6803 matches found
A Content-Based Framework for Cybersecurity Refusal Decisions in Large Language Models
Large language models and LLM-based agents are increasingly used for cybersecurity tasks that are inherently dual-use. Existing approaches to refusal, spanning academic policy frameworks and commercially deployed systems, often rely on broad topic-based bans or offensive-focused taxonomies. As a...
OMNI-STRIKE Multi‑Protocol Wireless Security Testing Platform
OMNI‑STRIKE is a multi‑protocol wireless security assessment application built for Flipper Zero. It is designed to discover nearby wireless devices and perform controlled, authorized security testing in a structured and logged environment...
A Unified Evaluation of Learning-Based Similarity Techniques for Malware Detection
Cryptographic digests e.g., MD5, SHA-256 are designed to provide exact identity. Any single-bit change in the input produces a completely different hash, which is ideal for integrity verification but limits their usefulness in many real-world tasks like threat hunting, malware analysis and digita...
Python Email Header Injection Mitigation Tester
This tool demonstrates how modern Python's email library EmailMessage with policy.default effectively prevents email header injection attacks. By rejecting newline and carriage return characters in header values, the library enforces RFC 5322 compliance and blocks classic injection attempts such ...
From Tool Orchestration to Code Execution: A Study of MCP Design Choices
Model Context Protocols MCPs provide a unified platform for agent systems to discover, select, and orchestrate tools across heterogeneous execution environments. As MCP-based systems scale to incorporate larger tool catalogs and multiple concurrently connected MCP servers, traditional tool-by-too...
Zero Knowledge (About) Encryption: A Comparative Security Analysis of Three Cloud-based Password Managers
Zero Knowledge Encryption is a term widely used by vendors of cloud-based password managers. Although it has no strict technical meaning, the term conveys the idea that the server, who stores encrypted password vaults on behalf of users, is unable to learn anything about the contents of those...
TOR Virtual Network Tunneling Tool 0.4.9.5
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow...
Intellicise Wireless Networks Meet Agentic AI: A Security and Privacy Perspective
Intellicise Intelligent and Concise wireless network is the main direction of the evolution of future mobile communication systems, a perspective now widely acknowledged across academia and industry. As a key technology within it, Agentic AI has garnered growing attention due to its advanced...
Secure and Energy-Efficient Wireless Agentic AI Networks
In this paper, we introduce a secure wireless agentic AI network comprising one supervisor AI agent and multiple other AI agents to provision quality of service QoS for users' reasoning tasks while ensuring confidentiality of private knowledge and reasoning outcomes. Specifically, the supervisor ...
A Scan-Based Analysis of Internet-Exposed IoT Devices Using Shodan Data
An open measurement problem in IoT security is whether scan-observable network configurations encode population-level exposure risk beyond individual devices. An analysis of internet-exposed IoT endpoints using a controlled multi-country sample from Shodan Search and Shodan InternetDB, selecting...
State of Passkey Authentication in the Wild: A Census of the Top 100K Sites
Passkeys -- discoverable WebAuthn credentials synchronised across devices are widely promoted as the future of passwordless authentication. Built on the FIDO2 standard, they eliminate shared secrets and resist phishing while offering usability through platform credential managers. Since their...
AI Arms and Influence: Frontier Models Exhibit Sophisticated Reasoning in Simulated Nuclear Crises
Today's leading AI models engage in sophisticated behaviour when placed in strategic competition. They spontaneously attempt deception, signaling intentions they do not intend to follow; they demonstrate rich theory of mind, reasoning about adversary beliefs and anticipating their actions; and th...
nfstream 6.6.0
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python...
Exposing the Systematic Vulnerability of Open-Weight Models to Prefill Attacks
As the capabilities of large language models continue to advance, so does their potential for misuse. While closed-source models typically rely on external defenses, open-weight models must primarily depend on internal safeguards to mitigate harmful behavior. Prior red-teaming research has largel...
OpenSSL 3.x Realistic ASN.1 / PKCS#12 Denial of Service Tool
This proof of concept builds structurally correct ASN.1 DER / PKCS12 files designed to stress-test OpenSSL's parser and memory handling. It focuses on non-exploitative impacts such as denial of service, excessive memory consumption, deep recursion, malformed lengths, and duplicated/overlapping...
Exploiting Layer-Specific Vulnerabilities to Backdoor Attack in Federated Learning
Federated learning FL enables distributed model training across edge devices while preserving data locality. This decentralized approach has emerged as a promising solution for collaborative learning on sensitive user data, effectively addressing the longstanding privacy concerns inherent in...
What Hackers Talk about When They Talk about AI: Early-Stage Diffusion of a Cybercrime Innovation
The rapid expansion of artificial intelligence AI is raising concerns about its potential to transform cybercrime. Beyond empowering novice offenders, AI stands to intensify the scale and sophistication of attacks by seasoned cybercriminals. This paper examines the evolving relationship between...
When Security Meets Usability: An Empirical Investigation of Post-Quantum Cryptography APIs
Advances in quantum computing increasingly threaten the security and privacy of data protected by current cryptosystems, particularly those relying on public-key cryptography. In response, the international cybersecurity community has prioritized the implementation of Post-Quantum Cryptography PQ...
Systematic Review of Lightweight Cryptographic Algorithms
The emergence of small computing devices and the integration of processing units into everyday objects has made lightweight cryptography an essential part of the security landscape. Conventional cryptographic algorithms such as AES, RSA, and DES are unsuitable for resource-constrained devices due...
OpenSSL 3.x QUIC Initial Packet Builder / Sender
This script is a proof of concept QUIC client that constructs fully encrypted initial packets with header protection. It can be used for testing or fuzzing QUIC/TLS 1.3 implementations. The script constructs and sends a cryptographically valid QUIC Initial packet over UDP. It simulates a QUIC...
Stegano 2.2.0
Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit LSB technique. It is possible to use a more advanced LSB method based on integers sets. The sets Sieve of...
A Trajectory-Based Safety Audit of Clawdbot (OpenClaw)
Clawdbot is a self-hosted, tool-using personal AI agent with a broad action space spanning local execution and web-mediated workflows, which raises heightened safety and security concerns under ambiguity and adversarial steering. We present a trajectory-centric evaluation of Clawdbot across six...
Toward a Military Smart Cyber Situational Awareness (CSA)
The development of technology across multiple sectors and the growing importance of cyber warfare make the development of Cyber Situational Awareness CSA a fundamental component of any cyber defense strategy. CSA, as a practice, enables understanding of the current landscape within an organizatio...
From SFT to RL: Demystifying the Post-Training Pipeline for LLM-Based Vulnerability Detection
The integration of LLMs into vulnerability detection VD has shifted the field toward interpretable and context-aware analysis. While post-training methods have shown promise in general coding tasks, their systematic application to VD remains underexplored. In this paper, we present the first...
AXE: An Agentic EXploit Engine for Confirming Zero-Day Vulnerability Reports
Vulnerability detection tools are widely adopted in software projects, yet they often overwhelm maintainers with false positives and non-actionable reports. Automated exploitation systems can help validate these reports; however, existing approaches typically operate in isolation from detection...
The Baby Steps of the European Union Vulnerability Database: An Empirical Inquiry
A new European Union Vulnerability Database EUVD was introduced via a legislative act in 2022. The paper examines empirically the meta-data content of the new EUVD. According to the results, actively exploited vulnerabilities archived to the EUVD have been rather severe, having had also high...
Applying Public Health Systematic Approaches to Cybersecurity: The Economics of Collective Defense
The U.S. public health system increased life expectancy by more than 30 years since 1900 through systematic data collection, evidence-based intervention, and coordinated response. This paper examines whether cybersecurity can benefit from similar organizational principles. We find that both domai...
Assessing Cybersecurity Risks and Traffic Impact in Connected Autonomous Vehicles
Given the promising future of autonomous vehicles, it is foreseeable that self-driving cars will soon emerge as the predominant mode of transportation. While autonomous vehicles offer enhanced efficiency, they remain vulnerable to external attacks. In this research, we sought to investigate the...
A Real-Time Approach to Autonomous CAN Bus Reverse Engineering
This paper introduces a real-time method for reverse engineering a vehicle's CAN bus without prior knowledge of the vehicle or its CAN system. By comparing inertial measurement and CAN data during significant vehicle events, the method accurately identified the CAN channels associated with the...
The Rise of AI Agent Communities: Large-Scale Analysis of Discourse and Interaction on Moltbook
Moltbook is a Reddit-like social platform where AI agents create posts and interact with other agents through comments and replies, offering a real-world setting to examine agent-to-agent communication at scale. Using a public API snapshot collected about five days after launch 122,438 posts, we...
Web Application Security Developer Training Guide
This guide gives a thorough overview of 34 web application vulnerabilities with descriptions of the issues, PHP examples of vulnerable code, exploit methodologies, and remediation strategies...
Execution-State-Aware LLM Reasoning for Automated Proof-Of-Vulnerability Generation
Proof-of-Vulnerability PoV generation is a critical task in software security, serving as a cornerstone for vulnerability validation, false positive reduction, and patch verification. While directed fuzzing effectively drives path exploration, satisfying complex semantic constraints remains a...
Cryptographic Choreographies
We present CryptoChoreo, a choreography language for the specification of cryptographic protocols. Choreographies can be regarded as an extension of Alice-and-Bob notation, providing an intuitive high-level view of the protocol as a whole rather than specifying each protocol role in isolation. Th...
Backdoor Attacks on Contrastive Continual Learning for IoT Systems
The Internet of Things IoT systems increasingly depend on continual learning to adapt to non-stationary environments. These environments can include factors such as sensor drift, changing user behavior, device aging, and adversarial dynamics. Contrastive continual learning CCL combines contrastiv...
Assessing Spear-Phishing Website Generation in Large Language Model Coding Agents
Large Language Models are expanding beyond being a tool humans use and into independent agents that can observe an environment, reason about solutions to problems, make changes that impact those environments, and understand how their actions impacted their environment. One of the most common...
pgAdmin 4 Multi‑Target Vulnerability Scanner
This project is a PHP‑based multi‑target vulnerability scanner designed to identify potential exposure to CVE‑2025‑13780 affecting pgAdmin 4 versions 8.14 and below. The tool operates as a heuristic / threat‑intelligence scanner, not an exploit...
In-Context Autonomous Network Incident Response: An End-To-End Large Language Model Agent Approach
Rapidly evolving cyberattacks demand incident response systems that can autonomously learn and adapt to changing threats. Prior work has extensively explored the reinforcement learning approach, which involves learning response strategies through extensive simulation of the incident. While this...
Sparse Autoencoders Are Capable LLM Jailbreak Mitigators
Jailbreak attacks remain a persistent threat to large language model safety. We propose Context-Conditioned Delta Steering CC-Delta, an SAE-based defense that identifies jailbreak-relevant sparse features by comparing token-level representations of the same harmful request with and without...
LoRA-Based Parameter-Efficient LLMs for Continuous Learning in Edge-Based Malware Detection
The proliferation of edge devices has created an urgent need for security solutions capable of detecting malware in real time while operating under strict computational and memory constraints. Recently, Large Language Models LLMs have demonstrated remarkable capabilities in recognizing complex...
DRAMatic Speedup: Accelerating HE Operations on a Processing-In-Memory System
Homomorphic encryption HE is a promising technology for confidential cloud computing, as it allows computations on encrypted data. However, HE is computationally expensive and often memory-bound on conventional computer architectures. Processing-in-Memory PIM is an alternative hardware architectu...
Favia: Forensic Agent for Vulnerability-Fix Identification and Analysis
Identifying vulnerability-fixing commits corresponding to disclosed CVEs is essential for secure software maintenance but remains challenging at scale, as large repositories contain millions of commits of which only a small fraction address security issues. Existing automated approaches, includin...
Unknown Attack Detection in IoT Networks Using Large Language Models: A Robust, Data-Efficient Approach
The rapid evolution of cyberattacks continues to drive the emergence of unknown zero-day threats, posing significant challenges for network intrusion detection systems in Internet of Things IoT networks. Existing machine learning and deep learning approaches typically rely on large labeled...
Tracking the Trackers: Commercial Surveillance Occurring on U.S. Army Networks
Despite current security implementations, Internet activity on DoD networks is susceptible to web trackers and commercial data collection, which have the potential to expose information about service members and unit operations. This report documents the outcomes of a study to characterize web...
TestSSL 3.2.3
testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in pure bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets...
Nikto Web Scanner 2.6.0
Nikto is an Open Source GPL web server scanner which performs comprehensive tests against web servers for multiple items, including thousands of potentially dangerous files/programs, checks for outdated versions of over 1500 server components, and version specific problems on hundreds of servers...
An Empirical Study of the Imbalance Issue in Software Vulnerability Detection
Vulnerability detection is crucial to protect software security. Nowadays, deep learning DL is the most promising technique to automate this detection task, leveraging its superior ability to extract patterns and representations within extensive code volumes. Despite its promise, DL-based...
Verifiable Provenance of Software Artifacts with Zero-Knowledge Compilation
Verifying that a compiled binary originates from its claimed source code is a fundamental security requirement, called source code provenance. Achieving verifiable source code provenance in practice remains challenging. The most popular technique, called reproducible builds, requires difficult...
Automatic Simplification of Common Vulnerabilities and Exposures Descriptions
Understanding cyber security is increasingly important for individuals and organizations. However, a lot of information related to cyber security can be difficult to understand to those not familiar with the topic. In this study, we focus on investigating how large language models LLMs could be...
Resource-Aware Deployment Optimization for Collaborative Intrusion Detection in Layered Networks
Collaborative Intrusion Detection Systems CIDS are increasingly adopted to counter cyberattacks, as their collaborative nature enables them to adapt to diverse scenarios across heterogeneous environments. As distributed critical infrastructure operates in rapidly evolving environments, such as...
Lightweight Cluster-Based Federated Learning for Intrusion Detection in Heterogeneous IoT Networks
The rise of heterogeneous Internet of Things IoT devices has raised security concerns due to their vulnerability to cyberattacks. Intrusion Detection Systems IDS are crucial in addressing these threats. Federated Learning FL offers a privacy-preserving solution, but IoT heterogeneity and limited...