7198 matches found
Exploit for Path Traversal in Apache Http_Server
π₯ LFI-Destroyer β Authorized Penetration Testing Framework LFI-D...
autopentest-ai
AutoPentest Automated web application penetration testing p...
Security Assessment of Intel TDX with Support for Live Migration
In the second and third quarters of 2025, Google collaborated with Intel to conduct a security assessment of Intel Trust Domain Extensions TDX, extending Google's previous review and covering major changes since Intel TDX Module 1.0 - namely support for Live Migration and Trusted Domain TD...
creepytrix
π CREEPYTRIX - Bitrix Pentest Tool v1.1 !Versionhttps://i...
Malicious code in dev-pipline-test (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 20dee9221f632983ab927b06c661fda3edf9bea9f5369620acdea3631511876a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
testing-code-review
No d...
Exploit for CVE-2017-0143
Cybersecurity Penetration Testing Project Project Overview...
[SECURITY] Fedora 43 Update: python3.6-3.6.15-52.fc43
Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software...
[SECURITY] Fedora 42 Update: python3.6-3.6.15-52.fc42
Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software...
OpenSSL 3.x Malicious AESβGCM ASN.1 Parameter Injection
This C code is a security research proof of concept targeting OpenSSL's CMS Cryptographic Message Syntax handling. It programmatically creates a syntactically valid CMS AuthEnvelopedData object using AES-256-GCM, then injects a custom-crafted ASN.1 AESGCMPARAMETERS sequence with an abnormally lar...
@cubejs-backend/server (>=1.1.2 <=1.4.0), @cubejs-backend/server-core (>=1.1.2 <=1.4.0) +2 more potentially affected by CVE-2026-25957 via @cubejs-backend/api-gateway (>=1.1.17 <=1.4.0)
@cubejs-backend/api-gateway NPM version =1.1.17, =1.1.2, =1.1.2, =1.1.2, =1.4.0 - cubejs-backend-server-core-fork =1.1.3 Source cves: CVE-2026-25957 Source advisory: SNYK:JS-CUBEJSBACKENDAPIGATEWAY-15265448...
Exploit for CVE-2026-25916
CVE-2026-25916: Roundcube Webmail DOM XSS Exploit π Exploi...
MAL-2026-814 Malicious code in http-notifier-test (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 876fd5ae23d7c051fa55647bc5b152a7905505782e78ca9536b161318d2e000f Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MUZZLE: Adaptive Agentic Red-Teaming of Web Agents against Indirect Prompt Injection Attacks
Large language model LLM based web agents are increasingly deployed to automate complex online tasks by directly interacting with web sites and performing actions on users' behalf. While these agents offer powerful capabilities, their design exposes them to indirect prompt injection attacks...
π Novell GroupWise 2012 Traversal / Shell Upload
This code exploits the directory traversal vulnerability in Novell GroupWise 2012 before Support Pack 1 to steal files, and attempts to upload a web shell payload if possible, making it an effective penetration testing tool...
SoK: The Pitfalls of Deep Reinforcement Learning for Cybersecurity
Deep Reinforcement Learning DRL has achieved remarkable success in domains requiring sequential decision-making, motivating its application to cybersecurity problems. However, transitioning DRL from laboratory simulations to bespoke cyber environments can introduce numerous issues. This is furthe...
libssh 0.7.6 Advanced SSH Security Testing Tool
This is an advanced SSH security testing tool for libssh that provides robust session management, signal handling, safe memory management, and multiple operational modes while also checking banners to see if libssh is vulnerable to CVE-2018-10933...
picoCTF_2025_pie_time
PIE Exploit Challenge Exploiting a PIE Position Independent...
Exploit for CVE-2025-49132
CVE-2025-49132-POC I made this poc for my personal cha...
Vajra
β‘ Vajra βββ βββ ββββββ ββββββββββ ββββββ βββ...