BUGSCANNER---PHP-Web-Security-Scanner-for-Bug-Bounty-Penetration-Testing

!Pythonhttps://img.shields.io/badge/Python-3.10%2B-3776AB?st...

CLSA-2026-1774373385 Update of lkrg-kmod

Split RPM specs according to Fedora kmod packaging guidelines, one spec for kmod, one for userspace - Import modsign macros if requested by the module build - Make lkrg into a meta package which pulls lkrg-kmod and the systemd unit definition - Add lkrgtest module for testing and demonstrating...

TreeTeaming: Autonomous Red-Teaming of Vision-Language Models Via Hierarchical Strategy Exploration

The rapid advancement of Vision-Language Models VLMs has brought their safety vulnerabilities into sharp focus. However, existing red teaming methods are fundamentally constrained by an inherent linear exploration paradigm, confining them to optimizing within a predefined strategy set and...

Towards Leveraging LLMs to Generate Abstract Penetration Test Cases from Software Architecture

Software architecture models capture early design decisions that strongly influence system quality attributes, including security. However, architecture-level security assessment and feedback are often absent in practice, allowing security weaknesses to propagate into later phases of the software...

Terrapack HTTP Module Helpers

This is a Metasploit module that is intended to automate interaction with Terrapack web services. It does not exploit any actual issue but is meant for facilitation of testing...

Reconx

🔍 reconx - Modular Penetration Testing Framework !Python 3...

Exploit for OS Command Injection in Arcane

CVE-2026-23520 MCP API Remote Command Execution RCE Proo...

WordPress Nelio AB Testing plugin <= 8.2.7 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by daroo in WordPress Plugin Nelio AB Testing versions = 8.2.7...

MAL-2026-1989 Malicious code in init2winit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7eb9b716534151a8d16432102f52af1e6f61f9701b86efba4294cdc0e18ceaea Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Pensar Apex AI-Powered Penetration Testing

Pensar Apex is an AI-powered penetration testing using autonomous agents - directly in your terminal. Run blackbox and whitebox pentests that explore, reason, and surface real vulnerabilities...

NASimJax: GPU-Accelerated Policy Learning Framework for Penetration Testing

Penetration testing, the practice of simulating cyberattacks to identify vulnerabilities, is a complex sequential decision-making task that is inherently partially observable and features large action spaces. Training reinforcement learning RL policies for this domain faces a fundamental...

UBUNTU-CVE-2026-23265

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on node footer in read,writeendio ----------- cut here ------------ kernel BUG at fs/f2fs/data.c:358! Call Trace: blkupdaterequest+0x5eb/0xe70 block/blk-mq.c:987 blkmqendrequest+0x3e/0x70...

Exploit for Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Openssl

🔐 SSH Exploit Tool Educational Use Only 📌 Description Th...

Exploit for CVE-2026-32746

autohack Autonomous security research framework. Inspired by...

CVE-Exploit-Research-Development

Objective To research, replicate, and develop a working expl...

Exploit for Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Openssl

🔐 SSH Exploit Tool Educational Use Only 📌 Description Th...

How to Prioritize Vulnerabilities Effectively: A Framework

Attackers don’t care about your massive backlog of "critical" vulnerabilities. They look for the path of least resistance—the one exploitable weakness that gives them a foothold into your network. If your vulnerability management program isn't thinking like an attacker, you're always one step...

AI is Everywhere, But CISOs are Still Securing It with Yesterday's Skills and Tools, Study Finds

A majority of security leaders are struggling to defend AI systems with tools and skills that are not fit for the challenge, according to the AI and Adversarial Testing Benchmark Report 2026 from Pentera. The report, based on a survey of 300 US CISOs and senior security leaders, examines how...

com.azure.cosmos.spark:azure-cosmos-spark_4-0_2-13 (>=4.43.0 <=4.48.0), com.github.rumbledb:rumbledb (=2.0.0) +79 more potentially affected by CVE-2025-54920 via org.apache.spark:spark-core_2.13 (=4.0.0)

org.apache.spark:spark-core2.13 MAVEN version =4.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.spark:spark-core2.13 and may be impacted: - com.azure.cosmos.spark:azure-cosmos-spark4-02-13 =4.43.0, =0.43.0-preview, =0.43.0-preview,...

7 Best CTEM Tools to Reduce Your Attack Surface

To truly secure your organization, you have to start thinking like an attacker. An adversary doesn’t care about your endless spreadsheet of CVEs; they look for a single, exploitable path to their objective. So, how do you find that path before they do? You start by using threat intelligence to...