Weekend decision
#ctf
10 Beiträge10 Beteiligte1 Beitrag heute
Looking for an open-source way to extract Google Maps data? 
Google Maps Scraper is a CLI & web-based tool that pulls business info like name, address, phone, ratings, reviews, GPS coordinates, and more. Supports CSV/JSON export, email scraping (optional), and REST API for automation.
#DataExtraction #OpenSource #WebScraping
Project link on #GitHub 
https://github.com/gosom/google-maps-scraper
#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity
— 
P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 
Hackers Gambit 2025 Now totally FREE!
₹1,10,000+ Prize Pool
2000+ players
Qualifiers Oct 10–12 (Online)
Finals Oct 30–31 (In-person)
FREE Registration is LIVE now: https://unstop.com/o/j7E3ecI?lb=EReYUW1&utm_medium=Share&utm_source=parthpat6682&utm_campaign=Online_coding_challenge
Ever wonder if third-party GCP Service Account keys are as secure as they claim? 
This recon tool, `gcp-sa-key-checker`, evaluates GCP Service Account keys using public x509 data. It identifies mismanaged or risky keys (e.g., `USER_MANAGED` types) without needing permissions. A smart way to audit SaaS integrations. #GCP #Security
Project link on #GitHub https://github.com/mercari/gcp-sa-key-checker
#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity
— P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking
Who’s accessing your AWS resources? 
KYE (Know Your Enemies) scans IAM Role trust and S3 bucket policies to identify third-party accounts with access. It uses public AWS account references and flags vulnerabilities like missing ExternalId conditions. Bonus: generates clean markdown reports! #AWS #CloudSecurity #IAM
Project link on #GitHub https://github.com/zoph-io/kye
#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity
— P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking
Using SonarQube to solve a CTF challenge? Done! 
Learn how we detected a 0-day vulnerability during #KalmarCTF, making us first to solve the challenge! From Zip Slip to RCE, using lazy class loading:
www.sonarsource.comCode Security for Conversational AI: Uncovering a Zip Slip in EDDILearn how SonarQube identified a Zip Slip vulnerability (CVE-2025-32779) in EDDI, an open-source conversational AI middleware.
Il reste 1 mois avant le prochain Hackfest !
(EN will follow)
La 17e édition de l'événement de cybersécurité le plus attendu au Canada approche à grands pas ! 
16-17-18 octobre 2025 au Centre des congrès de Québec.
Ce qui vous attend
: Des conférences techniques de haut niveau;
Villages animés (Lockpicking, IoT, RFID, Social Engineering, Hack ta carrière...);
CTFs compétitifs !
Keynote exclusive par Chris Roberts
Formations exclusives au Hackfest (13-16 octobre) :
- Sécurité 101-102-103 créées par notre communauté
- Sécurité Physique 101-201-202
- PowerShell pour l'équipe bleue (5e édition !)
- Gestion de crise en cybersécurité
- Organiser sa cyberdéfense opérationnelle
- Cloud pragmatique et Security Ops
- OSINT/Social Engineering Bootcamp
Et bien plus encore ! https://hackfest.ca
Réservez vos billets dès maintenant ! https://hackfest.ca/fr/inscription/
Il nous reste encore quelques places pour être commanditaire de l'événement !
Visitez https://hackfest.ca/fr/partenaires/become/ pour plus d'informations.
Suivez-nous sur nos médias sociaux et visitez hackfest.ca pour rester au courant des prochaines nouvelles sur cette 17e édition qui s'annonce excitante!
#Hackfest2025 #Cybersécurité #Hacking #QuébecCity #InfoSec #CTF #CyberSecurity #Formations #HF2025
==========
Only 1 month left before the next Hackfest!
The 17th edition of Canada's most anticipated cybersecurity event is fast approaching! October 16-17-18, 2025 at Quebec City Convention Centre.
What awaits you: High-level technical conferences; Animated villages (Lockpicking, IoT, RFID, Social Engineering, Hack your career...); Competitive CTFs! Exclusive keynote by Chris Roberts Exclusive Hackfest training sessions (October 13-16):
- Security 101-102-103 created by our community
- Physical Security 101-201-202
- PowerShell for Blue Team (5th edition!)
- Cybersecurity Crisis Management
- Organizing Your Operational Cyberdefense
- Pragmatic Cloud and Security Ops
- OSINT/Social Engineering Bootcamp
And much more! https://hackfest.ca
Book your tickets now! https://hackfest.ca/en/register/
We still have a few sponsorship spots available! Visit https://hackfest.ca/en/sponsors/become/ for more information.
Follow us on social media and visit hackfest.ca to stay updated on the latest news about this exciting 17th edition!
Why would you need a server to install other servers?
anaisbetts/mcp-installer simplifies deploying multiple MCP servers by automating the setup. Whether it's through npm or PyPi, it handles installations for you. Dependencies? Just `npx` for Node and `uv` for Python servers. #DevTools #Automation
Project link on #GitHub https://github.com/anaisbetts/mcp-installer
#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity
— P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking
CSAW 2025 CTF Qualifiers
Over The Wire's list and recommended order of war-games now got a little update by a pull request from me to add details on what the war-games are about. Some of them also got a few useful tools added for starters.
Why does tracking infrastructure changes matter? 
CloudSnitch is an open-source tool that connects configuration changes in your infrastructure to their root causes. It monitors relationships across systems, users, and apps to help prevent or trace incidents. Imagine knowing *who deployed what* and *when*.
Project link on #GitHub https://github.com/ccbrown/cloud-snitch
#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity
— P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking
Why focus only on attacks when concealment is key too? 
CLOAK is a new framework mapping 1,387 cybercriminal TTPs aimed at anonymity—spanning technical (e.g., Tor, VPN), behavioral (e.g., compartmentalization), and physical (e.g., Faraday cages) strategies. Based on 200+ OpSec guides.
#Cybersecurity #ThreatIntelligence #CLOAK
Project link on #GitHub https://github.com/Mickinthemiddle/CLOAK
#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity
— P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking
𝗛𝗮𝗰𝗸𝗛𝗘𝗥𝘁𝗵𝗼𝗻 𝗮𝗺 𝗕𝗲𝗿𝗹𝗶𝗻𝗲𝗿 𝗦𝘁𝗮𝗻𝗱𝗼𝗿𝘁
Es gibt für Frauen immer noch einige Hürden bei der Teilnahme von Informatik-Events oder gar dem Ergreifen von technischen Berufen. Um dem entgegenzuwirken und einen Raum für Gleichgesinnte zu schaffen, in dem sich jede individuell weiterentwickeln und ihrem Informatikinteresse nachgehen kann, veranstaltete @hisolutions das zweite Jahr infolge ein HackHERthon-Event für Personen, die sich als Frau identifizieren.
Die Veranstaltung ermöglichte den Teilnehmerinnen sich in ihrem eigenen Tempo Herausforderungen zu stellen, sich auszutauschen und selbständig Neues zu lernen.
An Tag 1 fand ein #CTF-Wettbewerb statt, bei dem verschiedene Aufgaben aus Kryptografie, Forensik und OSINT unterschiedlicher Schwierigkeitsstufen bearbeitet werden konnten.
An Tag 2 und 3 wurde ein klassischer Hackathon abgehalten, bei dem sich in Kleingruppen einem Projekt gewidmet wurde.
Unter den über 20 Teilnehmerinnen waren Studentinnen sowie Berufstätige und Interessierte unterschiedlichen Erfahrungslevels, die sich gegenseitig unterstützten und sich individuell weiterentwickelten. Wir freuen uns sehr über die rege Teilnahme aller!
Vielen Dank an unsere engagierten Kolleginnen und Kollegen für die Vorbereitung und Durchführung der drei Tage 
Ever wondered how to streamline debugging and optimizing LLM apps? 
Opik by Comet introduces deep tracing, automated evaluations, and scalable dashboards for LLM systems & RAG workflows. Features like Opik Guardrails ensure safer production deployments. #LLMs #MLOps
Project link on #GitHub https://github.com/comet-ml/opik
#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity
— P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking
BalCCon2k25 CTF annoucement: CTF Challenge: Hacking the Smart House
New Challenges Not The Same As Last Year!!! Registration next week! Stay tuned! https://2k25.balccon.org/ctf/
#CTF #hacking
2k25.balccon.orgBalCCon2k25 CTF - BalCCon2k25
Why does secure storage matter for secrets management? 
HashiCorp Vault encrypts secrets before storing, ensuring unauthorized access to raw storage won’t compromise security. Whether it’s passwords or API keys, Vault can write securely to backends like Consul or disk.
#DataSecurity #SecretsManagement
Project link on #GitHub https://github.com/hashicorp/vault
#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity
— P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking
Why use a Python-based Terraform generator? 
PurpleCloud simplifies Azure lab builds by generating tailored Terraform templates dynamically through Python scripts. No more manual edits—they automate everything from ADFS labs to Sentinel setups. Custom input, efficient output.
Project link on #GitHub https://github.com/iknowjason/PurpleCloud
#Infosec #Cybersecurity #Software #Technology #News #CTF #Cybersecuritycareer #hacking #redteam #blueteam #purpleteam #tips #opensource #cloudsecurity
— P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking
"Disarray (@disarray_fi ) 2025 – The #Hacker Cruise is happening on October 25–26, 2025! Hackers, researchers, and other #security minded people take over a ferry. For 24 hours, the Turku–Stockholm route becomes a floating #hackerspace filled with talks, a #CTF, and endless late-night conversations."
What an afternoon in pwn.college looks like, taking over a (simple) web server and run my own accept/read/write loop. Dancing up and down the stack just to then obliterate the same stack with a buffer overflow X-)
