漏洞挖掘
24
diff整个linux文件系统定位漏洞代码
Rhabdomancer:ghidra脚本,用于漏洞研究
CVE-2022-26258复现:Dlink-RCE
个人信息搜集
各种类型上传文件打出XSS
文件上传之上传cs服务器
控制台打出XSS
水平越权
构造URL参数尝试未授权
爆破hash密码
若依
自动化批量注入
针对后台功能点进行挖掘
逻辑漏洞之垂直越权水平越权未授权
CNVD通杀 SQL注入
CSV注入
CNVD通杀垂直越权
Swagger
api接口导致各种漏洞(sql盲注、报错注入等)
Druid monitor页面渗透
Nacost通过文件打出getshell
fuzz到sql注入
springboot
Webpack利用
Report
15
AI时代下弄潮儿的思考-- 避免变成“AI 驱动的低水平勤奋”
Paper Writing Skills
2026-Pwn2Own
腾讯第二界agent漏挖
The formexeCommand function in Tenda's i12 product has a stack overflow
The formwrlSSIDget function in Tenda's i12 product has a stack overflow
The formWifiMacFilterGet function in Tenda's i12 product has a buffer overflow
cve2-FH1202-bufferoverflow
cve-FH1202-bufferoverflow
cve3-FH1202-bufferoverflow
AIxCC总览
AIXCC-ButterCup项目详解
微软:Analyzing open-source bootloaders _ Finding vulnerability faster with AI
谷歌:AI for sec
CVE-2024-4820
Papers
12
GRAPHMIND_ LLMS AS DYNAMIC KNOWLEDGE BUILDERS FOR SEQUENTIAL DECISION-MAKING
Skills-SD_ Skill-Conditioned Self-Distillation for multi-turn LLM Agents
SYMPHONY_ Synergistic Multi-agent Planning with Heterogeneous Language Model Assembly
ATT&CK to CVE_ A Large-Scale Automated Knowledge Graph for Threat Intelligence
LLM-BASED MULTI-AGENT BLACKBOARD SYSTEM FOR INFORMATION DISCOVERY IN DATA SCIENCE
KRYSTAL_ Knowledge graph-based framework for tactical attackdiscovery in audit data
REPOGRAPH:Enhancing AI software engineering with repository-level code graph
Can LLM Prompting Serve as a Proxy for Static Analysis in Vulnerability Detection
Repository-Level Graph Representation Learning for Enhanced Security Patch Detection
THINK-ON-GRAPH DEEP AND RESPONSIBLE REASON-ING OF LARGE LANGUAGE MODEL ON KNOWLEDGEGRAPH
Toward a Knowledge Graph of Cybersecurity Countermeasures
Compiler