Alaid TechThread
@offensive_thread
676 subscribers
6 photos
1 video
84 files
1.32K links
Vulnerability discovery, threat intelligence, reverse engineering, AppSec
Download Telegram
About
Blog
Apps
Platform
Join
Alaid TechThread
676 subscribers
Alaid TechThread
Alaid TechThread
1 октября пройдет VK Security Confab. В продолжение доклада с OffZone про атакующих агентов в гостях у VK инженер из нашей команды Руслан углубится в анализ API-контрактов средствами AI-агентов. Успехи, факапы и полученный опыт — будем рады со всеми поделиться.…
OAS Presentation (Public).pdf
9.2 MB
Презентация Руслана
#ProSecA
🔥9👍1
459 viewsedited  
Alaid TechThread
A Security Engineer's Guide to MCP

https://semgrep.dev/blog/2025/a-security-engineers-guide-to-mcp/
Semgrep
A Security Engineer's Guide to MCP
MCP is quickly becoming the API standard for AI coding agents. That means new attack surfaces — and security engineers need to know how to test them safely.
411
1.2K views
Alaid TechThread
BINARY DIFF SUMMARIZATION USING LARGE LANGUAGE MODELS

https://arxiv.org/pdf/2509.23970
🔥1111
382 viewsedited  
Alaid TechThread
DynamiQ: Unlocking the Potential of Dynamic Task Allocation in Parallel Fuzzing

https://arxiv.org/pdf/2510.04469
272 views
Alaid TechThread
Oops! It's a kernel stack use-after-free: Exploiting NVIDIA's GPU Linux drivers


https://blog.quarkslab.com/nvidia_gpu_kernel_vmalloc_exploit.html
Quarkslab
Oops! It's a kernel stack use-after-free: Exploiting NVIDIA's GPU Linux drivers - Quarkslab's blog
This article details two bugs discovered in the NVIDIA Linux Open GPU Kernel Modules and demonstrates how they can be exploited. The bugs can be triggered by an attacker controlling a local unprivileged process. Their security implications were confirmed…
313 views
Alaid TechThread
A2AS: Standard for Agentic AI Security

Framework for Behavior Certification and Runtime Security
For LLM Models and Agent-to-Agent Security
Similar to How HTTPS Secures HTTP

https://www.a2as.org
A2AS Framework
A2AS | Agent-to-Agent Security | Agentic AI Security Framework
A2AS Framework is the emerging practical standard for agentic behavior certification, context window integrity, and AI runtime security. The A2AS project, research, and development is led by Eugene Neelou with collaborators from AWS, ByteDance, Cisco, Elastic…
👍2
542 views
Alaid TechThread
Introducing HoneyBee: How We Automate Honeypot Deployment for Threat Research

https://www.wiz.io/blog/honeybee-threat-research
wiz.io
HoneyBee: Automating Honeypots for Modern Threat Research | Wiz Blog
Wiz researchers use HoneyBee to build and monitor misconfigured environments safely—gaining insights that power stronger detections.
539 views
Alaid TechThread
When “Correct” Is Not Safe: Can We Trust Functionally Correct Patches Generated by Code Agents?

https://arxiv.org/pdf/2510.17862
478 views
Alaid TechThread
MCPGuard : Automatically Detecting Vulnerabilities in MCP Servers

https://arxiv.org/pdf/2510.23673
🔥2
518 views
Alaid TechThread
1762786466397.pdf
7.5 MB
AI for AppSec and Offensive Security:
From Automation to Autonomy
👍2👎11
395 views
Alaid TechThread
O(N) the Money: Scaling Vulnerability Research with LLMs

https://noperator.dev/posts/on-the-money/
noperator.dev
O(N) the Money: Scaling Vulnerability Research with LLMs
Let’s go back to the basics and consider a very simple goal: What if we could find and fix all the vulnerabilities in open source software? This is a pretty ambitious goal, admittedly, but…
3
156 views
Alaid TechThread
Offensive AI Con Deck.pdf
11.5 MB
Cyber AutoAgent:Scaling agentic
architectures for autonomous
security testing
🔥2
153 viewsedited  
Alaid TechThread
Alaid TechThread
Offensive AI Con Deck.pdf
Больше слайдов с Offensive AI Con 2025 - https://github.com/Offensive-AI-Con/OAIC-2025/tree/main

Пока самая интересная конфа по теме
GitHub
GitHub - Offensive-AI-Con/OAIC-2025: Offensive AI Con 2025 Media Repository
Offensive AI Con 2025 Media Repository. Contribute to Offensive-AI-Con/OAIC-2025 development by creating an account on GitHub.
1👍4🔥3
268 viewsedited