7383 matches found
MightyBots
🦠 MightyBots An Educational Post-Exploitation Framework fo...
Security_Testing_Task3
No d...
MulCovFuzz: A Multi-Component Coverage-Guided Greybox Fuzzer for 5G Protocol Testing
As mobile networks transition to 5G infrastructure, ensuring robust security becomes more important due to the complex architecture and expanded attack surface. Traditional security testing approaches for 5G networks rely on black-box fuzzing techniques, which are limited by their inability to...
📄 SPIP Gadget Chain Insecure Deserialization
SPIP Gadget Chain versions prior to 4.4.9 suffer from a potential PHP object deserialization vulnerability. ============================================================================================================================================= | Title : SPIP Gadget Chain before 4.4.9...
CVE-2026-27477 Mastodon has SSRF via unvalidated FASP Provider base_url
Mastodon is a free, open-source social network server based on ActivityPub. FASP registration requires manual approval by an administrator. In versions 4.4.0 through 4.4.13 and 4.5.0 through 4.5.6, an unauthenticated attacker can register a FASP with an attacker-chosen baseurl that includes or...
CVE-2026-27468
Mastodon is a free, open-source social network server based on ActivityPub. FASP registration requires manual approval by an administrator. In versions 4.4.0 through 4.4.13 and 4.5.0 through 4.5.6, actions performed by a FASP to subscribe to account/content lifecycle events or to backfill content...
ai-security-toolkit
...
VibeCode-injectproof
🛡️ VibeCode-InjectProof Deep SQLi verification engine for...
A Lightweight Defense Mechanism against Next Generation of Phishing Emails Using Distilled Attention-Augmented BiLSTM
The current generation of large language models produces sophisticated social-engineering content that bypasses standard text screening systems in business communication platforms. Our proposed solution for mail gateway and endpoint deception detection operates in a privacy-protective manner whil...
ICSSPulse: A Modular LLM-Assisted Platform for Industrial Control System Penetration Testing
It is well established that industrial control systems comprise the operational backbone of modern critical infrastructures, yet their increasing connectivity exposes them to cyber threats that are difficult to study and remedy safely under real-time operational conditions. In this paper, we...
Linux Kernel 7.x Safe Verification of XFS Scrub ioctl Support
This tool provides a safe and non-exploitative way to verify whether a mount point uses the XFS file system and whether the system kernel supports the ioctl interface for XFS metadata cleanup XFSIOCSCRUBMETADATA. The tool performs verification of the file system type to confirm it is XFS, safely...
Exploit for Incorrect Privilege Assignment in Themewinter Eventin
CVE-2025-47539 Exploit Overview This repository contains a...
bottegram
b...
Malicious code in npm-security-testing (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7bf7ca4cfc33128c3d392d0df3b413365624b0e28a8215a7f0226ca4ec459730 The package npm-security-testing was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview npm-security-testing is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2026-997 Malicious code in npm-security-testing (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7bf7ca4cfc33128c3d392d0df3b413365624b0e28a8215a7f0226ca4ec459730 The package npm-security-testing was found to contain malicious code. Source: ghsa-malware...
CodeHacker: Automated Test Case Generation for Detecting Vulnerabilities in Competitive Programming Solutions
The evaluation of Large Language Models LLMs for code generation relies heavily on the quality and robustness of test cases. However, existing benchmarks often lack coverage for subtle corner cases, allowing incorrect solutions to pass. To bridge this gap, we propose CodeHacker, an automated agen...
Mass FortiGate Symlink Bypass Scanner
FortiGate mass symlink bypass scanner that adds structured validation, impact assessment, and reporting logic. It first verifies whether the target actually appears to be a FortiGate device from Fortinet using fingerprinting heuristics, which reduces false positives. Instead of testing a single...
watchtower
!WatchTower Bannerhttps://github.com/0xS4r4n9/watchtower/blob...
Exploit for OS Command Injection in Beyondtrust Privileged_Remote_Access
BeyondTrust CVE-2026-1731 Scanner Professional Python scanner...