hunter-max-oss

hunter-max A bug-bounty research framework. Two pieces: 1...

Selective KV-Cache Sharing to Mitigate Timing Side-Channels in LLM Inference

Global KV-cache sharing has emerged as a key optimization for accelerating large language model LLM inference. However, it exposes a new class of timing side-channel attacks, enabling adversaries to infer sensitive user inputs via shared cache entries. Existing defenses, such as per-user isolatio...

Vulnado - Purposely Vulnerable Java Application To Help Lead Secure Coding Workshops

This application and exercises will take you through some of the OWASP top 10 Vulnerabilities and how to prevent them. Up and running 1. Install Docker for MacOS or Windows. You'll need to create a Docker account if you don't already have one. 2. git clone git://github.com/ScaleSec/vulnado 3. cd...

MultiTier,3.1,SQL Injection

MultiTier by Beesto.com, 3.1, SQL Injection...

CVE-2008-2625: Oracle DBMS – Proxy Authentication Vulnerability

Oracle is a widely-deployed Database Management System DBMS that supports a variety of applications. Many multi-tier applications are designed to use proxy authentication, restricting a middle tier to establish the database connection on behalf of the users. The standard authentication mechanism...