Giancarlo Pellegrino's Avatar

Giancarlo Pellegrino

@gianko.bsky.social

Faculty at CISPA.

150 Followers  |  71 Following  |  5 Posts  |  Joined: 11.12.2023  |  1.6627

Latest posts by gianko.bsky.social on Bluesky

Post image

Want to see it first-hand?
Find the source code at github.com/pixelindigo/...

25.02.2025 19:55 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image Post image Post image

YuraScanner can reach deep states of web applications that no scanner can. We tested on 20 web apps, manually validated its ability to discover and execute tasks, and discovered 12 zero-day XSS vulnerabilities.

25.02.2025 19:55 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Post image

YuraScanner is one of the first task-driven web application scanners powered by LLM that can autonomously discover workflows and execute them. No user traces or input are needed!

25.02.2025 19:55 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Post image

Don’t miss the YuraScanner presentation by Tim, today, session 2B β€œWeb Security” at NDSS β€˜25!

Our new scanner features LLM, XSS, and a pinch of 0-days. Read further to find out more!

25.02.2025 19:55 β€” πŸ‘ 3    πŸ” 2    πŸ’¬ 1    πŸ“Œ 0
Post image

We are making the source code of YuraScanner public: github.com/pixelindigo/...

We initially restricted it to prevent misuse (fake accounts, scraping). We re-eval risk-benefits with live tests. Defenses (CAPTCHA, MFA, etc.) are sufficient, thus we pushed the code to GitHub.

13.02.2025 10:54 β€” πŸ‘ 2    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
USENIX Security '25 Call for Papers

Please consider sending your awesome computer security & privacy papers to
USENIX Security
'25! The cycle 2 deadline is Jan 22 AoE. Remember that writing about research ethics and open science (sharing datasets, code, scripts, etc.) is required! usenix.org/conference/u...
@gianko.bsky.social

15.01.2025 03:22 β€” πŸ‘ 8    πŸ” 10    πŸ’¬ 0    πŸ“Œ 0

@gianko is following 19 prominent accounts