6819 matches found
Mitigate or Fail: How Risk Management Shapes Cybersecurity Competency
Contemporary cybersecurity governance assumes that professionals apply risk reasoning. Yet major organisational failures persist despite investment in tools, staffing, and credentials. This study investigates the structural source of that paradox. Cybersecurity speaks the language of risk, but it...
Wazuh 4.14.5
Wazuh is a free and open source security platform that unifies XDR and SIEM capabilities. It protects workloads across on-premises, virtualized, containerized, and cloud-based environments. This is the source code release...
Joern 4.0.526
Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...
AutoRISE: Agent-Driven Strategy Evolution for Red-Teaming Large Language Models
Automated red-teaming methods for large language models typically optimize attack prompts within a fixed, human-designed strategy, leaving the attack strategy itself unchanged. We instead optimize the strategy. We propose AutoRISE, a method that searches over executable attack programs rather tha...
DNG File Security Scanner for Detecting Malformed Metadata and Overflow Indicators
This Python script is a defensive security tool designed to analyze DNG Digital Negative image files and detect signs of structural corruption or potentially malicious metadata manipulation. It performs low-level parsing of TIFF/DNG structures by reading the file header and iterating through Imag...
A Ground-Truth-Based Evaluation of Vulnerability Detection across Multiple Ecosystems
Automated vulnerability detection tools are widely used to identify security vulnerabilities in software dependencies. However, the evaluation of such tools remains challenging due to the heterogeneous structure of vulnerability data sources, inconsistent identifier schemes, and ambiguities in...
Synthesizing Multi-Agent Harnesses for Vulnerability Discovery
LLM agents have begun to find real security vulnerabilities that human auditors and automated fuzzers missed for decades, in source-available targets where the analyst can build and instrument the code. In practice the work is split among several agents, wired together by a harness: the program...
Joern 4.0.525
Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...
ATBroker Registry Security Scanner
This code is a defensive Windows security scanner designed to audit potentially sensitive Registry paths related to ATBroker Accessibility Technology Broker and core system hives. It only checks for the presence of certain registry keys to see if they're protected or accessible...
Towards Certified Malware Detection: Provable Guarantees against Evasion Attacks
Machine learning-based static malware detectors remain vulnerable to adversarial evasion techniques, such as metamorphic engine mutations. To address this vulnerability, we propose a certifiably robust malware detection framework based on randomized smoothing through feature ablation and targeted...
Towards Secure Logging: Characterizing and Benchmarking Logging Code Security Issues with LLMs
Logging code plays an important role in software systems by recording key events and behaviors, which are essential for debugging and monitoring. However, insecure logging practices can inadvertently expose sensitive information or enable attacks such as log injection, posing serious threats to...
HTTP Chunked Encoding Behavior Analyzer
This script is a security analysis tool designed to test how a web server such as Kestrel-based applications handles HTTP requests using chunked transfer encoding...
Threat Detection and Resilience Techniques in PRS-Assisted OTDOA 5G Positioning Systems
Precise positioning is a key enabler for emerging 5G applications, from autonomous transport to industrial automation. Yet the open physical layer PL leaves standard positioning reference signals PRSs vulnerable to manipulation. This work addresses the security of downlink observed time differenc...
angr 9.2.212
angr is an open-source binary analysis platform for Python. It combines both static and dynamic symbolic "concolic" analysis, providing tools to solve a variety of tasks...
TLSCheck 2.0: An Enhanced Memory Forensics Approach to Efficiently Detect TLS Callbacks
Memory analysis is a crucial technique in digital forensics that enables investigators to examine the runtime state of a system through physical memory dumps. While significant advances have been made in memory forensics, the detection and analysis of Thread Local Storage TLS callbacks remain...
Adaptive Instruction Composition for Automated LLM Red-Teaming
Many approaches to LLM red-teaming leverage an attacker LLM to discover jailbreaks against a target. Several of them task the attacker with identifying effective strategies through trial and error, resulting in a semantically limited range of successes. Another approach discovers diverse attacks ...
Mythos and the Unverified Cage: Z3-Based Pre-Deployment Verification for Frontier-Model Sandbox Infrastructure
The April 2026 Claude Mythos sandbox escape exposed a critical weakness in frontier AI containment: the infrastructure surrounding advanced models remains susceptible to formally characterizable arithmetic vulnerabilities. Anthropic has not publicly characterized the escape vector; some secondary...
TL-RL-FusionNet: An Adaptive and Efficient Reinforcement Learning-Driven Transfer Learning Framework for Detecting Evolving Ransomware Threats
Modern ransomware exhibits polymorphic and evasive behaviors by frequently modifying execution patterns to evade detection. This dynamic nature disrupts feature spaces and limits the effectiveness of static or predefined models. To address this challenge, we propose TL-RL-FusionNet, a reinforceme...
Taint-Style Vulnerability Detection and Confirmation for Node.Js Packages Using LLM Agent Reasoning
The rapidly evolving Node$.$js ecosystem currently includes millions of packages and is a critical part of modern software supply chains, making vulnerability detection of Node$.$js packages increasingly important. However, traditional program analysis struggles in this setting because of dynamic...
Text Steganography with Dynamic Codebook and Multimodal Large Language Model
With the popularity of the large language models LLMs, text steganography has achieved remarkable performance. However, existing methods still have some issues: 1 For the white-box paradigm, this steganography behavior is prone to exposure due to sharing the off-the-shelf language model between...
Rosemary 1.0.2
Rosemary is a cross-platform transparent tunneling platform designed for network pivoting. Unlike traditional tools that rely on TUN/TAP interfaces or require per-application proxy configuration like proxychains, Rosemary intercepts traffic at the kernel level...
SDNGuardStack: An Explainable Ensemble Learning Framework for High-Accuracy Intrusion Detection in Software-Defined Networks
Software-Defined Networking SDN is another technology that has been developing in the last few years as a relevant technique to improve network programmability and administration. Nonetheless, its centralized design presents a major security issue, which requires effective intrusion detection...
CVEs with a CVSS Score Greater Than or Equal to 9
Critical vulnerabilities with Common Vulnerability Scoring System scores of 9.0 or higher pose severe risks to organisations' information systems. Timely detection and remediation are essential to minimise economic and reputational damage from cyberattacks. This paper provides a thorough analysis...
DNG File Generator with Malformed Metadata
This Python script generates a custom DNG Digital Negative image file by manually constructing TIFF/DNG structures, including headers, Image File Directories IFDs, and metadata tags...
An Analysis of Attack Vectors against FIDO2 Authentication
Phishing attacks remain one of the most prevalent threats to online security, with the Anti-Phishing Working Group reporting over 890,000 attacks in Q3 2025 alone. Traditional password-based authentication is particularly vulnerable to such attacks, prompting the development of more secure...
DNG File Generator for Security Testing
This C++ program is a complex security research tool CVE-2026-27280 designed to manually construct a DNG Digital Negative image file with fully controlled internal structures TIFF/DNG headers, IFD tables, and metadata tags...
DNG File Generator for Security Testing Masked RGB Tables
This Python script is a research-oriented DNG Digital Negative file generator designed to build a specially crafted image file with controlled metadata structures for security testing of DNG processing engines...
AVISE: Framework for Evaluating the Security of AI Systems
As artificial intelligence AI systems are increasingly deployed across critical domains, their security vulnerabilities pose growing risks of high-profile exploits and consequential system failures. Yet systematic approaches to evaluating AI security remain underdeveloped. In this paper, we...
PVAC: A RowHammer Mitigation Architecture Exploiting Per-Victim-Row Counting
As DRAM scaling exacerbates RowHammer, DDR5 introduces per-row activation counting PRAC to track aggressor activity. However, PRAC indiscriminately increments counters on every activation -- including benign refreshes -- while relying solely on explicit RFM operations for resets. Consequently,...
I2P 2.12.0
I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version...
FreeBSD Security Advisory - FreeBSD-SA-26:10.tty
FreeBSD Security Advisory - The implementation of TIOCNOTTY failed to clear a back-pointer from the structure representing the controlling terminal to the calling process' session. If the invoking process then exits, the terminal structure may end up containing a pointer to freed memory. A...
Adding Compilation Metadata to Binaries to Make Disassembly Decidable
The binary executable format is the standard method for distributing and executing software. Yet, it is also as opaque a representation of software as can be. If the binary format were augmented with metadata that provides security-relevant information, such as which data is intended by the...
Evaluating LLM-Generated Obfuscated XSS Payloads for Machine Learning-Based Detection
Cross-site scripting XSS remains a persistent web security vulnerability, especially because obfuscation can change the surface form of a malicious payload while preserving its behavior. These transformations make it difficult for traditional and machine learning-based detection systems to reliab...
AppleSEPKeyStore iOS macOS 26.1–26.2 Multi-Thread Race Condition Simulation Tool
This C/Objective-C program is a lightweight concurrency stress-testing tool designed to simulate and observe race conditions using atomic operations and multiple threads. It models a simplified shared-state system where concurrent readers and writers continuously interact with a shared variable...
Understanding Password Preferences, Memorability, and Security through a Human-Centered Lens
Passwords remain the primary authentication method, yet user-created passwords are often the weakest due to the security-usability trade-off. Although AI-based password generators are emerging, little is known about their effectiveness and user perceptions. This eye-tracking study examined how...
Insights into Security-Related AI-Generated Pull Requests
Recent years have experienced growing contributions of AI coding agents that assist human developers in various software engineering tasks. However, this growing AI-assisted autonomy raises questions about security and trust. In this paper, we analyze more than 33,000 AI-generated pull requests P...
We Are Currently Clean on OPSEC: Why JD Can't Encrypt
We analyse the 2025 Signalgate leak of sensitive US military information by the Trump administration, addressing why confidentiality was violated messages leaked to the press in spite of encryption Signal, to deepen the socio-technical considerations when designing and deploying encryption. First...
Do Agents Dream of Root Shells? Partial-Credit Evaluation of LLM Agents in Capture the Flag Challenges
Large Language Model LLM agents are increasingly proposed for autonomous cybersecurity tasks, but their capabilities in realistic offensive settings remain poorly understood. We present DeepRed, an open-source benchmark for evaluating LLM-based agents on realistic Capture The Flag CTF challenges ...
DP-FlogTinyLLM: Differentially Private Federated Log Anomaly Detection Using Tiny LLMs
Modern distributed systems generate massive volumes of log data that are critical for detecting anomalies and cyber threats. However, in real world settings, these logs are often distributed across multiple organizations and cannot be centralized due to privacy and security constraints. Existing...
Revisiting and Expanding the IPv6 Network Periphery: Global-Scale Measurement and Security Analysis
As IPv6 deployment accelerates, understanding the evolving security posture of network peripheries becomes increasingly important. A DSN 2021 study introduced the first large-scale discovery of IPv6 network peripheries, uncovering risks like service exposure and routing loops. However, its scope...
DNG File Fuzzer for Robustness
This Python script is a mutation-based fuzzing tool designed to test the robustness of DNG Digital Negative / TIFF-based file parsers by generating large numbers of corrupted or semi-valid image files. It works by starting from a minimal valid DNG structure, then applying random mutations to...
FreeBSD Security Advisory - FreeBSD-SA-26:11.amd64
FreeBSD Security Advisory - In order to apply a particular protection key to an address range, the kernel must update the corresponding page table entries. The subroutine which handled this failed to take into account the presence of 1GB largepage mappings created using the shmcreatelargepage3...
Involuntary In-Context Learning: Exploiting Few-Shot Pattern Completion to Bypass Safety Alignment in GPT-5.4
Safety alignment in large language models relies on behavioral training that can be overridden when sufficiently strong in-context patterns compete with learned refusal behaviors. We introduce Involuntary In-Context Learning IICL, an attack class that uses abstract operator framing with few-shot...
AgentSOC: A Multi-Layer Agentic AI Framework for Security Operations Automation
Security Operations Centers SOCs increasingly encounter difficulties in correlating heterogeneous alerts, interpreting multi-stage attack progressions, and selecting safe and effective response actions. This study introduces AgentSOC, a multi-layered agentic AI framework that enhances SOC...
Rosemary 1.0.1
Rosemary is a cross-platform transparent tunneling platform designed for network pivoting. Unlike traditional tools that rely on TUN/TAP interfaces or require per-application proxy configuration like proxychains, Rosemary intercepts traffic at the kernel level...
API Security Based on Automatic OpenAPI Mapping
This paper presents Map Reduce Graph MRG, a novel unsupervised method for modeling and securing HTTP REST APIs. MRG learns API structure from real-world traffic without prior knowledge or labels, automatically generating OpenAPI-compliant documentation by reconstructing routes, methods, and...
Adobe DNG File Security Scanner
This program is a defensive security tool designed to analyze DNG Digital Negative image files and detect potential signs of malicious manipulation or exploit attempts. It performs a low-level inspection of the file structure by parsing the TIFF header and scanning raw binary content for suspicio...
Camaleon CMS 2.9.1 Automated Admin Login, Version Detection, and Profile Update Script
This is a version detection and profile updating script for Camaleon CMS. It does not exploit any issue but can be useful for security testing to see if a vulnerable version is in use...
Cyber Defense Benchmark: Agentic Threat Hunting Evaluation for LLMs in SecOps
We introduce the Cyber Defense Benchmark, a benchmark for measuring how well large language model LLM agents perform the core SOC analyst task of threat hunting: given a database of raw Windows event logs with no guided questions or hints, identify the exact timestamps of malicious events. The...
An AI Agent Execution Environment to Safeguard User Data
AI agents promise to serve as general-purpose personal assistants for their users, which requires them to have access to private user data e.g., personal and financial information. This poses a serious risk to security and privacy. Adversaries may attack the AI model e.g., via prompt injection to...