Our activities around sponsoring Open Source are not just limited to projects we rely on; we have also been supporting those that are important to the general Cybersecurity ecosystem and beyond.
We're in this for the long haul and the most recent set of projects covers a very wide scope. We want to help ensure that everyone has sustainable Open Source for many years to come.
Let's tell you about these new projects and why you should be aware of them.
Hetty
Hetty is an HTTP toolkit for security research. It aims to become an open source alternative to commercial software like Burp Suite Pro, with powerful features tailored to the needs of the infosec and bug bounty community.
Whilst it is at an early stage of development, it has features like a Machine-in-the-middle (MITM) HTTP/1.1 proxy with logs.
Phishing Database
Phishing Database underlines how good data is just as important as tooling in Security. it provides a repository for phishing domains, web sites and threats and indicates domains that have been tested to be active, inactive or invalid. The lists update hourly.
To quote Mitchell Krog:
Open disclosure of any criminal activity such as Phishing, Malware and Ransomware is not only vital to the protection of every internet user and corporation but also vital to the gathering of intelligence in order to shut down these criminal sites.
Eric Zimmerman Tools
Eric Zimmerman is very well-known in the Security community due to his role at the SANS Institute. He has also created a huge range of popular tools such as KAPE, focused on Windows.
Like several other of the projects we support, these are foundational tools that you may not even be aware of, but rely on.
Scrummage
Scrummage is an OSINT tool that centralises search functionality from many publicly-available, third-party, OSINT websites. It comes with a large number of plugins and a lightweight web application providing users with the ability to manage big pools of results.
S3Scanner
S3Scanner is focused on one thing - find open S3 buckets. It seems like every week we hear of yet another accidentally open S3 bucket being exploited. This tool can help ensure this is dealt with before it becomes a problem. It also works with any other services that provide S3 compatible APIs.
Gitleaks
With a similar intent to S3Scanner, Gitleaks is a SAST (static application security testing) tool for detecting and preventing hardcoded secrets like passwords, API keys, and tokens in git repos. If there is one thing even more common than open S3 buckets, it's leaked credentials in GitHub. Scrubbing them entirely from your repo is another challenge in itself!
AzureHunter
AzureHunter is a Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and Office 365.
The UnifiedAuditLog is a great source of cloud forensic information since it contains a wealth of data on multiple types of cloud operations. AzureHunter was created because Azure cloud forensic tools don't usually address the complications of the Powershell API for the UnifiedAuditLog and those tools don't usually put focus on developing extensible Playbooks.
OSSEM
In addition to great tools and great data, the other critical thing needed in Open Source Security are common standards for data and for those tools to interact. OSSEM is a community-led project focused primarily on the documentation, standardization and modeling of security event logs.
Dockle
Docker has become an integral part of software deployment and a huge array of open source projects have sprung up around it. Naturally we're interested in those that focus on security and Dockle is a great example of a useful too in this space. It is a container image linter which helps with security best practices.
Lezer
Our Engineering team can tell you more about this in their recent blogpost.
Next?
We're not done! We'll have more announcements in the coming months about projects and people we are sponsoring in Open Source, both inside and outside of Security.
If you know of any projects that could benefit from our support, please email me directly at coneill@tines.io or DM us on Twitter.