Category: CyberPedia

Pentest Swarm AI Tool With Live Access to nmap, sqlmap, Burp, Metasploit, and Others Pentest Swarm AI is the first open-source autonomous penetration testing platform built on a swarm intelligence architecture, not just multiple agents firing in a fixed sequence. Developed by Armur AI, it gives security professionals live, coordinated access to the full offensive…

PyrsistenceSniper – Tool that Detects 117 Persistence Malware Techniques on Windows, Linux, and macOS PyrsistenceSniper is an advanced tool for detecting offline persistence, enabling cybersecurity analysts to identify 117 separate persistence mechanisms across Windows, Linux, and macOS platforms. Originally inspired by Autoruns and PersistenceSniper, this Python-based solution developed by Hexastrike enables rapid triage of forensic…

CVE MCP Server Turns Claude Into a Fully Capable Security Analyst With 27 Tools Across 21 APIs A new open-source project called CVE MCP Server is redefining how security teams triage vulnerabilities, transforming Anthropic’s Claude AI into a fully capable security analyst by giving it direct, correlated access to 27 intelligence tools spanning 21 external…

pentest-ai-agents – 28 Claude Code Subagents for Penetration Testing A new open-source toolkit called pentest-ai-agents is redefining how security professionals leverage AI in penetration testing workflows, transforming Anthropic’s Claude Code into a fully specialized offensive security research assistant powered by 28 domain-specific subagents. Released by security researcher 0xSteph on GitHub, pentest-ai-agents is a collection of…

METATRON – Open-Source AI Penetration Testing Assistant Brings Local LLM Analysis to Linux A new open-source penetration testing framework called METATRON is gaining attention in the security research community for its fully offline, AI-driven approach to vulnerability assessment. Built for Parrot OS and other Debian-based Linux distributions, METATRON combines automated reconnaissance tooling with a locally…

Apex – AI-Powered Pentester Attacks Apps in Black-Box Mode to Find Vulnerabilities Apex is an autonomous, AI-powered penetration testing agent designed to operate in black-box mode against live applications. It does not require access to source code, hints, or predefined attack paths. This enables it to discover, chain, and verify real-world vulnerabilities at the speed…

PentAGI – Automated AI-Powered Penetration Testing Tool that Integrates 20+ Security Tools PentAGI introduces an AI-driven approach to penetration testing, automating complex workflows with tools like Nmap and Metasploit while generating detailed reports. Developed by VXControl and released on GitHub in early 2025, this open-source platform empowers security professionals to conduct autonomous assessments in isolated…

PentestAgent – AI Penetration Testing Tool With Prebuilt Attack Playbooks and HexStrike Integration PentestAgent, an open-source AI agent framework from developer Masic (GH05TCREW), has introduced enhanced capabilities, including prebuilt attack playbooks and seamless HexStrike integration. Released on GitHub by a researcher with the alias GH05TCREW, this tool leverages large language models (LLMs) like Claude Sonnet…

New RecoverIt Tool Exploits Windows Service Failure Recovery Functions to Execute Payload A new open-source offensive security tool named “RecoverIt” has been released, offering Red Teamers and penetration testers a novel method for establishing persistence and executing lateral movement on compromised Windows systems. The tool, developed by security researcher TwoSevenOneT, weaponizes the built-in failure recovery…

AutoPentestX – Automated Penetration Testing Toolkit Designed for Linux systems AutoPentestX, an open-source automated penetration testing toolkit for Linux systems, enables comprehensive security assessments from a single command. Developed by Gowtham Darkseid and released in November 2025, it generates professional PDF reports while emphasizing safe, non-destructive testing. AutoPentestX targets Kali Linux, Ubuntu, and Debian-based distributions,…

Swarmer Tool Evading EDR With a Stealthy Modification on Windows Registry for Persistence Praetorian Inc. has publicly released Swarmer, a tool enabling low-privilege attackers to achieve stealthy Windows registry persistence by sidestepping Endpoint Detection and Response (EDR) monitoring. Deployed operationally since February 2025, Swarmer exploits mandatory user profiles and the obscure Offline Registry API to…

Argus – Python-powered Toolkit for Information Gathering and Reconnaissance Argus is a comprehensive Python-based toolkit designed for reconnaissance tasks in cybersecurity. The developers recently released version 2.0, expanding it to include 135 modules. This tool consolidates network analysis, web app scanning, and threat intelligence into one interface. Users access modules through an interactive CLI that…

Parrot 7.0 Released with New Penetration Testing and AI Tools Parrot OS 7.0, codenamed Echo, launches as a complete system rewrite based on Debian 13, bringing KDE Plasma 6, Wayland by default, and fresh penetration testing tools, including a dedicated AI category. This release emphasizes lightweight theming and community-driven spins, marking a pivotal update for…

YAMAGoya – Real-Time Threat Monitoring Tool Using Sigma and YARA Rules Modern cybersecurity faces an escalating challenge: fileless malware and obfuscation techniques increasingly bypass traditional file-based detection methods. To address this growing threat, JPCERT/CC has released YAMAGoya. This open-source threat hunting tool leverages industry-standard detection rules to identify suspicious activity in real time. YAMAGoya represents…

MAD-CAT Meow Attack Tool to Simulate Real-World Data Corruption Attacks MAD-CAT (Meow Attack Data Corruption Automation Tool) targets MongoDB, Elasticsearch, Cassandra, Redis, CouchDB, and Hadoop HDFS, exactly the systems hit in the original wave. This persistent threat inspired security researcher Karl Biron of Trustwave to create MAD-CAT, a Python-based tool for simulating these destructive campaigns…

October Sees Rise in Phishing and Ransomware Attacks, Including TyKit and Google Careers Scams October 2025 marked a notable escalation in cyber threats, with phishing campaigns and ransomware variants exploiting trusted cloud services to target corporate credentials and critical infrastructure. Attackers increasingly abused platforms like Google, Figma, and ClickUp for credential theft, while LockBit’s latest…

HydraPWK Penetration Testing OS With Necessary Hacking Tools and Simplified Interface The HydraPWK project’s latest Apes-T1 snapshot refines its penetration-testing Linux distribution by replacing Elasticsearch with the open-source OpenSearch, resolving licensing issues and enhancing tools for industrial security assessments. This update, released shortly after the major Apes version, highlights HydraPWK’s focus on compliance and usability,…

RealBlindingEDR Tool That Permanently Turns Off AV/EDR Using Kernel Callbacks An open-source tool called RealBlindingEDR enables attackers to blind, permanently disable, or terminate antivirus (AV) and endpoint detection and response (EDR) software by clearing critical kernel callbacks on Windows systems. Released on GitHub in late 2023, the utility leverages signed drivers for arbitrary memory read…

5 Immediate Steps to be Followed After Clicking on a Malicious Link Clicking on a malicious link can quickly turn your device into a security risk. Just seconds after clicking, your browser might start downloading malware, taking advantage of weaknesses, or sending you to fake websites that try to steal your personal information. The crucial…