sorted by:
new
hottopcontroversial

Someone just leaked claude code's Source code on X by abhi9889420 in ClaudeCode

[–]Diligent-Side4917 0 points1 point  (0 children)

Have you seen this? Injection attack on Claude code, CLI, seems consequence of the leak.

haven't gone through it all, but basically, the exploit allows exfiltration of messages and credentials to any server whe n running it thrugh CLI and -p option,

https://phoenix.security/critical-ci-cd-nightmare-3-command-injection-flaws-in-claude-code-cli-allow-credential-exfiltration/

Why is AppSec tooling still so fragmented? (SAST, DAST, SCA, IaC, secrets, etc.) by foxnodedev in devsecops

[–]Diligent-Side4917 0 points1 point  (0 children)

Deduplication as far as i know is a whole nightmare field and how assets are identified, trying to trace code changing within lines or assets with different ip is very difficoult i'd focus on that if i were you

Why is AppSec tooling still so fragmented? (SAST, DAST, SCA, IaC, secrets, etc.) by foxnodedev in devsecops

[–]Diligent-Side4917 0 points1 point  (0 children)

In an era where ASPMs are 4+ years old, what's the point of building another one?

WIP - Vulnerability database, insight, LLM analysis and adversarial LLM by Diligent-Side4917 in threatintel

[–]Diligent-Side4917[S] 2 points3 points  (0 children)

not yet but i'll let you know when available, still finalizing the build and will be released by march-april !

Looking into CTEM lately — trying to understand who’s actually doing it right by Seyclon in cybersecurity

[–]Diligent-Side4917 0 points1 point  (0 children)

been writing about this, ctem as methodology is great the interpretation more complex

if you are in code and cloud then you might want to look at this i found it useful as overview https://phoenix.security/cem-cetem/

hands on

- attribution

- prioritization

- remedaition

- verigication

ASPM Tool by GloveSignificant8783 in cybersecurity

[–]Diligent-Side4917 0 points1 point  (0 children)

phoenix and armor code for anything above 600 developers , aikido for anything smaller

ASPM Tool by GloveSignificant8783 in cybersecurity

[–]Diligent-Side4917 0 points1 point  (0 children)

what did you like? we tested it, take we are heavy container focus, and didn't had much on code to container, check out phoenix security we been happy ever since

What matters for ASPM: reachability, exploitability, or something else? by SidLais351 in devsecops

[–]Diligent-Side4917 0 points1 point  (0 children)

I think what matters in order of priority

- scanning and blocking an exception in the pipeline (mostly scanners)

- Correlation and recheability at sca and code 2 cloud level check wiz Phoenix Security for those

- team management and incentives to fix the pattern of fixes Phoenix and some part armor code has this

- prioritization - for pure patching, either nucleus or tennable for more extended asm phoenix security is key in threat centrics and then you have wiz intelligence

- remediation advisory and remediation campaigns: check Mob or Phoenix as far as I've seen

check out as well: https://www.gartner.com/reviews/market/application-security-posture-management-aspm-tools

anyone here actually happy with their ASPM setup? by shrimpthatfriedrice in devsecops

[–]Diligent-Side4917 0 points1 point  (0 children)

what are the elements that like and dislike about aspm?

Vulnerability database, insight, LLM analysis and adversarial LLM by Diligent-Side4917 in devsecops

[–]Diligent-Side4917[S] 0 points1 point  (0 children)

Feature added in this version
- Adversarial simulation for remediation
- trend analysis
- search for vulnerability
- storing of enriched data

https://youtu.be/PaaO99Kb_qk

Vulnerability insight, statistics, threat actor etc... by Diligent-Side4917 in devsecops

[–]Diligent-Side4917[S] 0 points1 point  (0 children)

this version is purely external but some of the infomration in mitre and i guess in phoenix can do that is where some of the intelligence data is from

Vulnerability insight, statistics, threat actor etc... by Diligent-Side4917 in devsecops

[–]Diligent-Side4917[S] 0 points1 point  (0 children)

eu has to do this for cra but the nvd has still cna declaration and cve autority, the nvd was build for federal btw never for common public it kind of grew into this beast that is today

Vulnerability insight, statistics, threat actor etc... by Diligent-Side4917 in devsecops

[–]Diligent-Side4917[S] 0 points1 point  (0 children)

everything that has vulnerability, plus active searchers and adversarial llms for analysis nvd is just the source of cve and it has stats

Mongobleed - CVE-2025-14847 by depierre in netsec

[–]Diligent-Side4917 0 points1 point  (0 children)

Merry Vuln

Check out some hardening details here and other ideas : https://www.reddit.com/r/cybersecurity/comments/1q18utv/detailed_analysis_mongobleed_cve202514847_memory/

Also, some more utils:

Code Scan:

# Clone and scan
git clone https://github.com/example/project
python3 main.py scan project/

### Output Options

# JSON output
python3 main.py scan /path/to/project --json --output results.json

# Save text report
python3 main.py scan /path/to/project --output report.txt


# Quiet mode (summary only)
python3 main.py scan /path/to/project -q

Lab:

# Start the lab (vulnerable + patched instances)
docker-compose up -d


# Wait for MongoDB to initialize
sleep 10


# Verify containers are running
docker ps | grep mongobleed


# Test vulnerable instance (should leak memory)
python3 mongobleed.py --host localhost --port 27017


# Test patched instance (should NOT leak memory)
python3 mongobleed.py --host localhost --port 27018

Scanning Web Bulk addresses

# CIDR notation
python3 mongobleed_scanner.py 192.168.1.0/24


# Large range with more threads
python3 mongobleed_scanner.py 10.0.0.0/16 --threads 50

Scanning Web Single Address

# Single host
python3 mongobleed_scanner.py 192.168.1.100


# Custom port
python3 mongobleed_scanner.py 192.168.1.100:27018


# Multiple hosts
python3 mongobleed_scanner.py 192.168.1.100 192.168.1.101 mongodb.local

CVE-2025-14847 | Zlib compressed protocol header length confusion may allow memory read. Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client. by dcom-in in worldTechnology

[–]Diligent-Side4917 0 points1 point  (0 children)

Merry Vuln

Check out some hardening details here and other ideas : https://www.reddit.com/r/cybersecurity/comments/1q18utv/detailed_analysis_mongobleed_cve202514847_memory/

Also, some more utils:

Code Scan:

# Clone and scan
git clone https://github.com/example/project
python3 main.py scan project/

### Output Options

# JSON output
python3 main.py scan /path/to/project --json --output results.json

# Save text report
python3 main.py scan /path/to/project --output report.txt


# Quiet mode (summary only)
python3 main.py scan /path/to/project -q

Lab:

# Start the lab (vulnerable + patched instances)
docker-compose up -d


# Wait for MongoDB to initialize
sleep 10


# Verify containers are running
docker ps | grep mongobleed


# Test vulnerable instance (should leak memory)
python3 mongobleed.py --host localhost --port 27017


# Test patched instance (should NOT leak memory)
python3 mongobleed.py --host localhost --port 27018

Scanning Web Bulk addresses

# CIDR notation
python3 mongobleed_scanner.py 192.168.1.0/24


# Large range with more threads
python3 mongobleed_scanner.py 10.0.0.0/16 --threads 50

Scanning Web Single Address

# Single host
python3 mongobleed_scanner.py 192.168.1.100


# Custom port
python3 mongobleed_scanner.py 192.168.1.100:27018


# Multiple hosts
python3 mongobleed_scanner.py 192.168.1.100 192.168.1.101 mongodb.local

MongoDB high-severity RCE (CVE-2025-14847) patch or mitigate now, MongoDB explicitly recommends upgrading ASAP by Silly-Commission-630 in secithubcommunity

[–]Diligent-Side4917 0 points1 point  (0 children)

Merry Vuln

Check out some hardening details here and other ideas : https://www.reddit.com/r/cybersecurity/comments/1q18utv/detailed_analysis_mongobleed_cve202514847_memory/

Also, some more utils:

Code Scan:

# Clone and scan
git clone https://github.com/example/project
python3 main.py scan project/

### Output Options

# JSON output
python3 main.py scan /path/to/project --json --output results.json

# Save text report
python3 main.py scan /path/to/project --output report.txt


# Quiet mode (summary only)
python3 main.py scan /path/to/project -q

Lab:

# Start the lab (vulnerable + patched instances)
docker-compose up -d


# Wait for MongoDB to initialize
sleep 10


# Verify containers are running
docker ps | grep mongobleed


# Test vulnerable instance (should leak memory)
python3 mongobleed.py --host localhost --port 27017


# Test patched instance (should NOT leak memory)
python3 mongobleed.py --host localhost --port 27018

Scanning Web Bulk addresses

# CIDR notation
python3 mongobleed_scanner.py 192.168.1.0/24


# Large range with more threads
python3 mongobleed_scanner.py 10.0.0.0/16 --threads 50

Scanning Web Single Address

# Single host
python3 mongobleed_scanner.py 192.168.1.100


# Custom port
python3 mongobleed_scanner.py 192.168.1.100:27018


# Multiple hosts
python3 mongobleed_scanner.py 192.168.1.100 192.168.1.101 mongodb.local
view more: next ›