6803 matches found
Risk-Adjusted Harm Scoring for Automated Red Teaming for LLMs in Financial Services
The rapid adoption of large language models LLMs in financial services introduces new operational, regulatory, and security risks. Yet most red-teaming benchmarks remain domain-agnostic and fail to capture failure modes specific to regulated BFSI settings, where harmful behavior can be elicited...
Adversarial Reinforcement Learning for Detecting False Data Injection Attacks in Vehicular Routing
In modern transportation networks, adversaries can manipulate routing algorithms using false data injection attacks, such as simulating heavy traffic with multiple devices running crowdsourced navigation applications, to mislead vehicles toward suboptimal routes and increase congestion. To addres...
Silent Subversion: Sensor Spoofing Attacks Via Supply Chain Implants in Satellite Systems
Spoofing attacks are among the most destructive cyber threats to terrestrial systems, and they become even more dangerous in space, where satellites cannot be easily serviced, and operators depend on accurate telemetry to ensure mission success. When telemetry is compromised, entire spaceborne...
FP-Predictor - False Positive Prediction for Static Analysis Reports
Static Application Security Testing SAST tools play a vital role in modern software development by automatically detecting potential vulnerabilities in source code. However, their effectiveness is often limited by a high rate of false positives, which wastes developer's effort and undermines trus...
Microsoft Graph Advanced Intelligence Collector
This Metasploit auxiliary module interacts with the Microsoft Graph API to perform advanced intelligence collection in Microsoft 365 environments. The module supports Azure AD application authentication or direct access tokens and enables enumeration of Azure users, SharePoint sites, OneDrive...
Security-By-Design for LLM-Based Code Generation: Leveraging Internal Representations for Concept-Driven Steering Mechanisms
Large Language Models LLMs show remarkable capabilities in understanding natural language and generating complex code. However, as practitioners adopt CodeLLMs for increasingly critical development tasks, research reveals that these models frequently generate functionally correct yet insecure cod...
The Attack and Defense Landscape of Agentic AI: A Comprehensive Survey
AI agents that combine large language models with non-AI system components are rapidly emerging in real-world applications, offering unprecedented automation and flexibility. However, this unprecedented flexibility introduces complex security challenges fundamentally different from those in...
Microsoft Graph Cloud Intelligence Collector
The Microsoft Graph Cloud Intelligence Collector is a Metasploit Auxiliary module designed to interact with the Microsoft Graph API to gather information from Microsoft 365 and Microsoft Azure Active Directory environments. The module authenticates using the OAuth2 Client Credentials flow with a...
Advanced Python Payload Encryption Framework with Hybrid Cryptography Steganography and Anti‑Debugging
This Python program implements an advanced payload protection framework that combines multiple security and obfuscation techniques to encrypt, package, and distribute Python code. The framework supports hybrid encryption, multi‑key protection, anti‑debugging checks, and optional steganographic...
AttriGuard: Defeating Indirect Prompt Injection in LLM Agents Via Causal Attribution of Tool Invocations
LLM agents are highly vulnerable to Indirect Prompt Injection IPI, where adversaries embed malicious directives in untrusted tool outputs to hijack execution. Most existing defenses treat IPI as an input-level semantic discrimination problem, which often fails to generalize to unseen payloads. We...
Dynamic Python Payload Encryption Framework with Loader Generator
This Python program implements a small payload framework designed to encrypt, decrypt, analyze, and execute Python code using layered encoding and obfuscation techniques. It also automatically generates a self‑contained loader capable of restoring and executing the protected payload...
SharePoint / OneDrive Explorer via Microsoft Graph API
The SharePoint / OneDrive Explorer is a Metasploit Auxiliary module designed to interact with Microsoft Graph API in order to explore and retrieve information from Microsoft SharePoint and Microsoft OneDrive environments. The module authenticates using OAuth2 Client Credentials with a Tenant ID,...
Enhancing Network Intrusion Detection Systems: A Multi-Layer Ensemble Approach to Mitigate Adversarial Attacks
Adversarial examples can represent a serious threat to machine learning ML algorithms. If used to manipulate the behaviour of ML-based Network Intrusion Detection Systems NIDS, they can jeopardize network security. In this work, we aim to mitigate such risks by increasing the robustness of NIDS...
LROO Rug Pull Detector: A Leakage-Resistant Framework Based on On-Chain and OSINT Signals
Smart contract-based ecosystems enable decentralized applications without trusted intermediaries, but their immutability and permissionless design also facilitate large-scale fraud. One of the most prevalent attacks is the rug pull, where project operators abruptly withdraw liquidity after...
D-SLAMSpoof: An Environment-Agnostic LiDAR Spoofing Attack Using Dynamic Point Cloud Injection
In this work, we introduce Dynamic SLAMSpoof D-SLAMSpoof, a novel attack that compromises LiDAR SLAM even in feature-rich environments. The attack leverages LiDAR spoofing, which injects spurious measurements into LiDAR scans through external laser interference. By designing both spatial injectio...
Incremental Federated Learning for Intrusion Detection in IoT Networks under Evolving Threat Landscape
The expansion of Internet of Things IoT devices has increased the attack surface of networks, necessitating a robust and adaptive intrusion detection systems. Machine learning based systems have been considered promising in enhancing the detection performance. Federated learning settings enabled ...
Layered Performance Analysis of TLS 1.3 Handshakes: Classical, Hybrid, and Pure Post-Quantum Key Exchange
In this paper, we present a laboratory study focused on the impact of post-quantum cryptography PQC algorithms on multiple layers of stateful HTTP over TLS transactions: the TCP handshake, the intermediate TCP-TLS layer, the TLS handshake, the intermediate TLS layer, and the HTTP application laye...
QuaNTUM: A Modular Quantum Communication Testbed for Scalable Fiber and Satellite Integration
Secure communication is essential for modern society, from financial transactions to critical infrastructure. As classical encryption faces threats from advancing computational power, quantum communication provides a fundamentally secure alternative based on physical laws. We present QuaNTUM...
Multi‑Layer Python Payload Encryptor, Decryptor, and Loader Generator
This Python program is a utility designed to encrypt, decrypt, and package Python payloads using multiple layers of encoding and obfuscation. It provides a simple command‑line menu that allows users to convert a Python script into an encoded payload and automatically generate a loader that can...
Systematic Scaling Analysis of Jailbreak Attacks in Large Language Models
Large language models remain vulnerable to jailbreak attacks, yet we still lack a systematic understanding of how jailbreak success scales with attacker effort across methods, model families, and harm types. We initiate a scaling-law framework for jailbreaks by treating each attack as a...
TOSSS: A CVE-Based Software Security Benchmark for Large Language Models
With their increasing capabilities, Large Language Models LLMs are now used across many industries. They have become useful tools for software engineers and support a wide range of development tasks. As LLMs are increasingly used in software development workflows, a critical question arises: are...
WebDAV Advanced Penetration Testing Script
This Python-based WebDAV penetration testing script tests methods available, attempts directory listing with PROPFIND, file upload with PUT, and more...
Robust Provably Secure Image Steganography Via Latent Iterative Optimization
We propose a robust and provably secure image steganography framework based on latent-space iterative optimization. Within this framework, the receiver treats the transmitted image as a fixed reference and iteratively refines a latent variable to minimize the reconstruction error, thereby improvi...
Multilingual AI-Driven Password Strength Estimation with Similarity-Based Detection
Considering the rise of cyberattacks incidents worldwide, the need to ensure stronger passwords is necessary. Developing a password strength meter PSM can help users create stronger passwords when creating an account on an online platform. This research aimed to explore whether incorporating a...
PixelConfig: Longitudinal Measurement and Reverse-Engineering of Meta Pixel Configurations
Tracking pixels are used to optimize online ad campaigns through personalization, re-targeting, and conversion tracking. Past research has primarily focused on detecting the prevalence of tracking pixels on the web, with limited attention to how they are configured across websites. A tracking pix...
Enhanced Security in Quantum Token Protocols Using Hybrid Spin-Photon Interfaces
Quantum token protocols enable unforgeable quantum tokens promising unconditional security beyond classical cryptographic assumptions. We show here that the three stages of the Quantum token protocols involving the preparation, storage and verification can be made more secure when involving...
CLIOPATRA: Extracting Private Information from LLM Insights
As AI assistants become widely used, privacy-aware platforms like Anthropic's Clio have been introduced to generate insights from real-world AI use. Clio's privacy protections rely on layering multiple heuristic techniques together, including PII redaction, clustering, filtering, and LLM-based...
External Entropy Supply for IoT Devices Employing a RISC-V Trusted Execution Environment
Entropy--a measure of randomness--is compulsory for the generation of secure cryptographic keys; however, Internet of Things IoT devices that are small or constrained often struggle to collect suf ficient entropy. In this article, we solve the entropy provisioning problem for a fleet of IoT devic...
MCP-In-SoS: Risk Assessment Framework for Open-Source MCP Servers
Model Context Protocol MCP servers have rapidly emerged over the past year as a widely adopted way to enable Large Language Model LLM agents to access dynamic, real-world tools. As MCP servers proliferate and become easy to adopt via open-source releases, understanding their security risks become...
Game-Theoretic Modeling of Stealthy Intrusion Defense against MDP-Based Attackers
The rapid expansion of Internet use has increased system exposure to cyber threats, with advanced persistent threats APTs being especially challenging due to their stealth, prolonged duration, and multi-stage attacks targeting high-value assets. In this study, we model APT evolution as a strategi...
Execution Is the New Attack Surface: Survivability-Aware Agentic Crypto Trading with OpenClaw-Style Local Executors
OpenClaw-style agent stacks turn language into privileged execution: LLM intents flow through tool interception, policy gates, and a local executor. In parallel, skill marketplaces such as skills.sh make capability acquisition as easy as installing skills and CLIs, creating a growing capability...
PRoADS: Provably Secure and Robust Audio Diffusion Steganography with Latent Optimization and Backward Euler Inversion
This paper proposes PRoADS, a provably secure and robust audio steganographic framework based on audio diffusion models. As a generative steganography scheme, PRoADS embeds secret messages into the initial noise of diffusion models via orthogonal matrix projection. To address the reconstruction...
Why LLMs Fail: A Failure Analysis and Partial Success Measurement for Automated Security Patch Generation
Large Language Models LLMs show promise for Automated Program Repair APR, yet their effectiveness on security vulnerabilities remains poorly characterized. This study analyzes 319 LLM-generated security patchesacross 64 Java vulnerabilities from the Vul4J benchmark. Using tri-axis evaluation...
Vertex AI Experiments Bucket Squatting Defensive Scanner
The Vertex AI Bucket Squatting Defensive Scanner is a security assessment tool designed to detect potential Google Cloud Storage bucket hijacking risks related to predictable naming patterns in Vertex AI experiment workflows. Instead of exploiting the vulnerability, this defensive version perform...
Measuring Onion Website Discovery and Tor Users' Interests with Honeypots
Tor enables anonymous web browsing and access to anonymous onion websites. Prior work has focused on crawling and content analysis rather than on what users actually try to access. Our honeypot approach measures engagement across onion-site categories, revealing behavioral interest rather than...
An Analysis of Modern Web Security Vulnerabilities Inside WebAssembly Applications
The growth in the adoption of the WebAssembly WASM standard has given rise to a rapidly increasing landscape of binary applications that are natively ported to the environment of websites. The flexibility of WASM has made it the preferred way to run fast and resource-heavy applications, replacing...
Vertex AI SDK 1.131.0 Cross Site Scripting Scanner
This script is a defensive behavioral security scanner designed to test whether HTML reports generated by the internal visualization module of the google-cloud-aiplatform part of Google Cloud improperly render unescaped user-controlled input...
FalconEYE 2.1.0
FalconEYE represents a paradigm shift in static code analysis. Instead of relying on predefined vulnerability patterns, it leverages large language models to reason about your code the same way a security expert would, understanding context, intent, and subtle security implications that tradition...
ProvAgent: Threat Detection Based on Identity-Behavior Binding and Multi-Agent Collaborative Attack Investigation
Advanced Persistent Threats APTs pose critical challenges to modern cybersecurity due to their multi-stage and stealthy nature. While provenance-based detection approaches show promise in capturing causal attack semantics, current threat provenance practices face two paradoxical issues: 1 expert...
SmartGraphical: A Human-In-The-Loop Framework for Detecting Smart Contract Logical Vulnerabilities Via Pattern-Driven Static Analysis and Visual Abstraction
Smart contracts are fundamental components of blockchain ecosystems; however, their security remains a critical concern due to inherent vulnerabilities. While existing detection methodologies are predominantly syntax-oriented, targeting reentrancy and arithmetic errors, they often overlook logica...
A Comparative Study of Recent Advances in Internet of Intrusion Detection Things
The Internet of Things IoT has revolutionized the way devices communicate and interact with each other, but it has also created new challenges in terms of security. In this context, intrusion detection has become a crucial mechanism to ensure the safety of IoT systems. To address this issue, a...
TLS 1.3 SNI Scanner
A command-line PHP vulnerability testing tool was developed to analyze TLS behavior through observation and logical reasoning, rather than relying on fixed rules or CVE numbers. The tool establishes multiple TLS connections to the same server and port using different SNI values. It then compares...
Cybersecurity AI: Hacking Consumer Robots in the AI Era
Is robot cybersecurity broken by AI? Consumer robots -- from autonomous lawnmowers to powered exoskeletons and window cleaners -- are rapidly entering homes and workplaces, yet their security remains rooted in assumptions of specialized attacker expertise. This paper presents evidence that...
WAV Fuzzer 1.0
This script is a fuzzer tool for WAV file processing programs that targets memory corruption vulnerabilities...
SlowBA: An Efficiency Backdoor Attack Towards VLM-Based GUI Agents
Modern vision-language-model VLM based graphical user interface GUI agents are expected not only to execute actions accurately but also to respond to user instructions with low latency. While existing research on GUI-agent security mainly focuses on manipulating action correctness, the security...
OAuthHub: Mitigating OAuth Data Overaccess through a Local Data Hub
Most OAuth service providers, such as Google and Microsoft, offer only a limited range of coarse-grained data access. As a result, third-party OAuth applications often end up accessing more user data than necessary, even if their developers want to minimize data access. We present OAuthHub, a...
M365Pwned Red Team Tool
M365Pwned is two WinForms GUI tools for enumerating, searching, and exfiltrating data from Microsoft 365 environments using application-level OAuth tokens without any user interaction required...
AgenticCyOps: Securing Multi-Agentic AI Integration in Enterprise Cyber Operations
Multi-agent systems MAS powered by LLMs promise adaptive, reasoning-driven enterprise workflows, yet granting agents autonomous control over tools, memory, and communication introduces attack surfaces absent from deterministic pipelines. While current research largely addresses prompt-level...
Towards Modeling Cybersecurity Behavior of Humans in Organizations
We undertake a comprehensive and structured synthesis of the drivers of human behavior in cybersecurity, focusing specifically on people within organizations i.e., especially employees in companies, and integrate key concepts such as awareness, security culture, and usability into a coherent...
SoK: Harmonizing Attack Graphs and Intrusion Detection Systems
Detecting and responding to cyber attacks is increasingly difficult as high-volume, complex network traffic allows threats to remain concealed. While Intrusion Detection Systems IDSs identify anomalous behavior, Attack Graphs AGs serve as the primary threat model for analyzing attacker strategies...