Lucene search
K

345 matches found

Gitee
Gitee
added 2025/07/06 3:24 a.m.78 views

50M_CTF_Writeup

It is an offensive tool for CTF Capture The Flag challenges. The repository contains a writeup for a $50 million CTF challenge, which includes a binary image that needs to be decoded to reveal a hidden message. The binary image is encoded with a repeating sequence of binary digits, which can be...

7.1AI score
Exploits0
Gitee
Gitee
added 2025/07/06 2:40 a.m.76 views

Exploit-Writeups

This is a collection of writeups for various CTF Capture The Flag challenges, specifically focusing on reverse engineering RE, pwnables, and miscellaneous challenges. The writeups are from the EncryptCTF-2019 and DawgCTF-2021 CTFs. The writeups cover a range of challenges, from simple to complex,...

7.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/21 12:0 a.m.6 views

AIRTBench: Measuring Autonomous AI Red Teaming Capabilities in Language Models

We introduce AIRTBench, an AI red teaming benchmark for evaluating language models' ability to autonomously discover and exploit Artificial Intelligence and Machine Learning AI/ML security vulnerabilities. The benchmark consists of 70 realistic black-box capture-the-flag CTF challenges from the...

7.7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/06/18 3:37 p.m.0 views

Malicious code in @exitman_ctf/steal (npm)

The package communicates with a domain associated with malicious activity...

7AI score
Exploits0
OSV
OSV
added 2025/05/27 1:57 p.m.3 views

MAL-2025-4490 Malicious code in mirror-chat-ctf (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 05a80d5c1613fb9a0db9f6d2b95f12da296ef2ac3f58be607c601a87c73d840e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/05/27 1:57 p.m.4 views

Malicious code in mirror-chat-ctf (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 05a80d5c1613fb9a0db9f6d2b95f12da296ef2ac3f58be607c601a87c73d840e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:6 a.m.9 views

CVE-2022-4349

A vulnerability classified as problematic has been found in CTF-hacker pwn. This affects an unknown part of the file delete.html. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The...

6.8CVSS6.8AI score0.00237EPSS
Exploits1References1
Packet Storm News
Packet Storm News
added 2025/05/11 12:0 a.m.4 views

RedTeamLLM: an Agentic AI Framework for Offensive Security

From automated intrusion testing to discovery of zero-day attacks before software launch, agentic AI calls for great promises in security engineering. This strong capability is bound with a similar threat: the security and research community must build up its models before the approach is leverag...

6.8AI score
Exploits0
GithubExploit
GithubExploit
added 2025/04/03 5:1 p.m.442 views

Exploit for CVE-2024-53900

CTF Challenge - Mongoose RCE CVE-2024-53900 Challenge Overvie...

9.1CVSS10AI score0.03988EPSS
Exploits3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/03/02 5:5 p.m.4 views

Malicious code in ctf-aio-tool (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1641f444ea0056686d1421b67d63c1a6fd944999ed4dff175924de88f1d5182a Installing the package starts a reverse shell. The remote server is, however, set as a local IP, so it's most probably testing --- Category: PROBABLYPENTEST -...

7.5AI score
Exploits0References1
OSV
OSV
added 2025/03/02 5:5 p.m.7 views

MAL-2025-2952 Malicious code in ctf-aio-tool (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1641f444ea0056686d1421b67d63c1a6fd944999ed4dff175924de88f1d5182a Installing the package starts a reverse shell. The remote server is, however, set as a local IP, so it's most probably testing --- Category: PROBABLYPENTEST -...

7.3AI score
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/02/06 5:7 p.m.6 views

chameli (>=0.1.12 <=0.1.16), clotho (=0.1.0) +12 more potentially affected by CVE-2025-23217 via mitmproxy (>=10.1.5 <=11.0.2)

mitmproxy PYPI version =10.1.5, =0.1.12, =0.1.0, =4.0.0, =0.34.0, =0.11.0, =1.0.0, =1.1.0, =0.1.0, =3.2.0, =0.0.1, =0.0.3 Source cves: CVE-2025-23217 Source advisory: OSV:GHSA-WG33-5H85-7Q5P...

8.2CVSS5.7AI score0.00817EPSS
Exploits0
OSV
OSV
added 2025/01/31 5:30 p.m.4 views

MAL-2025-736 Malicious code in is-number-ctf (npm)

The package opens up arbitrary backdoor port that allows bad actors to connect to. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 293adcb6e55e85876a036859d67bad46448785e1ef890c061977fb93cd4fe97a Any computer that has this package installed or running should be...

7.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/01/31 5:30 p.m.5 views

Malicious code in is-number-ctf (npm)

The package opens up arbitrary backdoor port that allows bad actors to connect to. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 293adcb6e55e85876a036859d67bad46448785e1ef890c061977fb93cd4fe97a Any computer that has this package installed or running should be...

7AI score
Exploits0References1
GithubExploit
GithubExploit
added 2024/09/16 6:17 p.m.236 views

Exploit for Deserialization of Untrusted Data in Apache Tomcat

CVE-2020-9484 with interactive mode and args Designed speci...

7CVSS6.6AI score0.56636EPSS
Exploits15
GithubExploit
GithubExploit
added 2024/09/09 7:9 p.m.529 views

Exploit for Code Injection in Sqlpad

CVE-2022-0944 SQLPad - Template injection This is a blind vul...

9.1CVSS8.2AI score0.08669EPSS
Exploits12
GithubExploit
GithubExploit
added 2024/07/30 9:22 p.m.148 views

Exploit for Unrestricted Upload of File with Dangerous Type in Git

CVE-2024-32002 1. Edit exploit.sh file replace the reposit...

9CVSS8.2AI score0.25334EPSS
Exploits32
Wiz blog
Wiz blog
added 2024/07/24 2:50 p.m.66 views

Introducing the Prompt Airlines CTF: Test Your AI Security Skills

Wiz is excited to announce "Prompt Airlines," a new cloud security Capture The Flag CTF event focused on AI vulnerabilities...

7.3AI score
Exploits0
GithubExploit
GithubExploit
added 2024/07/15 1:38 a.m.231 views

Exploit for Unrestricted Upload of File with Dangerous Type in Chamilo Chamilo_Lms

CVE-2023-4220-Exploit LMS Chamilo 1.11.24 CVE-2023-4220 Explo...

8.1CVSS7.2AI score0.76084EPSS
Exploits27
GithubExploit
GithubExploit
added 2024/05/25 6:47 p.m.767 views

Exploit for Code Injection in Reportlab

CVE-2023-33733-POC Disclamer I did not, nor do I take credi...

7.8CVSS7.5AI score0.02123EPSS
Exploits6
Rows per page
Query Builder