Dark-Moon

The Open-Source AI-...

DarkMoon - the Open-Source AI-Powered Autonomous Penetration Testing Platform

DarkMoon is an automated penetration testing tool that orchestrates complete security assessments using artificial intelligence security agents. Built as an open-source cybersecurity tool, it enables organizations to run professional-grade vulnerability assessments without manual intervention...

Microsoft Graph Enterprise Intelligence Collector

This Metasploit auxiliary module interacts with the Microsoft Graph API to perform enterprise intelligence collection. It supports authentication using Azure AD application credentials or an existing access token and enables enumeration of Azure users, SharePoint sites, OneDrive files, and Exchan...

Microsoft Graph Cloud Intelligence Collector

The Microsoft Graph Cloud Intelligence Collector is a Metasploit Auxiliary module designed to interact with the Microsoft Graph API to gather information from Microsoft 365 and Microsoft Azure Active Directory environments. The module authenticates using the OAuth2 Client Credentials flow with a...

blacksmith

BlacksmithAI OPEN-SOURCE AI-Powered Penetration Testing F...

Bounty Hunter: Autonomous, Comprehensive Emulation of Multi-Faceted Adversaries

Adversary emulation is an essential procedure for cybersecurity assessments such as evaluating an organization's security posture or facilitating structured training and research in dedicated environments. To allow for systematic and time-efficient assessments, several approaches from academia an...

EUVD-2025-15291

Malicious code in bioql PyPI...

Exploit for CVE-2023-5561

CVE-2023-5561-POC-Updated This repository contains a modified...

GHSA-CGC6-4XGF-5Q5X vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-XRRJ-GF93-VR4J vulnerabilities

Vulnerabilities for packages: mysql...

GHSA-7P72-RX35-JHVC vulnerabilities

Vulnerabilities for packages: mysql...

Under The Hoodie: The Pen Test Diaries

Breaking In So You Don’t Have To Each year, Rapid7 penetration testers conduct over 1,000 security assessments, pushing boundaries to expose vulnerabilities before the bad guys do. The mission? Get in, escalate privileges, and own the environment—physically, digitally, or sometimes just by...

CVE-2025-0725

creationtimestamp| type| source ---|---|--- 2025-02-05 07:24:03+00:00| seen| https://daniel.haxx.se/blog/2025/02/05/curl-8-12-0/ 2025-02-05 08:44:37+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3lhg6ld6ww626 2025-02-05 09:58:56+00:00| seen|...

CVE-2025-21513

...

The Future of Network Security: Automated Internal and External Pentesting

In today's rapidly evolving threat landscape, safeguarding your organization against cyberattacks is more critical than ever. Traditional penetration testing pentesting, while effective, often falls short due to its high costs, resource requirements, and infrequent implementation. Automated...

Amazon Linux : Enabled Official Repositories and Extras

The remote host is using one or more Amazon Linux repositories to install packages. These repositories may be used in conjuntion with Amazon Linux OS package level assessment security advisories to determine whether or not relevant repositories are installed before checking package versions for...

Secator - The Pentester'S Swiss Knife

secator is a task and workflow runner used for security assessments. It supports dozens of well-known security tools and it is designed to improve productivity for pentesters and security researchers. Features Curated list of commands Unified input options Unified output schema CLI and library...

Key Takeaways From The Take Command Summit: Unlocking Security Success

As cybersecurity threats continue to evolve, so must our defenses. The recent Rapid7 Take Command Summit provided invaluable insights into preparing for, responding to, and recovering from ransomware attacks. Here are three essential takeaways from the session, "Before, During, & After Ransomware...

Mobile Security Framework 安全漏洞

Mobile Security Framework MobSF is an automated all-in-one mobile application open-sourced by Mobile Security Framework. It is used for penetration testing, malware analysis, and security assessments, and is capable of performing both static and dynamic analysis. A security vulnerability exists i...

Hands-on Review: Cynomi AI-powered vCISO Platform

The need for vCISO services is growing. SMBs and SMEs are dealing with more third-party risks, tightening regulatory demands and stringent cyber insurance requirements than ever before. However, they often lack the resources and expertise to hire an in-house security executive team. By outsourcin...