
Vulnsy - Pentest Reporting Platform for Security Teams
Vulnsy是为安全团队提供的渗透测试报告平台,可10倍快速交付客户报告。
@TurvSec · X
完整作品展
技术栈
60 projects

Vulnsy是为安全团队提供的渗透测试报告平台,可10倍快速交付客户报告。
@TurvSec · X

用对抗测试检查LLM端点安全,获取OWASP审计报告。
@aryaan_sheth · X
- LLM security for small teams

用于组织重要文件和与家人分享访问权限的安全保险库。
@DwivediNitil · X
Go physical to digital

将CVE漏洞数据转换为机器可读风险信号,供AI代理和自动化系统使用。
robert_marshall5 · Product Hunt
attestd CVE and supply chain risk signals for autonomous AI agents.

用Semfora分析代码库结构,发现变更中的风险。
u/jeremyStover · Reddit
My second paying customer bought a full year subscription. I have mentioned https://semfora.ai before, here and there on Reddit. I haven't talked much about what it really provides. I was hoping to drive up some organic traffic, from people that had the motivation to dig past the beta. Stupid idea, but now that we have passed pen tests and hit the minimum requirements check list for security audits, (see other threads about that) we opened up the beta to everyone. Two days after that(

上传代码让 VibeGuard AI 自动检测安全风险。
@POONAMSING9999 · X
Forget this fight. The problem in AI is vibe coding security risk so i made vibe Guard ai that analysis user code and found out security risks. For the sake of humanity, to solve a painful problem I made this It had free version try now

Tako 在 60 秒内扫描网页应用,发现泄露密钥和开放数据库等安全漏洞。
@guhanvenkaty · X
Tako's free preview is live: Paste your URL, get a security verdict on your vibe-coded app in 60s. Not an AI wrapper: it fires real requests and PROVES exposure, pulling data from your open DB with no login. Scanning puts you on the early-access waitlist.

VibeGuard AI — 分析代码安全漏洞,检查代码是否安全。
@POONAMSING9999 · X
Technology is getting better everyday so the vibe coding but still people loosing money.🚀 Around 62% of vibecode is unsecure. I made VibeGuard that analysis code and check whether it is safe,ready to go,every error and what it can cause, many more...

为团队和应用安全管理密钥与环境变量。
@radimhfer · X
i'm founder of Stashbase, designed to help builders

探索2020年以来的CVE趋势和漏洞严重性,按报告组织分类。
u/Secret_Appeal6271 · Reddit
Agents are more capable, and susceptible to exploits, than ever. We're working to stop this from hurting users. AI agents are starting to get real access like GitHub tokens, cloud credentials, customer data, deploy permissions. Not coincidentally, the rate of major cybersecurity incidents is rising rapidly. See for yourself: https://epoch.ai/data/cve?view=graph https://genai.owasp.org/resource/state-of-agentic-ai-security-and-governance/ My friend and I, both AI researchers, are working o

VibeLint 为 AI 代理提供代码检查、权限控制和审批工作流。
@RElharrak39428 · X

为网络设备自动备份配置并用E2EE端到端加密保护。
Willdom1986 · V2EX
多年前考过 CCNP 网络工程师,以前有一个很头疼的地方就是网络设备配置丢失引发的各种故障。后来越发觉得,网络设备的配置实际上是一个非常关键的数字资产。 为此,我利用周末时间开发了 XConf ( https://xconf.ai) 来解决这个问题。 产品主要就是想解决两个问题:**自动化的灾备高可用**,以及**端到端的安全**。 * **自动备份与灾备**:支持将配置定时备份到云端。如果网络断连了,探针会自动在本地离线队列里暂存配置,等连接恢复后自动重传。 * **端到端加密**:本地的 Go 探针是完全开源的,会自动在内存中对密码进行流式脱敏,并在上传前通过 AES-256-GCM 在本地加密。SaaS 后台拿到的只有密文,解密和版本比对( Diff )都完全在你的浏览器本地沙盒里通过 WebCrypto API 进行。 * **打磨版的配置对比 Diff**:我花了一些功夫打磨了浏览器端的配置版本对比功能,力求让日常比对的交互体验足够丝滑。 * **AI 安全基线审查**:系统集成了 AI 辅助的安全基线审查,可以一键检查和分析配置中的潜在风险。 因为目前完全是我利用业余时间(主要在周末)维护,所以确实没精力提供工作日的在线即时客服。大家使用过程中遇到任何 Bug ,欢迎随时去 GitHub 提 Issue ,我会在周末集中修复和跟进。 目前公测已开放,不需要邀请码即可注册,欢迎大家体验吐槽。 探针 agent 开源地址: https://github.com/willdom-lee/xconf-agent 官方网站: https://xconf.ai