A network communication blocker specifically designed to neutralize EDR/AV software by preventing their cloud connectivity using Windows Filtering Platform (WFP). This version focuses solely on network isolation without process termination. Blog

Through DefenseDroid, we tend to gift a machine learning-based system for the detection of malware on android devices. DefenseDroid will effectively identify, detect, categorize apps and safeguard android mobile devices from malicious apps thus avoiding any stealing or misuse of the user’s data by using an easy user interface. In our project, a code behavior signature-based malware detection framework mistreatment associate degree LSTM rule is planned, which might sight malicious code and their variants effectively in runtime and extend malware characteristics information dynamically.

advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug bounty automation, and security research. Seamlessly bridge LLMs with real-world offensive security capabilities. www.hexstrike.com/

This book bridges the gap between theoretical foundations and practical engineering, emphasizing the systems perspective required to build effective AI solutions. Unlike resources that focus primarily on algorithms and model architectures, this book highlights the broader context in which ML systems operate, including data engineering, model optimization, hardware-aware training, and inference acceleration

Imagine that the #CDN acts as a trusted proxy between you and the target web server (the "origin"). In this setup the origin server trusts requests coming from the CDN’s IP range, so it only accepts traffic that appears to come from the CDN. If you (the attacker) want to talk to the origin, you must route your request through the CDN. The CDN receives your request, filters and checks it (to ensure it isn’t flagged as malicious), then forwards it to the origin server.

Now imagine a scenario where you’ve found the origin’s IP, but direct communication won’t work, because the origin expects only requests coming from the CDN’s IP range. However, if you register an account with the same CDN provider, turn off the WAF in your account, and point your CDN configuration at that origin IP, then you can send requests via the CDN to the origin (WAF IS OFF!). Since the origin sees that the request appears to come from the CDN, it will accept it!

Windows win32kbase Type Confusion Local Privilege Escalation Vulnerability (CVSS 8.8). Pwn2Own Berlin 2025 winning bug. Blog

High-Level Attack Idea - AI Kill Chain + Demo

Burp Suite ext. for analyzing Next.js Server Actions - server-side functions identified by hash IDs and "Next-Action" headers

RCE in react-native-community/cli allows arbitrary OS commands via unsanitized input and exposed development server, requiring updates and secure configurations to mitigate

SilentButDeadly neutralizes EDR/AV by blocking their network access via WFP without terminating processes, enabling network isolation and preventing updates or telemetry

Projects for security students

Containers are an effective way to configure, deploy, and use Red Team tools

A community database, API and collaboration platform to help identify and protect against open source malware

AI-powered workflow automation and AI Agents for AppSec, Fuzzing & Offensive Security Official site