6819 matches found
GNUnet P2P Framework 0.26.2
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP IPv4 and IPv6, TCP IPv4 and IPv6, HTTP, o...
IServ Schoolserver User Enumeration
IServ Schoolserver suffers from a user enumeration vulnerability. The vendor does not feel this is an issue...
TestSSL 3.2.4
testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in pure bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets...
LifeOS 7.1.1
LifeOS is a Life Operating System. It knows your goals, the people who matter to you, and where you are right now, and it works to move you toward where you want to be. The engine underneath is a verifiable loop: turn any request into testable criteria, then climb until they pass. This is the fir...
Nebula AI-Powered Penetration Testing 2.0.0
Nebula is an advanced, AI-powered penetration testing open-source tool that revolutionizes penetration testing by integrating state-of-the-art AI models into your command-line interface. Designed for cybersecurity professionals, ethical hackers, and developers, Nebula automates vulnerability...
IronCurtain 0.13.0
IronCurtain is an early-stage research project exploring how to make AI agents safe enough to be genuinely useful. It is a runtime for autonomous AI agents, where security policy is derived from a human-readable constitution. APIs, configuration formats, and architecture may change...
T3MP3ST Multi-Agent Offensive Security Framework
T3MP3ST is a multi-agent offensive-security framework, built to turn the AI coding agent you already run into a zero-day hunter...
Flounder 0.3.1
Flounder turns modern coding agents into an end-to-end security audit system. Give it an authorized target boundary - a repository, source tree, package, deployed clue, or prior run - and the agent can prepare the workspace, read the code and supporting material, map the attack surface, dig into...
Stegano 2.5.0
Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit LSB technique. It is possible to use a more advanced LSB method based on integers sets. The sets Sieve of...
Xalgorix Autonomous AI Pentesting Agent 4.5.55
Most scanners detect. Xalgorix proves. An autonomous LLM agent works a full pentest methodology, then an independent verifier re-exploits every finding before it's reported - so you get proof, not a pile of maybes to triage. Self-hosted, private, and bring-your-own-LLM. Built in Go + TypeScript...
Joern 4.0.579
Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...
SFDS: Selective File Disclosure System
Access control to networked resources has been a longstanding challenge. The conventional solution relies on authentication mechanisms, which introduce additional complexities associated with Identity and Access Management IAM. Such systems require user authentication, identity management, and...
Federated Learning Architecture: Data Privacy and System Security Approaches
This study explores the integration of homomorphic encryption and differential privacy techniques to enhance data privacy and security in Federated Learning FL systems. FL allows data to remain on local devices, eliminating the need for centralized data collection; however, sensitive information...
Leveraging Interpretable Tsetlin Machine for PDF Malware Detection
In the digital era, Portable Document Format PDF is one of the most widely used file formats for storing and exchanging digital documents due to its platform independence and rich functionality. However, these same capabilities have also made PDF files an attractive attack vector for...
Malaika: Understanding Malware through Tri-Grounded Agentic Reasoning
Recent LLM-based systems have shown promising capabilities for security-focused code analysis. Malware understanding, however, poses a distinct challenge: analysts must reconstruct high-level malicious behaviors under partial observability from sparse, dispersed evidence intertwined with benign...
TSAI-MetaFraud: A Benchmark Dataset for Financial Fraud Transaction and Behavioral Risk Detection in Metaverse Ecosystems
The emergence of metaverse platforms has created virtual economies that introduce new challenges related to fraud, bot activity, and illicit financial behavior. Despite growing interest in trustworthy metaverse analytics, existing datasets typically focus on user behavior, authentication, or...
VEXAIoT: Autonomous IoT Vulnerability EXploitation Using AI Agents
Internet of Things IoT systems are inherently vulnerable due to constrained hardware, outdated firmware, and insecure default configurations, creating a need for scalable and adaptive security testing approaches. While recent adoptions of Large Language Model LLM agents have demonstrated promise ...
Impact of Benign Connectivity Variations on Intrusion Detection for Encrypted OPC UA Traffic in Industrial Private 5G Networks
Machine learning ML-based intrusion detection systems IDSs are increasingly used to monitor encrypted industrial communication. However, their behavior under realistic private 5G operating conditions remains insufficiently understood. This paper investigates the impact of benign connectivity...
Statistically Undetectable Backdoors in Deep Neural Networks
We show how an adversarial model trainer can plant backdoors in a large class of deep, feedforward neural networks. These backdoors are statistically undetectable in the white-box setting, meaning that the backdoored and honestly trained models are close in total variation distance, even given th...
Wireshark Analyzer 4.6.7
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. Thi...
Flounder 0.2.0
Flounder turns modern coding agents into an end-to-end security audit system. Give it an authorized target boundary - a repository, source tree, package, deployed clue, or prior run - and the agent can prepare the workspace, read the code and supporting material, map the attack surface, dig into...
WPProbe Plugin Enumeration Tool 0.12.5
A fast WordPress plugin and theme scanner that detects installed plugins via REST API enumeration and themes from HTML discovery, then maps them to known vulnerabilities. Over 5,000 plugins detectable without brute-force, thousands more with it...
vulnx 2.0.2
vulnx is a command-line interface CLI tool designed to provide a structured and easily navigable interface to various vulnerability databases...
Prismata: Confining Cross-Site Prompt Injection in Web Agents
Autonomous web agents promise to automate everyday browsing tasks, but inherit one of the web's oldest attack surfaces. Cross-Site Scripting proved that mixing trusted and untrusted content is dangerous, even on benign pages. Agents resurface this risk by interpreting natural language as...
Reverse Engineering Compliance: A Dual-Graph Verification Framework for Auditing Legacy IT Security Concepts
The NIS-2 Directive increases the need for continuous, auditable compliance evidence and motivates a shift from document-based compliance toward machine-readable compliance artifacts. The Open Security Controls Assessment Language OSCAL is a standard for this purpose, which the German Federal...
Securing Autonomous Vehicle Systems Via Twin-Aware Federated Reinforcement Learning
Federated reinforcement learning FRL is crucial for enabling collaborative learning across multiple agents without sharing raw data, thereby enhancing privacy and scalability in the decision-making process within dynamic vehicular environments. However, poisoning attacks pose a significant threat...
Neuro-Agentic Control: A Deep Learning-Based LLM-Powered Agentic AI Framework for Controlling Security Controls
Cyberattacks on operational technology are increasingly causing costly downtime and physical damage, exposing the limitations of traditional rule-based monitoring in industrial IoT environments. While Large Language Models LLMs have strong semantic reasoning abilities to assist in decision suppor...
SeedSmith: LLM-Driven Seed Synthesis for Directed Fuzzing
Directed fuzzing steers fuzzers toward user-defined sink functions to identify vulnerabilities, but it frequently fails to trigger crashes even after long campaigns. We identify two challenges that prevent directed fuzzers from exposing crashes: incomplete static analysis of indirect calls, which...
Secret Scanner Agent: Extracting Secrets and Access Context from Unstructured Documents
Exposed documents such as emails, chat threads, tickets, and incident notes routinely leak credentials, but during incident response a leaked secret is only half the story. Responders also need to identify the "door'' the secret opens: the account, tenant, endpoint, database, cloud resource, or...
Entropy Bootstrapping for Wireless Embedded Systems
Weak randomness has broken deployed cryptography through implementation bugs, boot entropy scarcity, and backdoored generators. Inexpensive wireless sensors concentrate the risk because many boot or operate in highly deterministic conditions while relying on basic, rudimentary, or opaque RNGs. On...
Git Hash Chain Malleability
This whitepaper demonstrates that signed Git commits are not uniquely bound to their commit hashes, even when they display a valid "Verified" badge on GitHub. The authors show that attackers can transform the signature encoding of an existing signed commit—without possessing the private signing...
Monitoring Vulnerabilities in Next-Generation Automotive Operating Systems
Software-defined vehicles SDVs are revolutionizing transportation by integrating complex, interconnected hardware, and software systems. This evolution introduces significant security challenges. We present a comprehensive security analysis for SDVs, focusing on software vulnerabilities. We note...
Multi-Class Vs. Multi-Label BERT for CVE-To-CWE Mapping: How Taxonomy Structure Shapes the Errors
Assigning Common Weakness Enumeration CWE categories to Common Vulnerabilities and Exposures CVE records remains an important but largely manual step in vulnerability analysis. We study this task as a text classification problem and compare two modelling choices: a \emphmulti-class formulation th...
Beyond Attack-Success Rate: Action-Graded Severity Scale for Tool-Using AI Agents
Agentic red-teaming benchmarks report whether an injected agent was compromised as a single bit: the attack succeeded, or it did not. We argue that this binary attack-success rate discards the information a defender most needs, namely how harmful the resulting action was. We introduce an...
Mitigating Taint-Style Vulnerabilities in MCP Servers Via Security-Aware Tool Descriptions
Large language models LLMs are increasingly deployed as autonomous agents that interact with external tools and services via the Model Context Protocol MCP, a standardized interface for dynamic tool invocation. While MCP simplifies integration, it also expands the attack surface and enables gener...
Certifying Ghosts: How Cybersecurity AI Agents Break the EU Cyber Resilience Act
The EU Cyber Resilience Act CRA makes a smart bet. It does not demand that products be free of vulnerabilities, but only that manufacturers run a process: assess risk, handle flaws, ship updates. The bet pays off if four things about the world stay true: P1 finding vulnerabilities is slow, skille...
An Automated Framework for Generating Stealthy Cell-Embedded Hardware Trojans
Hardware Trojans HTs pose significant threats across the Integrated Circuit IC design lifecycle because they can be inserted by untrusted entities at different stages under the zero-trust model. When triggered under rare conditions, HTs can compromise the functionality, reliability, or security o...
Oracle E-Business Suite 12.2.14 Vulnerability Detection Scanner
This is a scanner designed to assess Oracle E-Business Suite web environments affected by CVE-2025-61882. It performs basic connectivity checks, fingerprints Oracle EBS-specific paths such as /OAHTML/ endpoints, and verifies the accessibility of common application endpoints without sending...
ida_kernelcache: An IDA Toolkit for analyzing iOS kernelcaches
idakernelcache is an IDAPython module for IDA Pro to make working with iOS kernelcaches easier. idakernelcache has been tested with IDA Pro 6.95 on kernelcaches for iOS versions 10.1.1, 11.0, 11.2, 11.3.1, and 12.0 beta. Currently only Arm64 kernelcaches from iOS 10 and later are supported...
Entropy-Adaptive Multi-Map Chaotic Modulation for Physical-Layer Security
This paper presents a Multi-Map Dynamic-Entropy Intrusion-Aware Chaotic Modulation MU-DE-IAEACM-MM framework for adaptive physical-layer security in multi-user wireless systems. Unlike conventional chaos-based schemes that rely on static parameter secrecy, the proposed architecture treats entropy...
ScopeJudge: Cost-Aware Pre-Execution Gating for Offensive Security Agents
As LLM agents take on offensive security work, a single out-of-scope tool call can breach a client's engagement boundary, disrupt production, or void a bug-bounty finding. Unlike a fixed safety policy, the boundary that matters is declared in the user's request and must be inferred from intent...
Forensic Schema for Psychological Manipulation in Cyber Fraud: LLM-Driven Victim Reports Analysis
Existing cybercrime classification schemas capture contact metadata and financial transactions but omit the psychological manipulation techniques perpetrators employ. We present a forensic schema four categories, 35 questions adding 11 manipulation indicators and cryptocurrency evidence fields to...
Beware What You Autocomplete: Forensic Attribution of Backdoored Code Completions
Large language models have enabled powerful code completion systems that assist developers by predicting subsequent lines of code. However, these models remain vulnerable to backdoor attacks, where malicious fine-tuning data covertly implants unsafe behaviors. Despite advances in defensive...
KS-CFA: Control-Flow Attestation Via Symbolic Replay against Control-Flow Bending Attacks
Control-flow attestation CFA enables a remote entity to verify program execution on a target device by monitoring control-flow behaviour at runtime. However, control-flow bending CFB attacks remain difficult to detect, where an adversary steers execution along legal edges of the program's...
Mechanistic Interpretability of LLM Jailbreaks Via Internal Attribution Graphs
Large language models LLMs exhibit remarkable capabilities but remain highly vulnerable to adversarial prompts and jailbreak attacks. Existing approaches primarily analyze these failures through input-output behaviors or attribution methods, offering limited insight into how adversarial...
Pardus Domain Joiner 0.5.2 Credential Disclosure
A security vulnerability has been identified in Pardus Domain Joiner version 0.5.2, where Active Directory administrative credentials are passed as plaintext command-line arguments during domain join and domain leave operations...
Oracle E-Business Suite 12.2.15 Payments Vulnerability Scanner
This Python-based security assessment tool scans Oracle E-Business Suite EBS Payments deployments for indicators associated with CVE-2026-46817...
OpenEMR Fax/SMS Module Path Traversal Detection Scanner
This repository contains a detection-only security scanner for CVE-2026-24849 affecting the OpenEMR Fax/SMS module. It identifies potentially vulnerable OpenEMR installations by checking the application version, verifying the Fax/SMS module is present, probing the affected endpoint, and optionall...
CodeQL 2.26.0
Discover vulnerabilities across a codebase with CodeQL, an industry-leading semantic code analysis engine. CodeQL lets you query code as though it were data. Write a query to find all variants of a vulnerability, eradicating it forever. Then share your query to help others do the same...
Joern 4.0.578
Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...