6803 matches found
Cross-Scale Persistence Analysis of EM Side-Channels for Reference-Free Detection of Always-On Hardware Trojans
Always-on hardware Trojans pose a serious challenge to integrated circuit trust, as they remain active during normal operation and are difficult to detect in post-deployment settings without trusted golden references. This paper presents a reference-free detection framework based on cross-scale...
Botan C++ Crypto Algorithms Library 3.11.0
Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS 10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to...
Stegano 2.3.0
Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit LSB technique. It is possible to use a more advanced LSB method based on integers sets. The sets Sieve of...
ClawWorm: Self-Propagating Attacks across LLM Agent Ecosystems
Autonomous LLM-based agents increasingly operate as long-running processes forming densely interconnected multi-agent ecosystems, whose security properties remain largely unexplored. In particular, OpenClaw, an open-source platform with over 40,000 active instances, has stood out recently with it...
Toward Secure Web to ERP Payment Flows: A Case Study of HTTP Header Trust Failures in SAP Based Systems
Electronic banking portals often sit in front of enterprise resource planning ERP systems such as SAP, mediating payment requests between users and back end financial infrastructure. When these integrations place excessive trust in client supplied HTTP metadata, subtle design flaws can arise that...
When Scanners Lie: Evaluator Instability in LLM Red-Teaming
Automated LLM vulnerability scanners are increasingly used to assess security risks by measuring different attack type success rates ASR. Yet the validity of these measurements hinges on an often-overlooked component: the evaluator who determines whether an attack has succeeded. In this study, we...
Activation Surgery: Jailbreaking White-Box LLMs without Touching the Prompt
Most jailbreak techniques for Large Language Models LLMs primarily rely on prompt modifications, including paraphrasing, obfuscation, or conversational strategies. Meanwhile, abliteration techniques also known as targeted ablations of internal components have been used to study and explain LLM...
Mining the YARA Ecosystem: From Ad-Hoc Sharing to Data-Driven Threat Intelligence
YARA has established itself as the de facto standard for "Detection as Code," enabling analysts and DevSecOps practitioners to define signatures for malware identification across the software supply chain. Despite its pervasive use, the open-source YARA ecosystem remains characterized by ad-hoc...
Experimental Evaluation of Security Attacks on Self-Driving Car Platforms
Deep learning-based perception pipelines in autonomous ground vehicles are vulnerable to both adversarial manipulation and network-layer disruption. We present a systematic, on-hardware experimental evaluation of five attack classes: FGSM, PGD, man-in-the-middle MitM, denial-of-service DoS, and...
Apple Security Advisory 03-11-2026-1
Apple Security Advisory 03-11-2026-1 - iOS 16.7.15 and iPadOS 16.7.15 addresses memory corruption issues...
Graph Neural Network-Based DDoS Protection for Data Center Infrastructure
In light of rising cybersecurity threats, data center providers face growing pressure to protect their own management infrastructure from Distributed Denial-of-Service DDoS attacks. While tenant-managed cages generally fall outside the data center's direct security purview, a successful DDoS...
Apple Security Advisory 03-11-2026-2
Apple Security Advisory 03-11-2026-2 - iOS 15.8.7 and iPadOS 15.8.7 addresses code execution and use-after-free vulnerabilities...
Windows File Explorer NTLM Forced Authentication Hash Disclosure 1.0
Windows File Explorer contains persistent forced authentication behavior that automatically transmits NTLM challenge-response hashes to remote SMB/WebDAV endpoints during routine file operations, enabling credential theft and potential domain compromise through NTLM relay attacks. This is not an...
Microsoft Windows Registry Editor Version 5.00 Malicious Registry File Generator
This script generates a malicious Windows Registration Entries .reg file designed to establish persistence on Windows systems. It creates a registry file that, when executed by a user, adds the attacker's payload to Windows auto-run registry keys. Written in PHP...
Quantum CDMA-Based Continuous Variable Quantum Key Distribution Using Chaotic Phase Shifters
We present a quantum code-division multiple-access q-CDMA framework for multiuser continuous-variable quantum key distribution CV-QKD over a shared quantum channel. The proposed architecture employs chaotic phase shifters to encode and decode quantum states, enabling efficient multiplexing and...
FoSAM: Forward Secret Messaging in Ad-Hoc Networks
Apps such as Firechat and Bridgefy have been used during recent protests in Hong Kong and Iran, as they allow communication over ad-hoc wireless networks even when internet access is restricted. However, these apps do not provide sufficient protection as they do not achieve forward secrecy in...
American Fuzzy Lop plus plus 4.40c
Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc...
WebGPU Resource Isolation Auditor
This WebGPU security javascript confirms that memory isolation between buffers is fully enforced. It does not exploit any vulnerability but rather demonstrates that behavior is working as expected. It validates that attempts to read or write outside of Buffer A's bounds are safely handled by eith...
OpenSSL Security Advisory 20260313
OpenSSL Security Advisory 20260313 - An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group configuration includes the default by using the "DEFAULT" keyword...
Microsoft Windows Image File Execution Options (IFEO) Persistence
This PHP script leverages legitimate Windows debugging features to establish persistent remote access. This technique leverages the Image File Execution Options IFEO registry keys to configure a monitor process that automatically executes when a specified target process exits. Windows allows...
Ransomware and Artificial Intelligence: A Comprehensive Systematic Review of Reviews
This study provides a comprehensive synthesis of Artificial Intelligence AI, especially Machine Learning ML and Deep Learning DL, in ransomware defense. Using a "review of reviews" methodology based on PRISMA, this paper gathers insights on how AI is transforming ransomware detection, prevention,...
Defensible Design for OpenClaw: Securing Autonomous Tool-Invoking Agents
OpenClaw-like agents offer substantial productivity benefits, yet they are insecure by default because they combine untrusted inputs, autonomous action, extensibility, and privileged system access within a single execution loop. We use OpenClaw as an exemplar of a broader class of agents that...
Microsoft Windows Malicious Script File Generator
This PHP script generates a malicious .WSF Windows Script File containing both VBScript and JScript payload blocks. The payload runs arbitrary system commands through WScript.Shell...
Microsoft Windows Service Binary Misconfiguration Tester
This document and included Metasploit module analyze the security risks associated with improper Windows service configurations, specifically focusing on writable service binary paths that may lead to privilege escalation. Note that this condition does not occur on a default Windows installation...
Agent Privilege Separation in OpenClaw: A Structural Defense against Prompt Injection
Prompt injection remains one of the most practical attack vectors against LLM-integrated applications. We replicate the Microsoft LLMail-Inject benchmark Greshake et al., 2024 against current generation models running inside OpenClaw, an open source multitool agent platform. Our proposed defense...
OpenClaw PRISM: A Zero-Fork, Defense-In-Depth Runtime Security Layer for Tool-Augmented LLM Agents
Tool-augmented LLM agents introduce security risks that extend beyond user-input filtering, including indirect prompt injection through fetched content, unsafe tool execution, credential leakage, and tampering with local control files. We present OpenClaw PRISM, a zero-fork runtime security layer...
Microsoft Windows Service Installation Persistence
This is a Microsoft Windows persistent service installer for creating backdoor services that automatically start payloads upon system boot. This tool is designed for authorized penetration testing and security research purposes. This variant from the author is written in PHP...
Systematic Security Analysis of the Iridium Satellite Radio Link
The Iridium Low Earth Orbit LEO satellite constellation remains a unique provider of global communications for critical industries, governments, and private users, serving over 2.5 million active subscribers despite recent market competition. In contrast to terrestrial wireless standards such as...
Microsoft Windows 11 24H2 NTLM Relay Orchestrator Privilege Escalation
This Metasploit module checks the SMB Signing status on remote targets. If signing is not required, the target is vulnerable to NTLM Relay attacks. It serves as an automated pre-flight check for relay operations...
nah Claude Code Tool
Claude Code's permission system is allow-or-deny per tool, but that doesn't really scale. Deleting some files is fine sometimes. And git checkout is sometimes catastrophic. Even when you curate permissions, 200 IQ Opus can find a way around it. Maintaining a deny list is a fool’s errand. What's...
Microsoft Windows Service Installation Persistence
This Metasploit module creates a persistent Windows service using multiple methods. It supports PowerShell, SC.exe, and WMI methods for service creation...
Taming OpenClaw: Security Analysis and Mitigation of Autonomous LLM Agent Threats
Autonomous Large Language Model LLM agents, exemplified by OpenClaw, demonstrate remarkable capabilities in executing complex, long-horizon tasks. However, their tightly coupled instant-messaging interaction paradigm and high-privilege execution capabilities substantially expand the system attack...
Security Considerations for Artificial Intelligence Agents
This article, a lightly adapted version of Perplexity's response to NIST/CAISI Request for Information 2025-0035, details our observations and recommendations concerning the security of frontier AI agents. These insights are informed by Perplexity's experience operating general-purpose agentic...
Keys on Doormats: Exposed API Credentials on the Web
Application programming interfaces APIs have become a central part of the modern IT environment, allowing developers to enrich the functionality of applications and interact with third parties such as cloud and payment providers. This interaction often occurs through authentication mechanisms tha...
RadEar: A Self-Supervised RF Backscatter System for Voice Eavesdropping and Separation
Eavesdropping on voice conversations presents a growing threat to personal privacy and information security. In this paper, we present RadEar, a novel RF backscatter-based system designed to enable covert voice eavesdropping through walls. RadEar consists of two key components: i a batteryless RF...
Phrack 73 Call for Papers
Phrack has announced their Call For Papers for Phrack issue 73. If you do cutting edge security research, you should write for Phrack. It is widely regarded as an unparalleled resource in the security community...
Internet-Scale Measurement of React2Shell Exploitation Using an Active Network Telescope
The increasing adoption of server-side component-based web frameworks has introduced new application-layer attack surfaces that remain insufficiently understood at Internet scale. On 3 December 2025, a critical remote code execution vulnerability CVE-2025-55182 in React Server Components, referre...
Highly Autonomous Cyber-Capable Agents: Anticipating Capabilities, Tactics, and Strategic Implications
This report introduces the concept of "Highly Autonomous Cyber-Capable Agents" HACCAs, AI systems capable of autonomously conducting multi-stage cyber campaigns at a level comparable to today's top criminal hacking groups or state-affiliated threat actors, and analyzes the security implications o...
On the Possible Detectability of Image-In-Image Steganography
This paper investigates the detectability of popular imagein-image steganography schemes 1, 2, 3, 4, 5. In this paradigm, the payload is usually an image of the same size as the Cover image, leading to very high embedding rates. We first show that the embedding yields a mixing process that is...
AEGIS: No Tool Call Left Unchecked -- a Pre-Execution Firewall and Audit Layer for AI Agents
AI agents increasingly act through external tools: they query databases, execute shell commands, read and write files, and send network requests. Yet in most current agent stacks, model-generated tool calls are handed to the execution layer with no framework-agnostic control point in between...
ChainFuzzer: Greybox Fuzzing for Workflow-Level Multi-Tool Vulnerabilities in LLM Agents
Tool-augmented LLM agents increasingly rely on multi-step, multi-tool workflows to complete real tasks. This design expands the attack surface, because data produced by one tool can be persisted and later reused as input to another tool, enabling exploitable source-to-sink dataflows that only...
Microsoft Windows 11 Build 26200 File Explorer Auditor
This Metasploit module provides a defensive pre-execution assessment for the Windows vulnerability where File Explorer fails to properly restrict access to sensitive system locations...
Microsoft Windows Active Setup Persistence Module
This Metasploit module leverages the Windows Active Setup mechanism to establish persistence while integrating multiple evasion and stealth techniques designed to reduce forensic visibility and bypass detection mechanisms...
Automatic Attack Script Generation: A MDA Approach
It is widely recognized that practical exercises are crucial for teaching cybersecurity in higher education. However, their setup is not only expensive, time-consuming, and prone to numerous errors, but also requires technical and programming skills to create attack contexts and scripts. To...
Microsoft Graph Enterprise Intelligence Collector
This Metasploit auxiliary module interacts with the Microsoft Graph API to perform enterprise intelligence collection. It supports authentication using Azure AD application credentials or an existing access token and enables enumeration of Azure users, SharePoint sites, OneDrive files, and Exchan...
Multi‑Layer Encrypted Python Payload Loader AES‑GCM + XOR + Zlib
This Python script acts as a loader that decrypts and executes a protected Python payload using multiple cryptographic and obfuscation layers. The program first requests a password from the user and derives a 256‑bit encryption key using PBKDF2 with a fixed salt salt123. The encrypted payload is...
VisualLeakBench: Auditing the Fragility of Large Vision-Language Models against PII Leakage and Social Engineering
As Large Vision-Language Models LVLMs are increasingly deployed in agent-integrated workflows and other deployment-relevant settings, their robustness against semantic visual attacks remains under-evaluated -- alignment is typically tested on explicit harmful content rather than privacy-critical...
MirrorDrift: Actuated Mirror-Based Attacks on LiDAR SLAM
LiDAR SLAM provides high-accuracy localization but is fragile to point-cloud corruption because scan matching assumes geometric consistency. Prior physical attacks on LiDAR SLAM largely rely on LiDAR spoofing via external signal injection, which requires sensor-specific timing knowledge and is...
Don't Let the Claw Grip Your Hand: A Security Analysis and Defense Framework for OpenClaw
Code agents powered by large language models can execute shell commands on behalf of users, introducing severe security vulnerabilities. This paper presents a two-phase security analysis of the OpenClaw platform. As an open-source AI agent framework that operates locally, OpenClaw can be integrat...
Human Presence Detection Via Wi-Fi Range-Filtered Doppler Spectrum on Commodity Laptops
Human Presence Detection HPD is key to enable intelligent power management and security features in everyday devices. In this paper we propose the first HPD solution that leverages monostatic Wi-Fi sensing and detects user position using only the built-in Wi-Fi hardware of a device, with no need...