News, tutorials, and security insights from ThemeHackers
Introducing Stealth Mode with JA3 spoofing, JWT analysis, and advanced PostgREST fuzzing. The most advanced Supabase security tool just got smarter.
Visualize attack paths and security boundaries with our new interactive threat modeling canvas. Automatically generated from your infrastructure code.
SSF now includes a browser-based interface for managing scans, viewing results in real-time, and monitoring your security posture with an intuitive dashboard. Launch with --webui flag.
We've moved beyond static checks. now actively tests for SQL Injection and IDOR using safe, time-based payloads.
Whether you prefer Gemini, OpenAI, Claude, or local Ollama models, SSF now integrates with your AI of choice for risk assessment. Updated logic to be smarter and improve the recording of results and reduce the number of incorrect answers given by AI Agents.
Learn how to use the new `--diff` and `--ci` flags to block security regressions before they reach production.