AI, AI, SSRF-XSLT!
🤖 Building the Leading Open-Source Pentesting Agent: Architecture Lessons from XBOW Benchmark
The latest write-up on how to build an open-source pentesting agent: https://medium.com/data-science-collective/building-the-leading-open-source-pentesting-agent-architecture-lessons-from-xbow-benchmark-f6874f932ca4
🤖 Introducing CodeMender: an AI agent for code security
What if, instead of searching for vulnerabilities, we use AI to rewrite and harden existing code? Let’s flip the premise: https://deepmind.google/discover/blog/introducing-codemender-an-ai-agent-for-code-security/
⛓️ Well, Well, Well. It’s Another Day. (Oracle E-Business Suite Pre-Auth RCE Chain - CVE-2025-61882)
A great vulnerability chain mixing SSRF and XSLT: https://labs.watchtowr.com/well-well-well-its-another-day-oracle-e-business-suite-pre-auth-rce-chain-cve-2025-61882well-well-well-its-another-day-oracle-e-business-suite-pre-auth-rce-chain-cve-2025-61882/
Written by PentesterLab
The platform to learn web hacking and security code review
Related Blog Post