EUVD-2022-28553

Malicious code in bioql PyPI...

EUVD-2024-36294

Malicious code in bioql PyPI...

EUVD-2024-52007

Malicious code in bioql PyPI...

PentestMCP: A Toolkit for Agentic Penetration Testing

Agentic AI is transforming security by automating many tasks being performed manually. While initial agentic approaches employed a monolithic architecture, the Model-Context-Protocol has now enabled a remote-procedure call RPC paradigm to agentic applications, allowing for the flexible constructi...

pentest-automation-suite

Penetration Testing Automation Tools 🔴 Automated Penetratio...

Automating Pentest Delivery: 7 Key Workflows for Maximum Impact

Penetration testing is critical to uncovering real-world security weaknesses. With the shift into continuous testing and validation, it is time we automate the delivery of these results. The way results are delivered hasn't kept up with today's fast-moving threat landscape. Too often, findings ar...

Malicious code in fc-system-testing (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 192ca56fc1f77c6e39d9fdded9dbee0f4973f1fc49ee37e5f773d9f60d70858c The OpenSSF Package Analysis project identified 'fc-system-testing' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2025-47876 Malicious code in fc-system-testing (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 192ca56fc1f77c6e39d9fdded9dbee0f4973f1fc49ee37e5f773d9f60d70858c The OpenSSF Package Analysis project identified 'fc-system-testing' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

TLoRa: Implementing TLS over LoRa for Secure HTTP Communication in IoT

We present TLoRa, an end-to-end architecture for HTTPS communication over LoRa by integrating TCP tunneling and a complete TLS 1.3 handshake. It enables a seamless and secure communication channel between WiFi-enabled end devices and the Internet over LoRa using an End Hub EH and a Net Relay NR...

Breaking the Code: Security Assessment of AI Code Agents through Systematic Jailbreaking Attacks

Code-capable large language model LLM agents are increasingly embedded into software engineering workflows where they can read, write, and execute code, raising the stakes of safety-bypass "jailbreak" attacks beyond text-only settings. Prior evaluations emphasize refusal or harmful-text detection...

ComicCon

Scans websites for SQL injection vulnerabilities usin...

gauntlt

This is an offensive tool for web application security testing. It is a ruggedization framework that enables security testing that is usable by devs, ops, and security. The tool is called Gauntlt. The target product/service or framework is not explicitly stated, but based on the examples provided...

web-application-firewall

🔒 Project 2 — WAF Rule Development & Evasion Testing Projec...

Pentesting-Assistant

Pentesting-Assistant AI-powered penetration testing assist...

SecureAgentBench: Benchmarking Secure Code Generation under Realistic Vulnerability Scenarios

Large language model LLM powered code agents are rapidly transforming software engineering by automating tasks such as testing, debugging, and repairing, yet the security risks of their generated code have become a critical concern. Existing benchmarks have offered valuable insights but remain...

Red Teaming Quantum-Resistant Cryptographic Standards: A Penetration Testing Framework Integrating AI and Quantum Security

This study presents a structured approach to evaluating vulnerabilities within quantum cryptographic protocols, focusing on the BB84 quantum key distribution method and National Institute of Standards and Technology NIST approved quantum-resistant algorithms. By integrating AI-driven red teaming,...

Reliable, Compliant APIs with Akamai Managed Service for API Performance

Introducing Akamai’s new product that blends proactive testing, expert analysis, and tailored optimization to help APIs stay reliable, responsive, and compliant...

STAF: Leveraging LLMs for Automated Attack Tree-Based Security Test Generation

In modern automotive development, security testing is critical for safeguarding systems against increasingly advanced threats. Attack trees are widely used to systematically represent potential attack vectors, but generating comprehensive test cases from these trees remains a labor-intensive,...

xss.yaml

It is an offensive tool for web application security testing. Th...

Exploit for Improper Input Validation in Microsoft

Email exploit Moniker Link-CVE-2024-21413-Module — Documentati...