Adversarial Bug Reports As a Security Risk in Language Model-Based Automated Program Repair

Large Language Model LLM - based Automated Program Repair APR systems are increasingly integrated into modern software development workflows, offering automated patches in response to natural language bug reports. However, this reliance on untrusted user input introduces a novel and underexplored...

Exploit for Improper Handling of Exceptional Conditions in Apache Struts

pocsuite3 Legal Disclaimer Usage of pocsuite3 for attacking targets without prior mutual consent is illegal. pocsuite3 is for security testing purposes only 法律免责声明 未经事先双方同意，使用 pocsuite3 攻击目标是非法的。 pocsuite3 仅用于安全测试目的 Overview pocsuite3 is an open-sourced remote vulnerability testing and...

GraphQLer: Enhancing GraphQL Security with Context-Aware API Testing

GraphQL is an open-source data query and manipulation language for web applications, offering a flexible alternative to RESTful APIs. However, its dynamic execution model and lack of built-in security mechanisms expose it to vulnerabilities such as unauthorized data access, denial-of-service DoS...

AtomShields Cli - Security Testing Framework For Repositories And Source Code

AtomShields Cli is a Command-Line Interface to use the software AtomShields Installation pip install atomshieldscli Basic usage ascli --target --name The allowed action values are: install : To install a checker or a report, depending the context setted. uninstall : To uninstall a checker or a...

Hcon's Security Testing Framework (Hcon STF) v0.4 [Fire base]

Hcon's Security Testing Framework Hcon STF v0.4 Fire base +v0.4+%5BFire+base%5D.jpg Hcon respects & salutes to all of the freedom fighters of India, without whom we can never be able get our freedom.A tribute to all of the freedom fighters of all the countries we present HconSTF version 0.4...