For the fifth year, GoSecure is encouraging everyone to join Hacktoberfest – a month-long celebration of open-source software. GoSecure has multiple projects open to external contributions. For this event, we have tagged issues that are accessible to newcomers with the official tag [hacktoberfest].
Hacktoberfest and Cybersecurity
For the fifth year, GoSecure is encouraging everyone to join Hacktoberfest – a month-long celebration of open-source software. GoSecure has multiple projects open to external contributions. For this event, we have tagged issues that are accessible to newcomers with the official tag [hacktoberfest].
Hacktoberfest and Cybersecurity

Why participate to Hacktoberfest 2021?

Hacktoberfest is the perfect opportunity for users to learn about the internals of the tools they utilize. Users with limited development skills can contribute small improvements, bug fixes and even new features to open-source software. Even small improvements can be highly beneficial to a project if the number of those small contributions are significant enough. In return, you benefit from seeing how the code is organized. Longer term, you have the potential to add missing features when needed. Seeing how large project operates is a good way to improve your software architecture skills.

What project to choose?

There is no universal choice, it depends on your interests and the technologies you are familiar with. Below are a few security-oriented suggestions.

GoSecure Projects

Here are some projects that are maintained by GoSecure:

  • PyRDP (Python): RDP Monster-in-the-Middle (MITM) tool and library for Python
  • Find Security Bugs (Java): Static code analysis for security audits of Java web applications
  • Malboxes (Python, DevOps): Builds malware analysis Windows VMs so that you don’t have to
  • PyWSUS (Python): Standalone partial implementation of the WSUS spec. Built for offensive security purposes.

Other Open-Source Projects

Other projects of importance to us:

  • ldap-scanner (Python): Checks for signature requirements over LDAP
  • Ansible (Python, DevOps): Simple IT automation platform that makes your applications and systems easier to deploy and maintain
  • Pwndoc (Javascript, Vuejs): Report generation for penetration testing engagements
  • Grafana (Typescript, Go): Observability and data visualization platform

Still looking for a project? Here are the top 10 biggest security project enrolled in Hacktoberfest. (As of October 5th)

  • x64dbg (C++): Popular user-mode debugger for Windows. A true modern version of OllyDBG with an active community.
  • Payloads All The Things (misc): Less of a code project but a highly used repository for payload cheat sheet. Maybe you can improve its documentation.
  • Zed Attack Proxy (Java): HTTP debugging proxy and a powerful vulnerability scanner. It is an OWASP flagship project that continues to innovate.
  • KeePassXC (C++): A cross-platform password manager. This project improved everyday user security by making an essential tool accessible to all.
  • Ory Hydra (Go): OAuth Provider written in Go. Many web developers benefit from this project. Its docker instances received 38 million downloads.
  • Radare2 (C): One of the top reverse engineering tools. It is a powerful alternative to IDA Pro and Ghidra with the support of countless architectures.
  • Trivy (Go): Scanner for configuration vulnerabilities in container images, repositories and systems.
  • Web Security Testing Guide & Mobile Web Security Testing Guide (misc): Both are documentation for security professionals and developers to improve their practices.
  • RustScan  (Rust): A fast port scanner. This is a relatively new project as it is only one year old.

Good luck with your contributions!

Détection et réponse gérées Titan
Antivirus de nouvelle génération
Détection et réponse sur les terminaux
Détection et réponse sur le réseau
Détection et réponse sur les boîtes de messagerie
Détection et réponse face aux menaces internes
Gestion des pare-feu
Gestion des SIEM
La gestion des vulnérabilités en tant que service
GoSecure Titan
Logiciel Titan
Sécurité de la messagerie
Sécurité Web
Boîte à outils «Responder PRO Forensics»
Services professionnels
Services de préparation aux brèches
Évaluation de la cybersécurité
Services de réponse aux incidents
Services des équipes « Red & Purple »
Services de tests d'intrusion
Services de conformité et d'audit
Évaluation de la compromission de la sécurité
Technologies tierces

Pin It on Pinterest

Share This