975 matches found
EvilOSX
This is an evil RAT Remote Administration Tool for macOS / OS X. It is a Python-based tool that allows for remote access and control of a compromised system. The tool is designed to be undetectable by anti-virus software and is persistent, meaning it will survive a reboot. The tool has a modular...
zscan
This is a collection of tools for scanning and blasting exploiting services on a network. The tool is called Zscan and is written in Go. It has several modules for different types of scans and exploits, including: Port scanning Service blasting exploiting FTP blasting HTTP blasting LDAP blasting...
Man-in-the-middle-attack
!Supported Python versionshttps://img.shields.io/badge/python...
vxscan
VXScan+ VXScan+ is an advanced Python-based web vulnerabili...
ebram_web_scanner
EBRAM Web Scanner EBRAM Web Scanner is a powerful Python-ba...
jaeles
This is a powerful, flexible, and easily extensible framework written in Go for building your own Web Application Scanner. The framework is called Jaeles and is designed to be highly customizable. It has a modular architecture, allowing users to easily add or remove plugins to suit their needs. T...
NVIDIA DGX和NVIDIA HGX 安全漏洞
NVIDIA DGX and NVIDIA HGX are both products of NVIDIA Corporation, U.S.A. NVIDIA DGX is a high-performance workstation for deep learning applications.NVIDIA HGX is a modular GPU acceleration platform. A security vulnerability exists in NVIDIA DGX and NVIDIA HGX that stems from an improperly...
Linux Distros Unpatched Vulnerability : CVE-2019-19963
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in wolfSSL before 4.3.0 in a non-default configuration where DSA is enabled. DSA signing uses the BEEA algorithm during modular inversio...
Dissecting PipeMagic: Inside the architecture of a modular backdoor framework
Among the plethora of advanced attacker tools that exemplify how threat actors continuously evolve their tactics, techniques, and procedures TTPs to evade detection and maximize impact, PipeMagic, a highly modular backdoor used by Storm-2460 masquerading as a legitimate open-source ChatGPT Deskto...
Dissecting PipeMagic: Inside the architecture of a modular backdoor framework
Among the plethora of advanced attacker tools that exemplify how threat actors continuously evolve their tactics, techniques, and procedures TTPs to evade detection and maximize impact, PipeMagic, a highly modular backdoor used by Storm-2460 masquerading as a legitimate open-source ChatGPT Deskto...
Linux Distros Unpatched Vulnerability : CVE-2022-0778
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is...
MCPSecBench: a Systematic Security Benchmark and Playground for Testing Model Context Protocols
Large Language Models LLMs are increasingly integrated into real-world applications via the Model Context Protocol MCP, a universal, open standard for connecting AI agents with data sources and external tools. While MCP enhances the capabilities of LLM-based agents, it also introduces new securit...
Linux Distros Unpatched Vulnerability : CVE-2020-36421
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Arm Mbed TLS before 2.23.0. Because of a side channel in modular exponentiation, an RSA private key used in a secure enclave could be...
Lightweight Fault Detection Architecture for NTT on FPGA
Post-Quantum Cryptographic PQC algorithms are mathematically secure and resistant to quantum attacks but can still leak sensitive information in hardware implementations due to natural faults or intentional fault injections. The intent fault injection in side-channel attacks reduces the reliabili...
Introducing DataTrap: A Smarter, More Adaptive Honeypot Framework
Today, we're excited to release DataTrap, a powerful, extensible honeypot system built to simulate realistic web applications, IoT devices, and database behavior across HTTP, HTTPS, SSH, and database protocols e.g., MySQL. What sets DataTrap apart? It goes beyond static honeypots by combining...
Sitadel
This is a web application security scanner called Sitadel, which is an update for WAScan making it compatible for Python = 3.4. It allows more flexibility for users to write new modules and implement new features, such as frontend framework detection, content delivery network detection, and plugi...
TIDoS-Framework
The TIDoS Framework is a comprehensive web application penetration testing framework written in Python. It has five main phases: Reconnaissance, Scanning & Enumeration, Vulnerability Analysis, Exploits Castle, and Auxiliaries. The framework is designed to automate various tasks, including...
CHAMP: a Configurable, Hot-Swappable Edge Architecture for Adaptive Biometric Tasks
What if you could piece together your own custom biometrics and AI analysis system, a bit like LEGO blocks? We aim to bring that technology to field operators in the field who require flexible, high-performance edge AI system that can be adapted on a moment's notice. This paper introduces CHAMP...
[SECURITY] Fedora 42 Update: unbound-1.23.1-1.fc42
Unbound is a validating, recursive, and caching DNSSEC resolver. The C implementation of Unbound is developed and maintained by NLnet Labs. It is based on ideas and algorithms taken from a java prototype developed by Verisign labs, Nominet, Kirei and ep.net. Unbound is designed as a set of modula...
AsyncRAT's Open-Source Code Sparks Surge in Dangerous Malware Variants Across the Globe
Cybersecurity researchers have charted the evolution of a widely used remote access trojan called AsyncRAT , which was first released on GitHub in January 2019 and has since served as the foundation for several other variants. "AsyncRAT has cemented its place as a cornerstone of modern malware an...