open-source
8 Open-Source AI Pentest Tools for Security Teams in 2026
This article lists eight (8) open-source AI pentest tools. It covers how autonomous agents are potentially changing the way security testing is done.
Fri 30 January 2026
Introducing Ostorlab Security Testing Benchmarks: Real Vulnerabilities, Real Impact
The first open-source benchmark suite featuring 93 realistic vulnerable mobile apps that mirror a...
Mon 22 September 2025
Detection of Apple's Privacy Manifest, liblzma backdoor, and Attack Surface fixes.
This update introduces fixes for the Attack Surface, detection for the liblzma backdoor, and a pu...
Mon 01 April 2024
Addition of CSS Injection Detection, ARM64 support, and migration of Agent's Docker Images.
This update introduces fixes for the Attack Surface, migration of Agent's Docker Images to Docker...
Mon 25 March 2024
Exposed Scan PCAP and JIRA custom Mapping
This update introduces a series of new features related to the IDE, Jira integration, OXO, and many improvements to the platform.
Enhancements to the Open Source CLI, Platform, and Detection.
This update introduces various improvements to the XSS scanner, the functionality of the open-source CLI, and monitoring rule creation.
Latest posts
Attack Surface, Remediation, Automation Rules, and Detection improvements
This update introduce a series of updates aimed at enhancing user experience, platform improvements, and bug fixes across various features.
Mon 04 March 2024
OXO Open-Source Improving
The latest update of OXO open-source introduces substantial improvements, providing users with faster startup and execution times. Additionally, this update enhances search capabilities in the CLI for more effective querying. Users now also benefit from increased customization options, including the ability to define accepted agents and specify in_selector in the agent group definition.
Mon 26 February 2024
Ostorlab's Insecure Flutter Apps: A Playground for Learning and Testing Mobile Security
Ostorlab has open-sourced two Flutter applications, designed to be intentionally insecure for testing and educational purposes. The apps, one native to iOS and the other a Java/C++/Flutter app, highlight a variety of common mobile app vulnerabilities. Available under the Apache-2.0 license, they serve as practical resources for understanding Flutter security.
Mon 10 July 2023
New Features & Fixes in July 2023
We're excited to bring you a host of enhancements and features: open-source Flutter vulnerability detection, extended social auth support for Google and Github, AI-enhanced summaries, a sleek notification UI, and advanced search filters. We've improved geofencing support for India and UK, added new Flutter-specific detection rules, and fixed bugs in various areas. With a freshly redesigned blog and smoother navigation testing for Webview on Android and iOS, we're making your experience even better.
Sat 01 July 2023
Automation rule policies, Artifacts redesign, improved detection and much more.
An overview of all the new features of the Ostorlab platform and its detection capabilities.
Fri 14 April 2023
Ostorlab, top 10 vulnerability management innovators of 2023 by GRC Viewpoint
Ostorlab has been selected as one of the top 10 vulnerability management innovators of 2023 by GRC Viewpoint.
Mon 16 January 2023
2022 at Ostorlab
2022 is a year that brings with it many global challenges, including war, economic uncertainty, and rising inflation in many parts of the world. Despite these challenges, we at Ostorlab are grateful to have had an incredibly successful year.
Tue 03 January 2023
OWASP Mobile Application Verification Standard Support
The Mobile Application Security Verification Standard is an important step toward building secure Mobile Applications. Ostorlab now adds support for generating compliance report for L1, L2 and Resilience levels.
Tue 04 October 2022
Changelog
View all changesExposed Scan PCAP and JIRA custom Mapping
Mon 18 March 2024
Enhancements to the Open Source CLI, Platform, and Detection.
Mon 11 March 2024