Exploit for CVE-2025-49388

CVE-2025-49388 WordPress Miraculous Core Plugin Plugin OPTI...

Exploit for Out-of-bounds Write in Vmware Cloud_Foundation

CVE-2021-21974 Vulnerability Detector A Python-based security...

Exploit for CVE-2025-23266

cve-2025-23266-migration-bypass cve...

RCE-Foryou

RCE-Foryou Python tool for safely testing and exploiting RCE v...

Exploit for Off-by-one Error in F5 Nginx

vulnerability in NGINX servers versions 0.6.18–1.20.0. The scr...

Penetration-Testing-on-Metasploitable2

Penetration-Testing-on-Metasploitable2...

Adversarial Bug Reports As a Security Risk in Language Model-Based Automated Program Repair

Large Language Model LLM - based Automated Program Repair APR systems are increasingly integrated into modern software development workflows, offering automated patches in response to natural language bug reports. However, this reliance on untrusted user input introduces a novel and underexplored...

VulnRepairEval: an Exploit-Based Evaluation Framework for Assessing Large Language Model Vulnerability Repair Capabilities

The adoption of Large Language Models LLMs for automated software vulnerability patching has shown promising outcomes on carefully curated evaluation sets. Nevertheless, existing datasets predominantly rely on superficial validation methods rather than exploit-based verification, leading to...

PT-2025-35522

Name of the Vulnerable Software and Affected Versions: MobSF version 4.4.0 Description: MobSF is a mobile application security testing tool. An authenticated user who uploaded a specially prepared one.a file could write arbitrary files to any directory writable by the user of the MobSF process...

Router-Exploiter

Router-Exploiter A powerful and stealthy penetration testing t...

DomiExploit-Cyber-Scanner

It is an offensive tool for penetration testing. The DomiExploit...

Exploit for Improper Input Validation in Rubyonrails Rails

🔐 Black Box Penetration Test on DVWA This repository document...

trashhost

xss tool and sqli detector...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a Denial of Service in huggingface/transformers [CVE-2025-2099]

Summary IBM Watson Speech Services Cartridge is vulnerable to a Denial of Service in huggingface/transformers, due to an issue where the regular expression used to process code blocks in docstrings contains nested quantifiers, leading to exponential backtracking when processing input with a large...

MAL-2025-41611 Malicious code in testpointx0-testing-test (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in testpointx0-testing-test (npm)

--- -= Per source details. Do not edit below this line.=-...

PT-2025-34983

Name of the Vulnerable Software and Affected Versions: QuickCMS version 6.8 Description: QuickCMS is susceptible to a Cross-Site Request Forgery CSRF issue in the page deletion functionality. A malicious actor can create a crafted website that, when visited by an administrator, automatically send...

Multi-Agent Penetration Testing AI for the Web

AI-powered development platforms are making software creation accessible to a broader audience, but this democratization has triggered a scalability crisis in security auditing. With studies showing that up to 40% of AI-generated code contains vulnerabilities, the pace of development now vastly...

POC

Collect so...

Linux Distros Unpatched Vulnerability : CVE-2022-3767

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing validation in DAST analyzer affecting all versions from 1.11.0 prior to 3.0.32, allows custom request headers to be sent with every request, regardless ...