#securitytools — Public Fediverse posts on home.social

KrebsOnSecurity RSS @[email protected] · 2026-03-11 · 01:00 UTC

Microsoft Patch Tuesday, March 2026 Edition

https://krebsonsecurity.com/2026/03/microsoft-patch-tuesday-march-2026-edition/

#MicrosoftPatchTuesdayMarch2026 #MicrosoftOffice #TheComingStorm #CVE-2026-21262 #CVE-2026-24289 #CVE-2026-24291 #CVE-2026-24294 #CVE-2026-25187 #CVE-2026-26110 #CVE-2026-26113 #CVE-2026-26127 #mozillafirefox #SecurityTools #SatnamNarang #TimetoPatch #AdamBarnett #BenMcCarthy #Immersive #Tenable #adobe #XBOW

#microsoftpatchtuesdaymarch2026 #microsoftoffice #thecomingstorm #cve #mozillafirefox #securitytools

Aditya @[email protected] · 2026-01-05 · 14:15 UTC

🔐 Introducing frida-ui

A lightweight, web-based user interface built for Frida - designed to make Android application penetration testing more intuitive and efficient.

📦 Easy to get started:
> uv tool install frida-ui
> frida-ui

Check it out on GitHub - https://github.com/adityatelange/frida-ui

Available on PyPI: https://pypi.org/project/frida-ui

#AndroidSecurity #infosec #Frida #SecurityTools #OpenSource

#androidsecurity #frida #securitytools #opensource #infosec

NiamonX @[email protected] · 2025-12-08 · 17:22 UTC

NiamonX Internet Surface (Beta) is now live — a passive, privacy-respecting OSINT & attack-surface intelligence platform built to map real-world exposure at global scale.

Instead of noisy scans or shallow datasets, the platform merges:
• internet-wide scanning (≈3,000 ports)
• multi-source enrichment (WHOIS/RDAP, public registries, partner crawlers)
• deep tech fingerprinting
• graph-based topology mapping
• AI-driven risk reports

The topology graph reveals relationships between IP ranges, domains, ASNs, software stacks, libraries, misconfigurations, and exposed services — not just “open ports”.
Patterns and systemic weaknesses become visible instantly.

The built-in AI Auditor produces contextual security reports:
• attack-path analysis
• CVE clustering & prioritization
• business impact breakdown
• actionable remediation roadmap
A process that normally takes days can now be done in hours.

The entire system is designed with security & privacy in mind:
• hardened infrastructure
• zero request logging
• no user tracking
• only quota counters for rate enforcement

Available across all plans — including the free tier.

If you’re doing OSINT, threat hunting, red/blue team work, or asset discovery, this is a tool worth exploring.

🔗 dash.niamonx.io/internet_surface
🔗 is.niamonx.io

#OSINT #ThreatIntel #Infosec #AttackSurface #SecurityTools #CyberSecurity #Recon #AI #PassiveRecon #NiamonX

#osint #threatintel #infosec #attacksurface #securitytools #cybersecurity

NiamonX @[email protected] · 2025-12-08 · 17:22 UTC

NiamonX Internet Surface (Beta) is now live — a passive, privacy-respecting OSINT & attack-surface intelligence platform built to map real-world exposure at global scale.

Instead of noisy scans or shallow datasets, the platform merges:
• internet-wide scanning (≈3,000 ports)
• multi-source enrichment (WHOIS/RDAP, public registries, partner crawlers)
• deep tech fingerprinting
• graph-based topology mapping
• AI-driven risk reports

The topology graph reveals relationships between IP ranges, domains, ASNs, software stacks, libraries, misconfigurations, and exposed services — not just “open ports”.
Patterns and systemic weaknesses become visible instantly.

The built-in AI Auditor produces contextual security reports:
• attack-path analysis
• CVE clustering & prioritization
• business impact breakdown
• actionable remediation roadmap
A process that normally takes days can now be done in hours.

The entire system is designed with security & privacy in mind:
• hardened infrastructure
• zero request logging
• no user tracking
• only quota counters for rate enforcement

Available across all plans — including the free tier.

If you’re doing OSINT, threat hunting, red/blue team work, or asset discovery, this is a tool worth exploring.

🔗 dash.niamonx.io/internet_surface
🔗 is.niamonx.io

#OSINT #ThreatIntel #Infosec #AttackSurface #SecurityTools #CyberSecurity #Recon #AI #PassiveRecon #NiamonX

#niamonx #passiverecon #ai #recon #cybersecurity #securitytools

Hacktivate Labs @[email protected] · 2025-11-28 · 09:35 UTC

☁️ Cloud Security Toolkit – What Modern Teams Actually Need 🛡️
The cloud changed everything — speed, scale, AND attack surface. Security now happens at runtime, at identity level, and inside every pipeline. If your tools can’t see everything, they’re already failing.

Core Categories to Lock In:
• CSPM → Posture & misconfig checks (Prisma Cloud, Wiz, Dome9)
• CWPP → Runtime protection for VMs & containers (CrowdStrike, Aqua, Trend Micro)
• CASB → SaaS visibility & data control (Netskope, MS Defender for Cloud Apps)
• IAM → Hardening identity (AWS IAM, Azure AD, Okta, BeyondTrust)
• SIEM / Threat Detection → Splunk, Sumo Logic, Datadog + cloud logs
• Vuln & Config Scanning → Tenable, Trivy, Qualys for IaC & images
• Secrets Management → HashiCorp Vault, AWS Secrets Manager
• CI/CD Supply Chain Defense → Snyk, Checkov, GitHub Advanced Security

🧠 Cloud Rule:
Attackers don’t break in — they log in. Identity is the new perimeter.

Always what do you guys think ?

⚠️ Use responsibly. Test in staging before production. Map every tool to your threat model, compliance framework, and provider stack.

#CloudSecurity #DevSecOps #CSPM #IAM #CWPP #SIEM #ContainerSecurity #InfoSec #CyberDefense #HacktivateLabs #SecurityTools

#cloudsecurity #devsecops #cspm #iam #cwpp #siem

Anastasis Vasileiadis @[email protected] · 2025-09-19 · 10:01 UTC

☁️ Cloud Security Tools — Essential Toolkit for Modern Teams 🛡️🚀

Cloud environments introduce new risks and require specialized tooling to secure workloads, configurations, and data. Use a mix of CSP-native and third-party tools to cover posture management, runtime protection, identity, and visibility. Key categories and examples: Cloud Security Posture Management (CSPM) — Prisma Cloud, Dome9, Wiz for misconfig & compliance checks 🔍; Cloud Workload Protection (CWPP) — CrowdStrike, Trend Micro, Aqua for container and VM runtime defense 🐳🛡️; Cloud Access Security Broker (CASB) — Netskope, Microsoft Defender for Cloud Apps for SaaS visibility & data control ☁️🔐; Identity & Access Management — AWS IAM/Azure AD hardening, BeyondTrust, Okta for strong auth & least privilege 🔑; Threat Detection & SIEM — Splunk, Sumo Logic, Datadog + cloud-native logging for alerting and forensics 📊; Vulnerability & Configuration Scanning — Qualys, Tenable, Trivy for images and infra-as-code scanning ⚙️; Secrets Management — HashiCorp Vault, AWS Secrets Manager for safe key handling 🔐; and Supply-chain & CI/CD security — Snyk, Checkov, GitHub Advanced Security to catch insecure deps and pipelines 🧩.

⚠️ Disclaimer:
For educational & defensive use only. Evaluate tools against your cloud provider, compliance needs, and threat model before deploying. Always test changes in staging before production. 🚫🔒

#CloudSecurity #CSPM #CWPP #IAM #DevSecOps #InfoSec #Cloud #CyberSecurity #SecurityTools #Compliance #ContainerSecurity ☁️🛡️

#cloudsecurity #cspm #cwpp #iam #devsecops #infosec

DROP\ TABLE Hacker of Earthsea @[email protected] · 2025-09-12 · 22:00 UTC

⚡ FREE Tool: Stop Wasting Time on SIEM Rule Conversions!
Converting between Snort and Suricata rules? Analyzing complex rule sets?
da signature parser does it in seconds - not hours! ��
✅ One-click conversions
✅ Smart rule analysis
✅ Security-validated
✅ 100% FREE
Built by a security engineer, for security engineers.
Try it: https://chickenpwny.github.io/DaSignatureParser/
What's your biggest SIEM pain point? Let's discuss!
#Cybersecurity #SIEM #SecurityTools #FreeTools