Tag

pentesting

Security

AI Pentest Engine Discovers Critical WebSocket BFLA in GraphQL Subscriptions

Ostorlab's AI Pentest Engine systematically uncovered a critical Broken Function-Level Authorization (BFLA) vulnerability in a GraphQL WebSocket endpoint, allowing unauthenticated access to a real-time translation service. This case study details the AI's step-by-step process, from discovery to proof-of-concept.

Image of Abderrahim Haddadi

Abderrahim Haddadi
Fri 26 December 2025

Security

AI Engine Triggers Account Takeover via API Version Confusion

Methodical analysis beats blind fuzzing as Ostorlab's AI engine discovers cross-version password ...

Mon 15 December 2025

Security

Automating Security Research: AI Engine Exploits Complex Blind Code Injection

Precision beats payload spray using Ostorlab's AI engine to systematically land RCE on Titiler an...

Thu 04 September 2025

Security

AI-Powered Pentesting: A Deep Dive into Android Intent Redirection

This article showcases Ostorlab's AI Pentest Engine's process for analyzing an Android applicatio...

Sun 31 August 2025