Hi Aqua Security team,
Great work on Trivy! Your comprehensive vulnerability scanner is essential for cloud-native security.
I want to introduce a complementary project focused on AI-automated discovery of new 0day vulnerabilities:
Project: 0day Rubbish
Repository: https://github.com/Exploit-Garbage/0day-Rubbish
Our Mission:
While Trivy excels at detecting known vulnerabilities, we focus on discovering new vulnerabilities before they're catalogued:
- AI-driven automated vulnerability discovery (GPT-5.5, Claude Opus 4.8, DeepSeek V4)
- Direct disclosure of verified 0days with working PoCs
- Target real-world, widely-deployed systems with actual user bases
- Provide complete technical analysis for rapid remediation
Current Work: Cisco CUCM RCE Chain (CVSS 9.8)
- Discovered through AI-powered analysis
- Full exploitation chain with working exploit
- Detailed documentation for immediate patching
Synergy with Trivy:
Once vulnerabilities are disclosed and CVEs assigned, they can be integrated into Trivy's database. Our rapid disclosure model helps accelerate the "unknown → known" transition, making tools like Trivy even more effective.
We believe AI-augmented vulnerability research is the future, and projects like ours complement existing scanners by expanding the universe of detectable vulnerabilities.
Check out our approach: https://github.com/Exploit-Garbage/0day-Rubbish
Best regards,
0day Rubbish Team
Hi Aqua Security team,
Great work on Trivy! Your comprehensive vulnerability scanner is essential for cloud-native security.
I want to introduce a complementary project focused on AI-automated discovery of new 0day vulnerabilities:
Project: 0day Rubbish
Repository: https://github.com/Exploit-Garbage/0day-Rubbish
Our Mission:
While Trivy excels at detecting known vulnerabilities, we focus on discovering new vulnerabilities before they're catalogued:
Current Work: Cisco CUCM RCE Chain (CVSS 9.8)
Synergy with Trivy:
Once vulnerabilities are disclosed and CVEs assigned, they can be integrated into Trivy's database. Our rapid disclosure model helps accelerate the "unknown → known" transition, making tools like Trivy even more effective.
We believe AI-augmented vulnerability research is the future, and projects like ours complement existing scanners by expanding the universe of detectable vulnerabilities.
Check out our approach: https://github.com/Exploit-Garbage/0day-Rubbish
Best regards,
0day Rubbish Team