IEEE

Automated Penetration Testing Architecture Using Metasploit and OWASP ZAP for Web Applications

Abstract: This research study introduces an innovative approach to fortify web application security through the utilization of automated penetration testing architecture. While leveraging the robust ...

The Real-World Attacks Behind OWASP Agentic AI Top 10

OWASP's new Agentic AI Top 10 highlights real-world attacks already targeting autonomous AI systems, from goal hijacking to ...
GitHub

OWASP/www-project-csrfguard

Welcome to the home of the OWASP CSRFGuard Project! OWASP CSRFGuard is a library that implements a variant of the synchronizer token pattern to mitigate the risk of Cross-Site Request Forgery (CSRF) ...
IEEE

IEEE Communications Surveys and Tutorials

Abstract: I welcome you to the fourth issue of the IEEE Communications Surveys and Tutorials in 2021. This issue includes 23 papers covering different aspects of communication networks. In particular, ...
TechRepublic

OWASP Drops First AI Agent Risk List

These aren't simple chatbots anymore—these AI agents access data and tools and carry out tasks, making them infinitely more capable and dangerous. Image: Envato After months of organizations deploying ...
GitHub

Hunt every Endpoint in your code, expose Shadow APIs, map the Attack Surface.

Noir bridges the gap between SAST and DAST by analyzing source code to generate accurate, authenticated endpoint inventories. It detects what others miss: shadow APIs, deprecated endpoints, and hidden ...