AI Agent using a Burp-style toolkit over MCP
开源AI渗透测试Agent,借MCP协议驱动浏览器,在Natas等挑战中达成87%成功率,安全从业者的新利器。
Article URL: https://github.com/io-tl/mulot Comments URL: https://news.ycombinator.com/item?id=48816588 Points: 1 # Comments: 0
开源AI渗透测试Agent,借MCP协议驱动浏览器,在Natas等挑战中达成87%成功率,安全从业者的新利器。
Article URL: https://github.com/io-tl/mulot Comments URL: https://news.ycombinator.com/item?id=48816588 Points: 1 # Comments: 0
一款可直接在目标嵌入式Linux设备运行的静态C二进制安全审计工具,零依赖、全功能覆盖U-Boot与TPM2.0。
I just shipped a major new feature to my embedded linux auditing tool - the ability to audit the kernel on embedded hosts. The agent that runs on the …
解耦侦察与利用,精准测量LLM在渗透测试中的真实能力边界。
arXiv:2606.25332v1 Announce Type: cross Abstract: Large Language Models (LLMs) have shown promise for automated penetration testing, yet existing end-…
专为AI代理与MCP服务器打造的安全测试工具,类似Burp Suite的渗透利器。
Article URL: https://github.com/agentsploit/agentsploit Comments URL: https://news.ycombinator.com/item?id=48460764 Points: 2 # Comments: 0
开源Python工具,自动检测PCAP中的C2信标、数据泄露等多类攻击行为。
Python PCAP analyzer Comments URL: https://news.ycombinator.com/item?id=48383199 Points: 1 # Comments: 0
400次重复实验揭示:大模型做黑客竟如此「不稳定」?首个LLM渗透测试一致性量化研究。
arXiv:2605.30096v1 Announce Type: cross Abstract: Large language models (LLMs) can autonomously conduct multi-stage cyber attacks, but the consistency…
一键将 Android 应用 TCP 流量转发到 HTTP 代理,渗透测试与调试利器!
Article URL: https://github.com/lc-at/atproxy Comments URL: https://news.ycombinator.com/item?id=48276525 Points: 1 # Comments: 0
AI代理在12分钟内攻破裸机供应链容器,展示了自主渗透测试的惊人效率与安全隐患
Article URL: https://dennysentinel.com/blog/deepseek-owned-supply-chain-12-minutes/ Comments URL: https://news.ycombinator.com/item?id=48247425 Points…
揭秘AI渗透测试:用LLM代理和开源工具突破WAF防线,发现银行等高危漏洞的真实案例。
In my day job, I run AI pentest agents against real targets like banks, fintechs, and secured production stacks with paid WAFs. I also deal with multi…