XSSaudit

XSSAudit v2.0 — Advanced XSS Vulnerability Scanner For au...

MAL-2026-4356 Malicious code in testing-on-npmjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1575dee70b1f079b297d26405595aa16591e62de8fac896cf9ea485d6f534132 On npm install, postinstall.js executes two attacker-controlled actions automatically. First, it collects installer-side identity whoami, id,...

Malicious code in testing-on-npmjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1575dee70b1f079b297d26405595aa16591e62de8fac896cf9ea485d6f534132 On npm install, postinstall.js executes two attacker-controlled actions automatically. First, it collects installer-side identity whoami, id,...

Exploit for Path Traversal in Grafana

GrafTraverse - CVE-2021-43798 MiNi Exploitation Framework...

Lessons from Penetration Tests on Large-Scale Agent Systems

As AI systems gain increasing autonomy and execution capability, the number of discovered security vulnerabilities continues to rise. However, many of these vulnerabilities are not fundamentally novel, but instead reflect recurring classes of weaknesses long observed in prior computing systems...

view_component 安全漏洞

viewcomponent is an open-source framework developed by ViewComponent, designed for building reusable and testable view components. There are security vulnerabilities in the viewcomponent version 3.0.0 to 4.9.0. These vulnerabilities arise from the system’s testing entry point using File.realpath ...

Exploit for Prototype Pollution in Substack Minimist

CVE-2020-7598 - Prototype Pollution in minimist Disclaimer...

netsec-agent

NETSEC-AGENT Autonomous AI Penetration Testing Terminal —...

sql-injection

sql-injection python tool that...

APT-Agent: Automated Penetration Testing Using Large Language Models

Penetration testing is essential to securing modern web infrastructures, yet traditional manual methods struggle to keep pace with their scale and complexity. Large Language Models LLMs offer new opportunities for automating these tasks, but existing approaches face two persistent challenges:...

programming-for-penetration-testing-buffer-overflow-exploit

Buffer Overflow Exploit in Ruby Overview This project was...

CVEsWorpriss

ها هو ملف README.md المعاد كتابته بالكامل لمشروعك CVEsWorpriss v...

Exploit for Unrestricted Upload of File with Dangerous Type in Wordpress

WordPress Crop Image RCE — CVE-2019-8942 / CVE-2019-8943 Pyth...

jwt-pwn

jwt-pwn A zero-dependency Python 3 toolkit for discovering an...

Exploit for CVE-2026-0211

ISU-SecOps Nginx QUIC RCE Lab Modern web sunucularındaki Ngi...

Mephisto

InMyMine7 - WordPress Auto Exploit !Versionhttps://img.s...

BYOT-CPS: A Hybrid Cyber-Physical Systems Testbed for IoT Security Assessment and Platform Evaluation

Internet of Things IoT security research continues to face a methodological gap between scalable virtual experimentation and realistic device behaviour. While pure simulation and emulation platforms provide control, repeatability, and scale, they do not fully reproduce firmware-specific behaviour...

Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development

Microsoft has unveiled two new open-source tools called RAMPART and Clarity to assist developers in better testing the security of artificial intelligence AI agents. RAMPART, short for Risk Assessment and Measurement Platform for Agentic Red Teaming, functions as a Pytest-native safety and securi...

Introducing RAMPART and Clarity: Open source tools to bring safety into Agent development workflow

In this article 1. Why we are investing in this 2. RAMPART: Continuous safety testing for agentic AI 3. Clarity: Helping check software engineering assumptions 4. RAMPART and Clarity available now The AI systems shipping inside enterprises today are fundamentally different from the ones we were...

HOV4X

HOV4X HOVAX - 45 Modules Security Toolkit for Penetration Test...