Want to see it first-hand?
Find the source code at github.com/pixelindigo/...
25.02.2025 19:55
π 1
π 0
π¬ 0
π 0
Want to see it first-hand?
Find the source code at github.com/pixelindigo/...
YuraScanner can reach deep states of web applications that no scanner can. We tested on 20 web apps, manually validated its ability to discover and execute tasks, and discovered 12 zero-day XSS vulnerabilities.
YuraScanner is one of the first task-driven web application scanners powered by LLM that can autonomously discover workflows and execute them. No user traces or input are needed!
Donβt miss the YuraScanner presentation by Tim, today, session 2B βWeb Securityβ at NDSS β25!
Our new scanner features LLM, XSS, and a pinch of 0-days. Read further to find out more!
We are making the source code of YuraScanner public: github.com/pixelindigo/...
We initially restricted it to prevent misuse (fake accounts, scraping). We re-eval risk-benefits with live tests. Defenses (CAPTCHA, MFA, etc.) are sufficient, thus we pushed the code to GitHub.
Please consider sending your awesome computer security & privacy papers to
USENIX Security
'25! The cycle 2 deadline is Jan 22 AoE. Remember that writing about research ethics and open science (sharing datasets, code, scripts, etc.) is required! usenix.org/conference/u...
@gianko.bsky.social