear filter
New no nonsense platform for practice security learning
submitted by /u/int_over_flow [link] [comments]
New no nonsense platform for practice security learning
Recently discovered, this platform called vantagepoint. Its pretty clean and no nonsense, there are events you can register to and there is free event to regarding web application security with a wonderful lab. There are 3 certifications at present, 1 each for Mobile Appsec , Web AppSec and the Multi Cloud security expert which is what I am planning to get. What do you guys think? submitted by /u/int_over_flow [link] [comments]
CIS CSC Experiences
I'm working on a tool to help with some of the challenges I've seen around managing CIS CSC. Including: Expanding and narrowing scope easily as business needs change Getting all the info you need from the business owners to understand what's what Getting granular, all the way down to the asset, to capture the efficacy of controls Full risk analysis of where to focus There's more, but those are some of the highlights. If anyone's working with CIS CSC currently and willing to share some of their...
Anyone else feel like 'data security posture management' is just DLP 3.0 with better marketing?
Been sitting through a few DSPM pitches lately and can't shake the feeling it's just DLP 3.0, with the same principles, nicer UX. I want to believe it's more than that, but so far it feels evolutionary, not revolutionary. Curious if anyone's actually seen a DSPM tool deliver something DLP never could? submitted by /u/Free-Hamster462 [link] [comments]
Should an IVD medical device manufacturing startup implement a cybersecurity framework for its company IT?
submitted by /u/OkLet9942 [link] [comments]
Vault Viper Exploits Online Gambling Websites Using Custom Browser to Install Malicious Program
Southeast Asia's online gambling ecosystem has become a breeding ground for sophisticated cyber threats, with criminal networks leveraging seemingly legitimate platforms to distribute malicious software to millions of unsuspecting users. A recently uncovered operation demonstrates how threat actors exploit the region's thriving illegal gambling market by deploying a weaponized browser disguised as a privacy tool.
🚀 Building a Pre-Audit Tool for ISO 27001 Readiness
submitted by /u/ProofandTrust [link] [comments]
What's a reliable tool to see the hash value of a file?
Something that works on both Windows and MacOS, with a GUI (something simple) submitted by /u/AtticThrowaway [link] [comments]
YouTube Ghost Malware Network With 3,000+ Malicious Videos Attacking Users to Deploy Malware
A sophisticated malware distribution campaign leveraging over 3,000 malicious YouTube videos has been uncovered, targeting users seeking pirated software and game cheats. The YouTube Ghost Network represents a coordinated ecosystem of compromised accounts that exploit platform features to distribute information-stealing malware while creating false trust through fabricated engagement. Active since 2021, the network has dramatically
Agenda Ransomware Actors Deploying Linux RAT on Windows Systems Targeting VMware Deployments
Cybersecurity researchers have uncovered a sophisticated ransomware campaign where Agenda group threat actors are deploying Linux-based ransomware binaries directly on Windows systems, targeting VMware virtualization infrastructure and backup environments. This cross-platform execution technique challenges traditional security assumptions and demonstrates how ransomware operators are adapting to bypass endpoint detection systems that primarily focus on Windows-native threats.
Cisco Opensourced MCP Scanner to find security threats in MCP Servers
https://github.com/cisco-ai-defense/mcp-scanner/tree/main submitted by /u/Altruistic-Tea-5612 [link] [comments]
Any help?
I am looking for a CSPM tool which can be used on an ad-hoc basis to assess client cloud native or hybrid environments. I am not looking for a reseller model. Ideally, the vendor would be UK or EU based (for data protection reasons). I have found other tools on the market, but they are either on a consultancy basis and based in the US, or reseller model and based UK/Europe. Any ideas? submitted by /u/CantaloupeVarious950 [link] [comments]
Is there like a single app that can handle the full cyber defense load?
Curious if there's actually a legit option for cybersecurity that can do like VPN, antivirus, antiphishing, scams etc all in one tool? I know Nortons out there but not sure if theyre what I'm asking for submitted by /u/Outside_Economy9924 [link] [comments]
a16z-Backed Startup Sells Thousands of 'Synthetic Influencers' to Manipulate Social Media as a Service
Andreessen Horowitz is funding a company that clearly violates the inauthentic behavior policies of every major social media platform.
How Ken Thompson hid a self-reproducing backdoor in the C compiler (1984)
I recently wrote a deep dive exploring the famous talk " Reflections on Trusting Trust" by Ken Thompson - the one where he describes how a compiler can be tricked to insert a Trojan horse that reproduces itself even when the source is "clean". In the post I cover: • A walkthrough of the core mechanism (quines, compiler "training", reproduction). • Annotated excerpts from the original nih example (via Russ Cox) and what each part does. • Implications today: build-tool trust, reproducible...
New Red Teaming Tool RedTiger Attacking Gamers and Discord Accounts in the Wild
RedTiger is an open-source red-teaming tool repurposed by attackers to steal sensitive data from Discord users and gamers. Released in 2025 on GitHub, RedTiger bundles penetration-testing utilities, including network scanners and OSINT tools. But its infostealer module has gone rogue, with malicious payloads circulating online since early 2025. Netskope Threat Labs reported multiple variants targeting
DoiT Acquires CloudWize to Boost AI Cloud Security
The acquisition is part of DoiT's $250 million investment into AI-driven CloudOps and FinOps DoiT, provider of enterprise-grade FinOps and CloudOps solutions, today announced the acquisition of CloudWize, a multi-cloud security posture and compliance platform. This tech acquisition extends DoiT Cloud Intelligence(TM) beyond cloud financial management to include intelligent security posture,...
3,000 YouTube Videos Exposed as Malware Traps in Massive Ghost Network Operation
A malicious network of YouTube accounts has been observed publishing and promoting videos that lead to malware downloads, essentially abusing the popularity and trust associated with the video hosting platform for propagating malicious payloads. Active since 2021, the network has published more than 3,000 malicious videos to date, with the volume of such videos tripling since the start of the
Kentik Expands Executive Team to Support Demand for Network Intelligence
Kentik, the Network Intelligence platform, today announced the hiring of seven new executives across engineering, product, sales, finance, and partnerships, as demand for AI solutions to design, manage, and optimize networks has spiked significantly. The decades of combined experience spans leading enterprises including Dell Technologies, Palo Alto Networks, Red Hat,...