ProjectDiscovery

Most vuln scanning tools still grade you on "is it the latest version?", which is how you end up with PDFs full of "critical" maybes and a frustrated engineering team. We take a different path: validate exploitability at runtime and get to yes/no instead of maybe. projectdiscovery.io/blog/from-de...

09.10.2025 13:47 — 👍 0    🔁 0    💬 0    📌 0

Remote Code Execution in DELMIA Apriso — ProjectDiscovery Blog Introduction DELMIA Apriso is a manufacturing execution and operations orchestration platform used by large manufacturers, service providers, and critical infrastructure operators. Because the produc...

We dug into DELMIA Apriso & found more than we expected.
A deserialization flaw (CVE-2025-5086) let us turn a SOAP request into full RCE.

Read the research 👉 projectdiscovery.io/blog/remote-...

Patch ASAP; we’ve included a Nuclei template for easy scanning.

#BugBounty #RCE #manufacturing

24.09.2025 13:01 — 👍 0    🔁 0    💬 0    📌 0

Stop running Subfinder, Nuclei, HTTPX “out of the box”

In this walkthrough we:
• Build a VPS recon box
• Install & manage all PD tools w/ Go installer
• Chain Subfinder → AlterX → DNSX → Naboo → HTTPX → Katana
• Move from automation → methodology

Watch: www.youtube.com/watch?v=evyx...

23.09.2025 19:17 — 👍 1    🔁 1    💬 0    📌 0

The Coverage Lie: Why current vulnerability scanners fail to stop breaches

Only ~6% of CVEs are ever exploited… yet scanners still flood teams with endless alerts.
More signatures ≠ more security. They guess. We validate.
Curious what actually matters? Check out our latest blog: The Coverage Lie 👉 projectdiscovery.io/blog/why-cur...

03.09.2025 20:43 — 👍 1    🔁 1    💬 1    📌 0