📢 Introducing Neo: a cloud-based AI security engineer for real-world security work. A framework for automated security workflows inside your environment, Neo owns workflows like vuln triage, feature reviews, pentesting, and continuous compliance. It learns your stack, remembers

Check out our Blog to learn more and explore the templates👇 https://t.co/XtWmRDyuzy

💡 The Solution: Our Nuclei Templates are designed to help you analyze CSP enforcement. Integrate them into your DAST workflows to assess how your security policies hold up against bypass attempts in real-world scenarios.

What's the danger? Attackers can execute unauthorized scripts (like XSS) or load malicious resources directly into your users' browsers, leading to data theft, session hijacking, or defacement. It turns your intended security measure into a false sense of safety.

You've implemented a Content Security Policy (CSP) for your web application – great! But here's the catch: a CSP bypass occurs when an attacker finds a way around those restrictions. This often stems from improperly configured CSP headers, leaving your app vulnerable. (🧵👇)

Need to quickly map a target's tech stack? 👀 This command combines subfinder, httpx, and nuclei to detect web technologies on live subdomains, giving you crucial insights for your next steps. subfinder -d target(.)com -silent | httpx | nuclei -t technologies/tech-detect).)yaml

Understanding a target's attack surface is crucial for a successful security assessment, but it requires a clear strategy.  Simply put, reconnaissance is a fundamental skill that every security professional needs to master. In this blog, we break down the core concepts of

Stop managing alerts. Start managing risk. That's the ProjectDiscovery promise. Visit our website to learn more👇 https://t.co/je3Ut7Lb7I

4️⃣ Accelerated Remediation: We automatically convert findings into rich tickets in Jira/GitHub/Linear, embedding the fix directly into developer workflows. Our Auto-Regressions feature closes the loop faster by automatically re-testing fixes.

3️⃣ Broadest Coverage: We go beyond CVEs. Our massive, community-driven library of Nuclei templates detects critical misconfigurations, exposed secrets, and logic flaws that traditional scanners miss.

2️⃣ Streamlined Prioritization: By validating exploitability, we eliminate false positives. Your team focuses solely on proven, immediate threats, drastically cutting alert fatigue.

1️⃣ Real, Actionable Findings: Powered by Nuclei, we use runtime behavioral checks, not version numbers, to safely validate exploitability. Every finding includes proof-of-concept evidence.

Are you tired of chasing vulnerability ghosts? We built ProjectDiscovery because we were. We saw too many security teams drowning in false positives and version-based alerts that didn't reflect the real-world risk.  We changed vulnerability management with four core

Recent AI-assisted intrusions have made something very clear for security leaders: the challenge isn’t visibility anymore; it’s confidence. Teams don’t need more alerts; they need to know which ones are real. Our latest whitepaper digs into how ASM must evolve to deliver proof,

In this video I use Neo by @pdiscoveryio to: 1️⃣ Reverse Engineer an N-Day by comparing source code 2️⃣ Create me a working POC 3️⃣ Exploit it against a Wordpress website and get me Remote Code Execution Watch here: https://t.co/Yu8EAgmSlp

Get better visibility and control over your cloud security now. We updated our Cloud Platform a time ago, new features designed to streamline your workflow and give you a clearer view of your assets. In this update video, you'll learn about: ✅ AWS ARN integration support for

Tired of manually tracking security vulnerabilities? Nuclei offers Linear issue tracking, a handy feature that creates and tracks issues directly from your scans, helping you get to resolution faster. Check out our GitHub repository. 👇  https://t.co/4XlwaLHm8b

Running into an error while writing a Nuclei template? Here's a simple way to fix them.👇

Are you the kind of bug bounty hunter people want to work with?  4 Essentials to build your reputation: ✅Get Permission ✅Stay in Scope ✅Be Transparent ✅Take Your Time Read the full blog to learn the 4 essentials of good bug bounty etiquette👇 https://t.co/RtzPUljhPe

Need to confirm a vulnerability in Nuclei? Meet Analyzers!🤝 This is a concept introduced in Nuclei fuzzing that allows the engine to make additional verification requests, based on a specific logic, to confirm a vulnerability. Watch this video to see how they work👇