6907 matches found
GNUnet P2P Framework 0.26.2
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP IPv4 and IPv6, TCP IPv4 and IPv6, HTTP, o...
IServ Schoolserver User Enumeration
IServ Schoolserver suffers from a user enumeration vulnerability. The vendor does not feel this is an issue...
Routing Ceilings Are Domain-Independent: Structural Prior Injection in Code Security Vulnerability Detection
Large language models LLMs exhibit a well-documented gap between latent capability and consistent activation: the router hypothesis posits that models possess the knowledge to solve a task but lack reliable internal routing to activate it. Prior work in formal mathematical reasoning SAIR, C�zares...
Nimux 1.0.1
Nimux is a native command surface for authorized security assessments. It combines network enumeration, credential validation, Active Directory operations, Kerberos workflows, remote execution, file movement, secrets collection, DCSync, GPO operations, database clients, and SOCKS routing into one...
RedAmon 6.0.2
An autonomous AI framework that chains reconnaissance, exploitation, and post-exploitation into a single pipeline, then goes further by triaging every finding, implementing code fixes, and opening pull requests on your repository. From first packet to merged patch, with human oversight at every...
Specter 1.0 NFC Reader / Skimmer Bug-Sweep
Specter turns your Flipper Zero into a pocket counter-surveillance bug-sweep for active 13.56 MHz NFC readers - a hidden card skimmer slipped into a payment terminal, a covert reader behind a door panel, a rogue logger taped under a desk. It passively senses the RF carrier that any powered-on...
Xalgorix Autonomous AI Pentesting Agent 4.5.62
Most scanners detect. Xalgorix proves. An autonomous LLM agent works a full pentest methodology, then an independent verifier re-exploits every finding before it's reported - so you get proof, not a pile of maybes to triage. Self-hosted, private, and bring-your-own-LLM. Built in Go + TypeScript...
The Distributed Open-Source Vulnerability Ecosystem
Identifying known software vulnerabilities is a central task in software supply chain security management. Although publicly available vulnerability information is based on shared standards, different vulnerability scanners often report divergent results for identical software inventories. These...
Setup Complete, Now You Are Compromised: Weaponizing Setup Instructions against AI Coding Agents
AI coding agents set up projects by reading documentation and installing the dependencies it lists, without verifying their names, sources, or known vulnerabilities. By editing only a README, requirements file, or Makefile, an attacker can redirect the agent to an untrusted registry, a...
Beyond Success Rate: Cost-Aware Evaluation of Offensive and Defensive Security Agents
Security-agent evaluations commonly measure peak offensive capability under generous inference budgets, emphasizing vulnerability discovery, exploit development, penetration testing, and CTF completion. Such measurements are useful but incomplete: in operational security, every reasoning step, to...
Qubes OS Security in the Public Record
Qubes OS is a revealing case for security measurement because its architecture makes component boundaries security-relevant. We present a protocol-driven longitudinal analysis of 109 public Qubes Security Bulletins QSBs, 2011--2025, the official Qubes-maintained Xen Security Advisory XSA tracker,...
Bad Memory: Evaluating Prompt Injection Risks from Memory in Agentic Systems
A growing class of agentic systems maintain persistent state across sessions through memory files, behavioral preferences, and knowledge bases. While this makes agents more useful and self-improving, it also creates a new attack surface for prompt injections in which malicious instructions can be...
MemPoison: Uncovering Persistent Memory Threats and Structural Blind Spots in LLM Agents
Persistent external memory enhances agent continuity but introduces persistent security vulnerabilities: adversarial content can be injected via standard interaction channels, retained across turns, and later distort downstream behavior. To address this challenge, we propose MemPoison, a...
FlowGuard: From Signals to Evidence for MCP Security Detection
The Model Context Protocol MCP enables LLM agents to interact with external tools through metadata exchange, tool invocation, and response consumption. Existing MCP security scanners primarily reason about suspicious semantic signals rather than real execution behaviors, which can lead to...
Cloudflare Universal SSL CAA Augmentation
Cloudflare Universal SSL automatically adds CAA issue/issuewild records when a customer has Universal SSL enabled and publishes any CAA records for the zone. These auto-added records are not shown in the Cloudflare dashboard but are returned in DNS responses, and can include permissive...
CodeQL 2.26.1
Discover vulnerabilities across a codebase with CodeQL, an industry-leading semantic code analysis engine. CodeQL lets you query code as though it were data. Write a query to find all variants of a vulnerability, eradicating it forever. Then share your query to help others do the same...
Joern 4.0.582
Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...
SonicWall SMA1000 Series SSRF Detection Tool
A safe detection tool for identifying CVE-2026-15409 affecting SonicWall SMA1000 Series appliances. The Python utility performs non-destructive checks by issuing requests to common application endpoints using an external test URL and reports indicators of possible server-side request forgery...
Agent Skill Security: Threat Models, Attacks, Defenses, and Evaluation
Reusable skills are becoming a fundamental building block of Large Language Model LLM agents, enabling capabilities to be packaged, shared, and reused across diverse applications. However, existing security research primarily focuses on prompt injection and runtime execution, leaving security ris...
Reveal, Correct, Then Pay: Encrypted Mempools and Perpetual Funding Security
Encrypted mempools are designed to hide transaction contents until execution order is fixed, preventing many victim dependent forms of maximal extractable value. This paper studies a different class of attack in the form of self-authored state manipulation, in which the attacker knows its own...
Rethinking Penetration Testing for AI-Enabled Systems: From Resource Compromise to Behavioral Objective Violation
Penetration testing traditionally evaluates whether adversaries can exploit weaknesses in software, infrastructure, configurations, or operational controls to achieve security-relevant compromise. This paradigm remains necessary for AI-enabled systems, but it is no longer sufficient. In such...
Xalgorix Autonomous AI Pentesting Agent 4.5.60
Most scanners detect. Xalgorix proves. An autonomous LLM agent works a full pentest methodology, then an independent verifier re-exploits every finding before it's reported - so you get proof, not a pile of maybes to triage. Self-hosted, private, and bring-your-own-LLM. Built in Go + TypeScript...
Meeting Uncertain Threats with Feedback
Air and missile defense, naval force protection, and critical-infrastructure security require rapid allocation of scarce effectors against multiple incoming threats when neutralization is uncertain and observed only after a firing round. We formulate this defensive-allocation problem as a Markov...
Context Contamination in LLM Analysis of Network Security Logs: Poison with Passive Prompt Injection and Mitigation Evaluation
Large Language Models are increasingly deployed in Security Operations Centers for log analysis tasks including summarization, alert triage, and threat investigation. These systems ingest logs from external-facing services and process network logs as natural language contexts to generate security...
A Measurement Study of AI-Environment Realism Gaps in Malware-Analysis Sandboxes
Sandboxing remains a core technique for observing suspicious program behavior, yet environment-aware malware increasingly suppresses execution when analysis is suspected. Prior generations of sandbox evasion focused on virtualization artifacts, timing discrepancies, and wear-and-tear realism. In...
The Prover Is the Judge: Verified Security Software from AI Coding Agents in Ada/SPARK
AI coding agents produce code faster than humans can review it. In our approach, the prover is the judge of whether the code is correct. Under a verifier-driven loop, AI agents wrote and verified bare-metal security software in Ada/SPARK spanning classical and post-quantum cryptography, TLS 1.3,...
Semgrep Rules 2.0.0 Static Analysis Rule Collection
A collection of Semgrep rules for identifying potentially vulnerable code patterns during static source code analysis. The rule set focuses on vulnerability research across multiple languages and includes checks for common security issues to assist developers, auditors, and security researchers...
Joern 4.0.581
Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...
MIMEDefang Email Scanner 3.71
MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible...
Towards Quantum Machine Learning for Assessing the Resilience of Post-Quantum Cryptography
The potential capabilities of quantum computers motivated the development of cryptographic protocols suitable for securing communication against adversaries with access to large fault-tolerant quantum computers. However, even though current quantum computers are limited in terms of size and...
Assessing the Forensic Viability of Android Memory Analysis across Production Builds: A Cross-Version Study of Security Hardening and Structure Preservation
Android memory forensics recovers evidence that never touches disk: decrypted messages, session credentials, and the live internal state of a running application. The tools that perform this recovery depend on debug symbols embedded in libart.so, the Android Runtime library, to locate data...
To Play or Not to Play: Insights and Lessons Learned from 20 Years of CTFs with ENOFLAG
Security contests in the form of CTF Capture The Flag exercises are nowadays a common way to learn cyber security. 20 years ago at DIMVA 2006 the on-site CTF CIPHER II was one of the conference highlights and led to the foundation of the team ENOFLAG. In this poster, we reflect on the changes in...
Adversarial Prompting Framework for AI Safety Assessment
Artificial Intelligence AI, especially Generative AI GenAI, adoption has increased in industries significantly in recent years. However, the use of these models may also expose systems to new forms of cyberattacks by different malicious actors -- adversarial prompt attack APA being one of the mos...
Traffic-Aware Randomized Smoothing for LLM-Based Network Intrusion Detection
Large language model LLM-based intrusion detection systems IDS are increasingly studied for security monitoring, yet their robustness against feasible traffic manipulation remains largely empirical. We present Traffic-Aware Randomized Smoothing TA-RS, a classifier-agnostic certified defense that...
Security Evaluation of Laser-Phase-Noise Quantum Random Number Generators with Intrinsic Correlations
Quantum random number generators are essential for achieving information-theoretical security in modern cryptographic systems. Among various implementations, laser phase noise schemes are widely favored for their simple architecture and high integration potential. However, the intrinsic...
How Agents Ask for Permission: User Permissions for AI Agents, from Interfaces to Enforcement
As AI agents gain prevalance, users are increasingly exposed to the risks such systems entail. Prompt injection attacks, as well as hallucination, can cause agents to leak private information to third parties. As autonomous systems, agents also present the more active danger of performing sensiti...
ProfMalPlus: Agent-Coordinated Detection of Malicious NPM Packages Via Static-Dynamic Analysis Synergy
Open source software is vulnerable to supply-chain attacks through transitive dependencies, especially malicious code injected into NPM packages. Existing detectors often inadequately model obfuscated behavior, overlook JavaScript's object-centric features, poorly coordinate static and dynamic...
Security Evaluation of Quantum Distance-Bounding Protocols Via Semidefinite Programming
Quantum distance-bounding QDB protocols let a verifier check that a prover is both genuine and physically nearby. During a timed fast phase of quantum communication, the verifier measures round-trip times to obtain an upper bound on the prover's distance. For a uniform comparison, we isolate the...
DREA: Decoupled Reasoning and Exploration Agents for Repository-Level Vulnerability Detection
Large language models LLMs are increasingly applied to vulnerability detection due to their strong code comprehension capabilities, but most existing approaches rely on isolated functions or context extracted by fixed program-analysis rules. These methods cannot adaptively explore repository-leve...
A SecOps Practitioner's View of Project Glasswing and the Halcyon Imperative
This paper is written from the ground level, from the perspective of someone running a Security Operations Center SOC and an Attack Surface Management program day to day. It is not a strategic overview for the boardroom. It is a practitioner's assessment of what Glasswing changes functionally, wh...
Breaking Refusal in the First Half: A Mechanistic Study of the Prefill Jailbreak
Aligned language models refuse harmful requests, but a one-line prefill "Sure, here is" strips the refusal. We ask where and how it fails. The harm representation stays intact: on the prompts the attack flips to compliance, a linear probe reads harm as high as on the refused ones 0.91-0.98, while...
On the Security Implications of PQC in TLS: Handshake Exhaustion and IDS Degradation
Post-Quantum Cryptography PQC is increasingly being integrated into TLS 1.3 to enhance resilience against quantum-enabled attacks. However, the additional computational and communication overhead introduced by PQC primitives during the handshake phase may also amplify the impact of TLS handshake...
Evaluating Frontier AI Agents As Autonomous Clinical Security Auditors
Clinical AI models can expose patients to harm when adversarial vulnerabilities go undetected, yet formal security auditing requires statistical expertise, specialized tools, and significant time. We present an open evaluation task, built on METR Task Standard v0.3.0, that tests whether frontier ...
BARS: Benign-Anchored Ranking and Selection for False Alarm Reduction in Network Intrusion Detection
False alarms remain a major barrier to deploying network intrusion detection systems NIDS. In high-volume environments, even a sub-1% false positive rate can generate tens of thousands of daily alerts. Filter-based feature selection is attractive because it operates upstream of the classifier and...
Designing a GDPR-Compliant Security Architecture for Remote Elderly Care Systems: A Privacy-By-Design Approach
IoMT-based remote elderly care systems generate continuous streams of sensitive health data, yet existing security architectures have not simultaneously addressed three interdependent challenges: GDPR-compliant edge-layer pseudonymisation, elderly-specific zero-interaction usability as a binding...
Xalgorix Autonomous AI Pentesting Agent 4.5.59
Most scanners detect. Xalgorix proves. An autonomous LLM agent works a full pentest methodology, then an independent verifier re-exploits every finding before it's reported - so you get proof, not a pile of maybes to triage. Self-hosted, private, and bring-your-own-LLM. Built in Go + TypeScript...
When Binaries Talk Back: Representation-Confusion Attacks on LLM-Assisted Reverse Engineering
LLM-assisted reverse-engineering RE systems analyze strings, decompiler output, and tool reports derived from ttacker-controlled binaries. A binary can make data look like instructions or records from one origin look like independent evidence. We call such failures Representation-Confusion Attack...
Why Not Fix It Once and for All? an Empirical Study of Multiple Patches for Vulnerability Fixes in Open-Source Software
Security patches for open-source software constitute a foundational resource for vulnerability remediation research and practice. However, analyzing and applying multiple patches remains challenging, especially when trying to determine at what point in a patch sequence a vulnerability is fully...
Trust but Verify? Uncovering the Security Debt of Autonomous Coding Agents
The increasing adoption of autonomous coding agents accelerates software development but also introduces scoped security risks within high-impact file paths that can outpace traditional human review capacity. While prior research has primarily evaluated these systems in terms of functional...
Joern 4.0.580
Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...