New Open-Source Tool Spotlight 🚨🚨🚨

A Rust-powered Windows kernel rootkit, **shadow-rs**, blends advanced system manipulation with Rust's safety principles. Features include process hiding, privilege elevation, callback management, and more. For research/education. 🌐 #RustLang #KernelDevelopment

🔗 Project link on #GitHub 👉 https://github.com/joaoviictorti/shadow-rs

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

— ✨
🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️

New Open-Source Tool Spotlight 🚨🚨🚨

PurpleLab offers a fully deployable cybersecurity lab with a web-based UI. Includes Windows Server 2019 sandbox, detection rule management, and MITRE ATT&CK integration. Ideal for testing detection rules or simulating attacks. #Cybersecurity #DevSecOps

🔗 Project link on #GitHub 👉 https://github.com/Krook9d/PurpleLab

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

— ✨
🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️

New Open-Source Tool Spotlight 🚨🚨🚨

Transform any URL into an LLM-ready input with `Reader`. Just prefix the URL with `https://r.jina.ai/` for clean, readable content extraction. Perfect for enhancing agents & RAG pipelines. #LLM #NLP

Need web search results for your LLM? Prepend queries with `https://s.jina.ai/` to fetch top results—content included. E.g., `https://s.jina.ai/your+query` brings knowledge directly to your model. #AItools #DataEngineering

Reader API now supports images! Captions are auto-generated for images missing alt tags, giving LLMs better context for reasoning and summarizing multimedia pages. #MachineLearning #AI

🔗 Project link on #GitHub 👉 https://github.com/jina-ai/reader

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

— ✨
🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️

New Open-Source Tool Spotlight 🚨🚨🚨

Using Microsoft Teams as a C2 channel? Meet convoC2. It embeds commands in hidden span tags and extracts outputs from Adaptive Card image URLs. Detection is tough—Teams logs aren’t antivirus-friendly. #CyberSecurity #RedTeam

🔗 Project link on #GitHub 👉 https://github.com/cxnturi0n/convoC2

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

— ✨
🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️

New Open-Source Tool Spotlight 🚨🚨🚨

gVisor: a user-space application kernel designed for container isolation. It mimics a Linux kernel interface while being written in Go for memory safety, running in user space. Ideal for sandboxing workloads in Docker or Kubernetes. #Containers #Sandbox

🔗 Project link on #GitHub 👉 https://github.com/google/gvisor

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

— ✨
🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️

New Open-Source Tool Spotlight 🚨🚨🚨

Falcoctl streamlines Falco administration with commands for managing plugins, rules, and registries. From adding an artifact index to searching specific plugins like `cloudtrail`, it’s built for precision. Works with multiple backends (HTTP, S3, GCS). Config files simplify repeat usage. #Falco #DevSecOps

🔗 Project link on #GitHub 👉 https://github.com/falcosecurity/falcoctl

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

— ✨
🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️

I just added a Rules section to RBAC Atlas: https://rbac-atlas.github.io/rules/, which includes the current set of rules I’m using to detect risky Kubernetes policies.

With the help of AI, each rule comes with example “malicious” commands that you can copy and paste to test your cluster 😁

New Open-Source Tool Spotlight 🚨🚨🚨

Falco offers real-time runtime security for Linux, designed to detect malicious activity via kernel-level monitoring. It tracks syscalls & integrates with Kubernetes metadata while supporting analysis in SIEM systems. #SecOps #CloudNative

Falco's modular repos streamline its ecosystem. Core ones include `libs` (drivers/libraries), `rules` (predefined threat detection rules), and `plugins` (external integrations). Check out `falcoctl` for CLI management. #DevSecOps #OpenSource

Why is Falco in C++? Its low-level, high-throughput needs require precise control over memory and performance—traits Go can't fully address. Plus, C++ enables kernel-level integration and cross-language plugin compatibility. #Programming #CloudSecurity

🔗 Project link on #GitHub 👉 https://github.com/falcosecurity/falco

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

— ✨
🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️

I finally wrapped up a project that had been on my mind for over a year.

Introducing RBAC ATLAS - 🔗 https://rbac-atlas.github.io

RBAC ATLAS is a curated database of identities and the Role-Based Access Control (RBAC) policies tied to them in popular Kubernetes open-source projects. Each entry includes security annotations that highlight granted permissions, potential risks, and possible abuse scenarios (inspired by classics like GTFOBins and LOLBAS).

Why does RBAC matter?

RBAC is the last line of defense in Kubernetes security. If a workload gets compromised and an identity is stolen, a misconfigured or overly permissive RBAC policy (often seen with Operators) can let an attacker move laterally through the cluster — potentially leading to a full takeover. Alongside RBAC ATLAS, I’ve also been working on a tool called RBAC Scope — a static analyzer that checks RBAC policies against 100+ rules to flag risks and abuse scenarios. It’s built to be flexible and open for contributions, so the community can create their own rules. I’ll be releasing that project soon as well!

In the meantime, if you're curious to learn more — or want to invite me to speak at your conference — feel free to reach out. I’ll be talking about these tools at the Red Team Village during DEFCON 33.

New Open-Source Tool Spotlight 🚨🚨🚨

MCP-Hydra bridges AI assistants like ChatGPT with security tools (e.g., Nmap, Sqlmap) via the Model Context Protocol (MCP). It simplifies AI-assisted pentesting and analysis by making tools extensible and scriptable. #Cybersecurity #AI

🔗 Project link on #GitHub 👉 https://github.com/HappyHackingSpace/mcp-hydra

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

— ✨
🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴‍☠️