Exploit for Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Openssl

🔐 SSH Exploit Tool Educational Use Only 📌 Description Th...

Exploit for CVE-2026-32746

autohack Autonomous security research framework. Inspired by...

CVE-Exploit-Research-Development

Objective To research, replicate, and develop a working expl...

Exploit for Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Openssl

🔐 SSH Exploit Tool Educational Use Only 📌 Description Th...

How to Prioritize Vulnerabilities Effectively: A Framework

Attackers don’t care about your massive backlog of "critical" vulnerabilities. They look for the path of least resistance—the one exploitable weakness that gives them a foothold into your network. If your vulnerability management program isn't thinking like an attacker, you're always one step...

AI is Everywhere, But CISOs are Still Securing It with Yesterday's Skills and Tools, Study Finds

A majority of security leaders are struggling to defend AI systems with tools and skills that are not fit for the challenge, according to the AI and Adversarial Testing Benchmark Report 2026 from Pentera. The report, based on a survey of 300 US CISOs and senior security leaders, examines how...

com.azure.cosmos.spark:azure-cosmos-spark_4-0_2-13 (>=4.43.0 <=4.48.0), com.github.rumbledb:rumbledb (=2.0.0) +79 more potentially affected by CVE-2025-54920 via org.apache.spark:spark-core_2.13 (=4.0.0)

org.apache.spark:spark-core2.13 MAVEN version =4.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.spark:spark-core2.13 and may be impacted: - com.azure.cosmos.spark:azure-cosmos-spark4-02-13 =4.43.0, =0.43.0-preview, =0.43.0-preview,...

7 Best CTEM Tools to Reduce Your Attack Surface

To truly secure your organization, you have to start thinking like an attacker. An adversary doesn’t care about your endless spreadsheet of CVEs; they look for a single, exploitable path to their objective. So, how do you find that path before they do? You start by using threat intelligence to...

Exploit for Race Condition in Canonical Ubuntu_Linux

500+ Pentest One-Liners & Commands for Every Hacking Scenario...

[SECURITY] Fedora 42 Update: python3.6-3.6.15-53.fc42

Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software...

[SECURITY] Fedora 43 Update: python3.6-3.6.15-53.fc43

Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software...

Evasive Intelligence: Lessons from Malware Analysis for Evaluating AI Agents

Artificial intelligence AI systems are increasingly adopted as tool-using agents that can plan, observe their environment, and take actions over extended time periods. This evolution challenges current evaluation practices where the AI models are tested in restricted, fully observable settings. I...

web-attack-payloads

Web Attack Payloads Collection !Cybersecurityhttps://img.s...

web-vulnerability-scanner

web-vulnerability-scanner A Python-based web vulnerability sca...

redteam-sqli-payloads

redteam-sqli-payloads A ca...

PT-2026-25586

Summary Prior to Memray 1.19.2, Memray rendered the command line of the tracked process directly into generated HTML reports without escaping. Because there was no escaping, attacker-controlled command line arguments were inserted as raw HTML into the generated report. This allowed JavaScript...

comp5003-sweeny-pentest

COMP5003: Sweeny Barbers Penetration Test Full ethical hackin...

Exploit for CVE-2026-29000

CVE-2026-29000: pac4j-jwt Authentication Bypass POC This repo...

Exploit for Deserialization of Untrusted Data in Facebook React

CVE Exploitation Arsenal Professional penetration testing too...

Microsoft Windows Service Binary Misconfiguration Tester

This document and included Metasploit module analyze the security risks associated with improper Windows service configurations, specifically focusing on writable service binary paths that may lead to privilege escalation. Note that this condition does not occur on a default Windows installation...