Dark-Moon

The Open-Source AI-...

DarkMoon - the Open-Source AI-Powered Autonomous Penetration Testing Platform

DarkMoon is an automated penetration testing tool that orchestrates complete security assessments using artificial intelligence security agents. Built as an open-source cybersecurity tool, it enables organizations to run professional-grade vulnerability assessments without manual intervention...

Microsoft Graph Cloud Intelligence Collector

The Microsoft Graph Cloud Intelligence Collector is a Metasploit Auxiliary module designed to interact with the Microsoft Graph API to gather information from Microsoft 365 and Microsoft Azure Active Directory environments. The module authenticates using the OAuth2 Client Credentials flow with a...

blacksmith

BlacksmithAI OPEN-SOURCE AI-Powered Penetration Testing F...

Bounty Hunter: Autonomous, Comprehensive Emulation of Multi-Faceted Adversaries

Adversary emulation is an essential procedure for cybersecurity assessments such as evaluating an organization's security posture or facilitating structured training and research in dedicated environments. To allow for systematic and time-efficient assessments, several approaches from academia an...

EUVD-2025-15291

Malicious code in bioql PyPI...

Exploit for CVE-2023-5561

CVE-2023-5561-POC-Updated This repository contains a modified...

GHSA-CGC6-4XGF-5Q5X vulnerabilities

Vulnerabilities for packages: chromium...

GHSA-7P72-RX35-JHVC vulnerabilities

Vulnerabilities for packages: mysql...

GHSA-XRRJ-GF93-VR4J vulnerabilities

Vulnerabilities for packages: mysql...

Under The Hoodie: The Pen Test Diaries

Breaking In So You Don’t Have To Each year, Rapid7 penetration testers conduct over 1,000 security assessments, pushing boundaries to expose vulnerabilities before the bad guys do. The mission? Get in, escalate privileges, and own the environment—physically, digitally, or sometimes just by...

CVE-2025-0725

creationtimestamp| type| source ---|---|--- 2025-02-05 07:24:03+00:00| seen| https://daniel.haxx.se/blog/2025/02/05/curl-8-12-0/ 2025-02-05 08:44:37+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3lhg6ld6ww626 2025-02-05 09:58:56+00:00| seen|...

The Future of Network Security: Automated Internal and External Pentesting

In today's rapidly evolving threat landscape, safeguarding your organization against cyberattacks is more critical than ever. Traditional penetration testing pentesting, while effective, often falls short due to its high costs, resource requirements, and infrequent implementation. Automated...

Amazon Linux : Enabled Official Repositories and Extras

The remote host is using one or more Amazon Linux repositories to install packages. These repositories may be used in conjuntion with Amazon Linux OS package level assessment security advisories to determine whether or not relevant repositories are installed before checking package versions for...

Key Takeaways From The Take Command Summit: Unlocking Security Success

As cybersecurity threats continue to evolve, so must our defenses. The recent Rapid7 Take Command Summit provided invaluable insights into preparing for, responding to, and recovering from ransomware attacks. Here are three essential takeaways from the session, "Before, During, & After Ransomware...

Mobile Security Framework 安全漏洞

Mobile Security Framework MobSF is an automated all-in-one mobile application open-sourced by Mobile Security Framework. It is used for penetration testing, malware analysis, and security assessments, and is capable of performing both static and dynamic analysis. A security vulnerability exists i...

Hands-on Review: Cynomi AI-powered vCISO Platform

The need for vCISO services is growing. SMBs and SMEs are dealing with more third-party risks, tightening regulatory demands and stringent cyber insurance requirements than ever before. However, they often lack the resources and expertise to hire an in-house security executive team. By outsourcin...

Upload_Bypass - File Upload Restrictions Bypass, By Using Different Bug Bounty Techniques Covered In Hacktricks

UploadBypass is a powerful tool designed to assist Pentesters and Bug Hunters in testing file upload mechanisms. It leverages various bug bounty techniques to simplify the process of identifying and exploiting vulnerabilities, ensuring thorough assessments of web applications. Simplifies the...

MITM_Intercept - A Little Bit Less Hackish Way To Intercept And Modify non-HTTP Protocols Through Burp And Others

A little bit less hackish way to intercept and modify non-HTTP protocols through Burp and others with SSL and TLS interception support. This tool is for researchers and applicative penetration testers that perform thick clients security assesments. An improved version of the fantastic mitmrelay...

What is a White Hat Hacker❓ | Ethical Hackers

Introduction White Hat programmers or hackers are individuals that do security assessments as a component of a business course of action. Albeit this idea is helpful in many cases, it has no legitimate or moral ramifications. When differentiated to the meaning of Black Hat, this nonappearance...