Use the kernel's CSPRNG like FreeBSD's for generating crypto keys as it has access to raw device entropy, promises not to share state between applications, and ensures not to provide random data before being seeded. Userspace CSPRNGs have led to numerous randomness failures in the past.
A repository of CTF source files and write-ups from 2015, addressing common issues in CTF write-ups.
A CTF platform inspired by motherfuckingwebsite.com, emphasizing simplicity and lightweight features.
Package verification tool for npm with various verification and testing capabilities.
Guidance on securing NFS in Red Hat Enterprise Linux 7
Node package for preparing CTF events with OWASP Juice Shop challenges for popular CTF frameworks.
Repository for IBM SOAR Apps source-code and development resources.
Steampipe is a zero-ETL solution for getting data directly from APIs and services.
Personal website of Collin R. Mulliner with a focus on security research and mobile platforms.
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.