Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Google Android

This repository contains a PoC Proof of Concept code for the BlueBorne vulnerabilities. The BlueBorne vulnerabilities are a set of vulnerabilities in Bluetooth devices that allow an attacker to remotely execute code on a device. The PoC code is written in Python and uses the PyBluez library to...

CVE-2025-53103

JUnit is a testing framework for Java and the JVM. From version 5.12.0 to 5.13.1, JUnit's support for writing Open Test Reporting XML files can leak Git credentials. The impact depends on the level of the access token exposed through the OpenTestReportGeneratingListener. If these test reports are...

Randextract: a Reference Library to Test and Validate Privacy Amplification Implementations

Quantum cryptographic protocols do not rely only on quantum-physical resources, they also require reliable classical communication and computation. In particular, the secrecy of any quantum key distribution protocol critically depends on the correct execution of the privacy amplification step. Th...

Poster: Towards an Automated Security Testing Framework for Industrial UEs

With the ongoing adoption of 5G for communication in industrial systems and critical infrastructure, the security of industrial UEs such as 5G-enabled industrial robots becomes an increasingly important topic. Most notably, to meet the stringent security requirements of industrial deployments,...

RAN Tester UE: an Automated Declarative UE Centric Security Testing Platform

Cellular networks require strict security procedures and measures across various network components, from core to radio access network RAN and end-user devices. As networks become increasingly complex and interconnected, as in O-RAN deployments, they are exposed to a numerous security threats...

GenAI Security: Outsmarting the Bots with a Proactive Testing Framework

The increasing sophistication and integration of Generative AI GenAI models into diverse applications introduce new security challenges that traditional methods struggle to address. This research explores the critical need for proactive security measures to mitigate the risks associated with...

PEGASUS-NEO - A Comprehensive Penetration Testing Framework Designed For Security Professionals And Ethical Hackers. It Combines Multiple Security Tools And Custom Modules For Reconnaissance, Exploitation, Wireless Attacks, Web Hacking, And More

| \ | \ | | | | / / |/ / | | | / | | | | / / | | | \ \ || \ \ |\ | || |, |,|/,|/| | |/ ███▄ █ ▓█████ ▒█████ ██ ▀█ █ ▓█ ▀ ▒██▒ ██▒ ▓██ ▀█ ██▒▒███ ▒██░ ██▒ ▓██▒ ▐▌██▒▒▓█ ▄ ▒██ ██░ ▒██░ ▓██░░▒████▒░ ████▓▒░ ░ ▒░ ▒ ▒ ░░ ▒░ ░░ ▒░▒░▒░ ░ ░░ ░ ▒░ ░ ░ ░ ░ ▒ ▒░ ░ ░ ░ ░ ░ ░ ░ ▒ ░ ░ ░ ░ ░ PEGASUS-NEO...

GraphQLer: Enhancing GraphQL Security with Context-Aware API Testing

GraphQL is an open-source data query and manipulation language for web applications, offering a flexible alternative to RESTful APIs. However, its dynamic execution model and lack of built-in security mechanisms expose it to vulnerabilities such as unauthorized data access, denial-of-service DoS...

Fedora: Security Advisory for testing (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: testng-7.8.0-5.fc40

TestNG is a testing framework inspired from JUnit and NUnit but introducing some new functionality, including flexible test configuration, and distributed test running. It is designed to cover unit tests as well as functional, end-to-end, integration, etc...

OESA-2024-1072 testng security update

TestNG is a testing framework inspired from JUnit and NUnit but introducing some new functionality that make it more powerful and easier to use, such as: Annotations. Run your tests in arbitrarily big thread pools with various policies available all methods in their own thread, one thread per tes...

CVE-2023-37461

Metersphere is an opensource testing framework. Files uploaded to Metersphere may define a belongType value with a relative path like ../../../../ which may cause metersphere to attempt to overwrite an existing file in the defined location or to create a new file. Attackers would be limited to...

CVE-2023-37461

CVE-2023-37461 affects Metersphere. The vulnerability arises from uploaded files that may set a related type to a relative path such as ../../../../, enabling a path-traversal that could overwrite or create files within the metersphere process’ accessible filesystem. This is constrained to files ...

CVE-2023-37461 Path traversal in metersphere

Metersphere is an opensource testing framework. Files uploaded to Metersphere may define a belongType value with a relative path like ../../../../ which may cause metersphere to attempt to overwrite an existing file in the defined location or to create a new file. Attackers would be limited to...

REST-Attacker - Designed As A Proof-Of-Concept For The Feasibility Of Testing Generic Real-World REST Implementations

REST-Attacker is an automated penetration testing framework for APIs following the REST architecture style. The tool's focus is on streamlining the analysis of generic REST API implementations by completely automating the testing process - including test generation, access control handling, and...

SteaLinG - Open-Source Penetration Testing Framework Designed For Social Engineering

The SteaLinG is an open-source penetration testing framework designed for social engineering After the hack, you can upload it to the victim's device and run it disclaimers: This is only for testing purposes and can only be used where strict consent has been given. Do not use this for illegal...

[SECURITY] Fedora 36 Update: golang-github-onsi-ginkgo-2-2.1.4-3.fc36

A Modern Testing Framework for Go...

[SECURITY] Fedora 35 Update: golang-github-onsi-ginkgo-2-2.1.4-2.fc35

A Modern Testing Framework for Go...

Fedora: Security Advisory for golang-github-onsi-ginkgo-2 (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: golang-github-onsi-ginkgo-2-2.1.4-2.fc36

A Modern Testing Framework for Go...