Tag
ArgusRed is a CLI tool that uses a post-trained AI model to perform security scanning and penetration testing on codebases, outputting detailed markdown reports. It offers two modes: security scan (read-only) and pen test (active exploits) with optional exploit verification.
Darkmoon is an autonomous penetration testing platform.
A detailed technical guide on discovering and exploiting misconfigured IIS servers for bug bounty hunting, covering techniques like Shodan queries, tilde enumeration, web.config exploitation, and WAF bypass.
The author built a vulnerable React Native app to test if LLMs could exploit a common Firebase misconfiguration, finding that only a few models (GPT 5.5, Deepseek V4 Pro, Claude Sonnet 4.6, Claude Opus 4-8) succeeded, with GPT 5.5 having the highest solve rate.
Astra Security launches an autonomous pentest product that uses AI agents to find, validate, and fix vulnerabilities automatically.
After four years of self-study, the author published a comprehensive guide to offline password cracking using Hashcat, sharing techniques and workflows for penetration testers and security enthusiasts.
Mezz is a self-contained WiFi sandbox tool for inspecting IoT device traffic, providing an isolated network with DNS logging and optional MITM proxy, all deployable via Docker on a Linux host with AP-capable WiFi.
Cairn is an open-source, general-purpose problem-solving engine that uses state-space search for autonomous AI penetration testing, built on a blackboard architecture with fact-intent graphs.
Mythos releases a new checkpoint that can complete a 32-step corporate network attack in 6 out of 10 attempts, compared to ~20 hours for a human expert.
The Hermes Agent ecosystem welcomes multiple community updates, including Kali penetration testing skills, dark theme dashboard, pixel metaverse bridge, AIOps operations, and video creation pipeline, showcasing new capabilities of AI Agents in security testing and automated operations.