New Open-Source Tool Spotlight

GhidraMCP is an Model Context Protocol server for allowing LLMs to autonomously reverse engineer applications. It exposes numerous tools from core Ghidra functionality to MCP clients.

#ReverseEngineering #Ghidra

Project link on #GitHub https://lnkd.in/gRUrYpMx

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

How can a DNS mail record be used to trick you into giving up your login credentials?

Researchers at Infoblox have identified a phishing-as-a-service (PhaaS) platform called Morphing Meerkat that’s been quietly operating for over five years. What makes it notable is its use of DNS MX (Mail Exchange) records in ways rarely reported before. Instead of the usual static phishing page setups, Morphing Meerkat queries the victim’s email provider’s MX record—using DNS-over-HTTPS via Google or Cloudflare—to tailor the phishing page dynamically. This means victims are shown spoofed login interfaces that mimic the exact service they use, complete with matching branding and pre-filled email fields.

The platform supports more than 114 brand templates and uses obfuscated JavaScript to evade detection. It also includes built-in translation capabilities based on browser profile or geolocation, making the fake login pages appear native to the user's language. Earlier versions began in 2020 targeting just five email services (Gmail, Outlook, Yahoo, AOL, Office 365). By mid-2023, they could generate phishing pages dynamically using MX records and now operate in over a dozen languages.

Morphing Meerkat campaigns rely on a set of centralized email servers, primarily hosted by UK ISP iomart and US-based HostPapa, indicating a coordinated infrastructure rather than a loose network of attackers. The phishing emails often impersonate trusted services—banks, shipping companies, etc.—and are distributed using compromised WordPress sites, open redirects from platforms like Google’s DoubleClick, and embedded links in shortened URLs.

Once a user submits credentials, the system may display a fake “Invalid Password” error to lure them into re-entering data, after which they are redirected to the real login page. This not only reduces suspicion but also increases the chance of capturing correct credentials. Stolen data is sent back via AJAX, PHP scripts, or Telegram bots, sometimes with evidence removed in real-time.

This operation shows a deep understanding of modern security blind spots—including how content delivery and DNS infrastructure can be turned against end users.

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

New Open-Source Tool Spotlight

TheHive is an open-source incident response platform designed to help teams investigate and manage cybersecurity incidents efficiently. It integrates with tools like MISP for threat intelligence sharing and supports automation through APIs. #CyberSecurity #IncidentResponse

Project link on #GitHub https://github.com/TheHive-Project/TheHive

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

New Open-Source Tool Spotlight

APTSimulator is a tool for security teams to simulate advanced persistent threat (APT) behavior in a controlled environment. It uses batch scripts to mimic common attack techniques, like privilege escalation or ransomware actions, without real payloads. Useful for testing detection rules. #CyberSecurity #ThreatSimulation

Project link on #GitHub https://github.com/NextronSystems/APTSimulator

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

New Open-Source Tool Spotlight

Velociraptor is an advanced DFIR (Digital Forensics and Incident Response) tool. It focuses on endpoint monitoring, hunting, and data collection using flexible artifact-based queries. Its scripting language, VQL, allows custom queries tailored for specific investigations. #DigitalForensics #CyberSecurity

Project link on #GitHub https://github.com/Velocidex/velociraptor

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

New Open-Source Tool Spotlight

Rubeus is a post-exploitation tool for Kerberos-related tasks on Windows. It supports ticket extraction, pass-the-ticket attacks, ticket forging, and more. A powerful choice for understanding and simulating Kerberos security flaws.

#CyberSecurity #Kerberos #RedTeam

Project link on #GitHub https://github.com/GhostPack/Rubeus

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

New Open-Source Tool Spotlight

Blacksmith is a cloud-native adversary simulation tool that scales offensive testing in Azure. It’s built to automate simulation setups, leveraging Azure services like Sentinel for detection validation. Useful for red teaming and continuous security improvement.

#ThreatHunting #AzureSecurity

Project link on #GitHub https://github.com/OTRF/Blacksmith

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

New Open-Source Tool Spotlight

Azure Sentinel is Microsoft's cloud-native SIEM tool. It integrates AI to detect threats, automate responses, and monitor logs across environments. Useful for hybrid clouds, it supports connectors for platforms like AWS, Office 365, and more. #CloudSecurity #SIEM

Project link on #GitHub https://github.com/Azure/Azure-Sentinel

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

New Open-Source Tool Spotlight

CrackMapExec is a post-exploitation tool for penetration testers. It automates tasks like credential validation, lateral movement, and Active Directory enumeration on Windows environments. Built on Python, it supports SMB, WinRM, and other protocols. Extremely useful for red team assessments. #CyberSecurity #PenTest

Project link on #GitHub https://github.com/byt3bl33d3r/CrackMapExec

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

New Open-Source Tool Spotlight

FLARE's FLOSS is a tool that extracts strings from malware, even if they're obfuscated. Unlike standard tools, FLOSS uses emulation and decoding techniques to identify hidden strings, making it invaluable for reverse engineers. It bridges gaps where simple static analysis falls short. #malwareanalysis #reversing

Project link on #GitHub https://github.com/fireeye/flare-floss

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

New Open-Source Tool Spotlight

Atomic Red Team is an open-source library of scripted tests that lets you simulate adversary behavior across major tactics in the MITRE ATT&CK framework. It's a practical tool for testing your detection and response capabilities.

#CyberSecurity #ThreatHunting

Project link on #GitHub https://github.com/redcanaryco/atomic-red-team

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

New Open-Source Tool Spotlight

Log4Shell still has lingering risks. If you're managing Java apps, check out Log4shell-detector on GitHub. It scans for vulnerable Log4j usage with minimal setup. Regular audits help keep your environment secure. #cybersecurity #Log4Shell

Project link on #GitHub https://github.com/Neo23x0/log4shell-detector

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

New Open-Source Tool Spotlight

Empire is a post-exploitation framework focused on PowerShell and Python agents, designed for red team operations. It includes modules for credential dumping, lateral movement, and more. Know the risks—tools like this are also used by attackers. #CyberSecurity #RedTeam

Project link on #GitHub https://github.com/EmpireProject/Empire

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

New Open-Source Tool Spotlight

MITRE Caldera is an open-source platform for automated adversary emulation. It uses plugins to simulate threats and test your defenses, helping identify gaps in your cybersecurity posture. The framework supports ATT&CK TTPs for realistic scenarios. #cybersecurity #opensource

Project link on #GitHub https://github.com/mitre/caldera

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

New Open-Source Tool Spotlight

Covenant is an open-source Command and Control framework designed for red team operations. Built in .NET Core, it supports cross-platform compatibility and multiple operators working simultaneously. It's a powerful tool, but keep in mind its ethical use depends on the intention behind it. #CyberSecurity #RedTeam

Project link on #GitHub https://github.com/cobbr/Covenant

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

New Open-Source Tool Spotlight

Sigma is a platform-independent framework to create security detections in a unified and structured way. Write rules once, convert them into formats like Splunk, Elastic, or SIEM-specific queries. It's a must-have for blue teams aiming for consistency and reuse. #Cybersecurity #ThreatHunting

Project link on #GitHub https://github.com/Neo23x0/sigma

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

New Open-Source Tool Spotlight

DataDog's KubeHound is a tool that queries Kubernetes clusters and surfaces Pod Security Standard violations. It works by analyzing a cluster against best practices with minimal setup. Useful for teams focused on securing their workloads in Kubernetes environments. #Kubernetes #CyberSecurity

Project link on #GitHub https://github.com/DataDog/KubeHound

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

New Open-Source Tool Spotlight

SpiderFoot is an open-source OSINT tool to automate data collection about targets. It supports over 200 modules, integrating DNS, IP, email, and infrastructure analysis. Perfect for security audits or threat intel workflows. #OSINT #Cybersecurity

Project link on #GitHub https://github.com/smicallef/spiderfoot

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

New Open-Source Tool Spotlight

Sqlmap is an open-source tool for automating SQL injection detection and exploitation. It supports multiple databases like MySQL, PostgreSQL, Oracle, and more. Widely used for penetration testing, it includes features like database dumping, password cracking, and file system access.

Remember: powerful tools require responsible use. #CyberSecurity #PenTesting

Project link on #GitHub https://github.com/sqlmapproject/sqlmap

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking

New Open-Source Tool Spotlight

Nuclei is a tool for automating vulnerability scanning using customizable YAML-based templates. Its strength lies in speed and flexibility, making it ideal for penetration testers and security researchers. Think of it as crafting your own scanner that adapts to your needs. #CyberSecurity #VulnerabilityTesting

Project link on #GitHub https://github.com/projectdiscovery/nuclei

#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity

—
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking