812 matches found
v3nomEyE
The All-in-One P1 Bug Bounty Reconnaissance & Exploitation...
IASS-ISP-ASN-Security-Scanner
💀 IASS — ISP ASN Security Scanner Automated reconnaissance &...
VAPT-Practice-Labs
🔐 VAPT Practice Labs This repository contains my hands-on Vul...
offensive-security-labs
Offensive Security Labs — Penetration Testing on a Fictional T...
name-Omni
Omni – Autonomous Red Team Lead & Bug Bounty Hunter Powered...
Selenium Grid 4.11.0 Selenoid Backend Detection and Safe Session Validation Inspector
The provided Python script is a non-exploit reconnaissance and validation tool designed to identify Selenium Grid or Selenoid deployments exposed via HTTP APIs...
DarkWin-NGASR
🌌 DARKWIN — Next-Gen Automated Security Research Develope...
Advanced-AI-Recon-and-Exploit-Framework
reNgine: The Ultimate Web Reconnaissance & Vulnerability Scanner...
Exploit for CVE-2026-41177
CVE-2026-41177: Squidex CMS Blind SSRF Technical research and...
CVE-2025-11762
The HubSpot All-In-One Marketing - Forms, Popups, Live Chat plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 11.3.32 via the leadin/public/admin/class-adminconstants.php file. This makes it possible for authenticated attackers, with...
Automation-Exploit: A Multi-Agent LLM Framework for Adaptive Offensive Security with Digital Twin-Based Risk-Mitigated Exploitation
The offensive security landscape is highly fragmented: enterprise platforms avoid memory-corruption vulnerabilities due to Denial of Service DoS risks, Automatic Exploit Generation AEG systems suffer from semantic blindness, and Large Language Model LLM agents face safety alignment filters and...
CVE-2026-41271 Flowise: APIChain Prompt Injection SSRF in GET/POST API Chains
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Server-Side Request Forgery SSRF vulnerability exists in FlowiseAI's POST/GET API Chain components that allows unauthenticated attackers to force the server to make arbitrary HTTP requests t...
PT-2026-34736
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Server-Side Request Forgery SSRF vulnerability exists in FlowiseAI's POST/GET API Chain components that allows unauthenticated attackers to force the server to make arbitrary HTTP requests t...
recon2exploit
recon2exploit recon2exploit is a single-file security ass...
CVE-2026-40348
Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user can trigger server-side requests to arbitrary internal targets through POST /settings/jellyfin/server-url-verify. The endpoint accepts a user-controlled URL, appends...
ExploitIQ
⚡ ExploitIQ Autonomous AI-Powered Penetration Testing Assis...
CVE-2026-40348
Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user can trigger server-side requests to arbitrary internal targets through POST /settings/jellyfin/server-url-verify. The endpoint accepts a user-controlled URL, appends...
EUVD-2026-23617
Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user can trigger server-side requests to arbitrary internal targets through POST /settings/jellyfin/server-url-verify. The endpoint accepts a user-controlled URL, appends...
CVE-2026-40348
Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user can trigger server-side requests to arbitrary internal targets through POST /settings/jellyfin/server-url-verify. The endpoint accepts a user-controlled URL, appends...
Movary 安全漏洞
Movary is a film review program developed by Lee Peuker personally. Versions of Movary prior to 0.71.1 contained security vulnerabilities. These vulnerabilities stemmed from the /settings/jellyfin/server-url-verify endpoint, which allowed user-controlled URLs to initiate server-side HTTP requests...