shadow-pentest

🖤 Shadow Pentest Framework v1.0 Automated CVE Discovery & E...

Taint-Style Vulnerability Detection and Confirmation for Node.Js Packages Using LLM Agent Reasoning

The rapidly evolving Node$.$js ecosystem currently includes millions of packages and is a critical part of modern software supply chains, making vulnerability detection of Node$.$js packages increasingly important. However, traditional program analysis struggles in this setting because of dynamic...

argus

Argus Autonomous vulnerability discovery and exploit validati...

Aether - Adaptive Exploit and Threat Hunting Engine for EVM-based Repositories 5.0

Aether is a Python-based framework for analyzing Solidity smart contracts, generating vulnerability findings, producing Foundry-based proof-of-concept PoC tests, and validating exploits on mainnet forks. It combines Solidity AST parsing, taint analysis, control flow graph analysis, cross-contract...

exploitation-validator

exploitation-validator, an Exploitability Validation System A...

CVE-Factory: Scaling Expert-Level Agentic Tasks for Code Security Vulnerability

CVE-Factory is a Multi-Agent system for fully automated, end-to-end CVE reproduction. Given CVE records, the system automatically researches details, generates test cases, builds Docker environments, and validates that each vulnerability can be both exploited and patched. The pipeline transforms...

Fake Proof-of-Concepts used to lure security professionals

Researchers from the Leiden University published a paper detailing how cybercriminals are using fake Proof-of-Concepts PoCs to install malware on researchers' systems. The researchers found these fake PoCs on a platform where security professionals would usually expect to find them--the public co...

Cloudflare Public Bug Bounty: Hijack all emails sent to any domain that uses Cloudflare Email Forwarding

The Email Routing feature enables Cloudflare users to create any number of custom email addresses and route all incoming messages to the user's preferred inboxes. Due to a bug in zone ownership verification, it was possible to configure Email Routing to redirect e-mail messages for an unverified...

Attack Surface Analysis Part 2: Penetration Testing

In this three-part series, we’ll explore key considerations and strategies for choosing an attack surface analysis strategy, and the ways it can be used to increase awareness of both technical and process-related risks. This is the second installment in our 2021 series around attack surface...

CVE-2014-2241

The 1 cf2initLocalRegionBuffer and 2 cf2initGlobalRegionBuffer functions in cff/cf2ft.c in FreeType before 2.5.3 do not properly check if a subroutine exists, which allows remote attackers to cause a denial of service assertion failure, as demonstrated by a crafted ttf file...

lifetype 1.2.11 CSRF Add User

Exploit for php platform in category web applications +---------------------------------------------------------------------------------------------------------------------------------------+ Exploit Title := lifetype 1.2.11 CSRF Add User Date := 05/april/2012 Author := khaled-Ham Software link :...

blindblog 1.3.1 - SQL Injection / Authentication Bypass / Local File Inclusion

Salvatore "drosophila" Fresta + Application: BlindBlog + Version: 1.3.1 + Website: http://sourceforge.net/projects/cbblog/ + Bugs: A SQL Injection B Authentication Bypass C Local File Inclusion + Exploitation: Remote + Date: 03 Mar 2009 + Discovered by: Salvatore "drosophila" Fresta + Author:...