mirror of https://github.com/aliasrobotics/cai.git
docs: add four new case studies to README (Unitree G1, Dragos CTF, HackerOne, PortSwigger) (#345)
* docs: add three new case studies to README - Add Unitree G1 Humanoid Robot security analysis case study - Add Dragos OT CTF 2025 Top-10 achievement case study - Add HackerOne bug bounty platform case study - Include case study images in docs/assets/images/ - Position new studies at the top as most recent - Maintain consistent formatting with existing case studies * docs: update case study descriptions with official text from web pages - Update Unitree G1 description with official text - Update Dragos CTF description with official text - Update HackerOne description with official text - Ensure consistency with published case studies * docs: add PortSwigger case study to maintain 2-column structure - Add PortSwigger Web Security Academy case study - Position alongside MQTT broker in last row - Maintain consistent 2-column layout throughout - Include case study image in docs/assets/images/ * docs: update HackerOne case study title - Remove 'and alias1' reference from HackerOne title - Keep consistent naming with other case studies
This commit is contained in:
parent
4e315531c1
commit
e3b456f7f7
22
README.md
22
README.md
|
|
@ -120,15 +120,25 @@ Cybersecurity AI (CAI) is a lightweight, open-source framework that empowers sec
|
|||
|
||||
|
||||
|
||||
| [`OT` - CAI and alias0 on: Ecoforest Heat Pumps](https://aliasrobotics.com/case-study-ecoforest.php) | [`Robotics` - CAI and alias0 on: Mobile Industrial Robots (MiR)](https://aliasrobotics.com/case-study-cai-mir.php) |
|
||||
| [`Robotics` - CAI and alias1 on: Unitree G1 Humanoid Robot](https://aliasrobotics.com/case-study-humanoid-robot-g1.php) | [`OT` - CAI and alias1 on: Dragos OT CTF 2025](https://aliasrobotics.com/case-study-dragos-CTF.php) |
|
||||
|------------------------------------------------|---------------------------------|
|
||||
| CAI discovers critical vulnerability in Ecoforest heat pumps allowing unauthorized remote access and potential catastrophic failures. AI-powered security testing reveals exposed credentials and DES encryption weaknesses affecting all of their deployed units across Europe. | CAI-powered security testing of MiR (Mobile Industrial Robot) platform through automated ROS message injection attacks. This study demonstrates how AI-driven vulnerability discovery can expose unauthorized access to robot control systems and alarm triggers. |
|
||||
| [](https://aliasrobotics.com/case-study-ecoforest.php) | [](https://aliasrobotics.com/case-study-cai-mir.php) |
|
||||
| CAI uncovers vulnerabilities and privacy violations in Unitree G1 humanoid robots including unauthorized telemetry transmission to China-related servers, exposed RSA keys with world-writable permissions, and potential surveillance capabilities violating GDPR and international privacy laws. | CAI powered by alias1, demonstrates exceptional performance in operational technology cybersecurity by achieving a Top-10 ranking in the Dragos OT CTF 2025. The AI agent reached Rank 1 during competition hours 7-8, completed 32 of 34 challenges, and maintained a 37% velocity advantage over top human teams. |
|
||||
| [](https://aliasrobotics.com/case-study-humanoid-robot-g1.php) | [](https://aliasrobotics.com/case-study-dragos-CTF.php) |
|
||||
|
||||
| [`IT` (Web) - CAI and alias0 on: Mercado Libre's e-commerce](https://aliasrobotics.com/case-study-mercado-libre.php) | [`OT` - CAI and alias0 on: MQTT broker](https://aliasrobotics.com/case-study-cai-mqtt-broker.php) |
|
||||
| [`IT` (Bug Bounty) - CAI on: HackerOne Platform](https://aliasrobotics.com/case-study-hackerone.php) | [`OT` - CAI and alias0 on: Ecoforest Heat Pumps](https://aliasrobotics.com/case-study-ecoforest.php) |
|
||||
|------------------------------------------------|---------------------------------|
|
||||
| CAI-powered API vulnerability discovery at Mercado Libre through automated enumeration attacks. This study demonstrates how AI-driven security testing can expose user data exposure risks in e-commerce platforms at scale. | CAI-powered testing exposed critical flaws in an MQTT broker within a Dockerized OT network. Without authentication, CAI subscribed to temperature and humidity topics and injected false values, corrupting data shown in Grafana dashboards. |
|
||||
| [](https://aliasrobotics.com/case-study-mercado-libre.php) | [](https://aliasrobotics.com/case-study-cai-mqtt-broker.php) |
|
||||
| HackerOne's top engineers leverage CAI to explore next-gen agentic AI architectures and build their own security products. CAI's Retester agent directly inspired HackerOne's AI-powered Deduplication Agent, now deployed in production to handle millions of vulnerability reports at scale. | CAI discovers critical vulnerability in Ecoforest heat pumps allowing unauthorized remote access and potential catastrophic failures. AI-powered security testing reveals exposed credentials and DES encryption weaknesses affecting all of their deployed units across Europe. |
|
||||
| [](https://aliasrobotics.com/case-study-hackerone.php) | [](https://aliasrobotics.com/case-study-ecoforest.php) |
|
||||
|
||||
| [`Robotics` - CAI and alias0 on: Mobile Industrial Robots (MiR)](https://aliasrobotics.com/case-study-cai-mir.php) | [`IT` (Web) - CAI and alias0 on: Mercado Libre's e-commerce](https://aliasrobotics.com/case-study-mercado-libre.php) |
|
||||
|------------------------------------------------|---------------------------------|
|
||||
| CAI-powered security testing of MiR (Mobile Industrial Robot) platform through automated ROS message injection attacks. This study demonstrates how AI-driven vulnerability discovery can expose unauthorized access to robot control systems and alarm triggers. | CAI-powered API vulnerability discovery at Mercado Libre through automated enumeration attacks. This study demonstrates how AI-driven security testing can expose user data exposure risks in e-commerce platforms at scale. |
|
||||
| [](https://aliasrobotics.com/case-study-cai-mir.php) | [](https://aliasrobotics.com/case-study-mercado-libre.php) |
|
||||
|
||||
| [`OT` - CAI and alias0 on: MQTT broker](https://aliasrobotics.com/case-study-cai-mqtt-broker.php) | [`IT` (Web) - CAI and alias0 on: PortSwigger Web Security Academy](https://aliasrobotics.com/case-study-portswigger-1.php) |
|
||||
|------------------------------------------------|---------------------------------|
|
||||
| CAI-powered testing exposed critical flaws in an MQTT broker within a Dockerized OT network. Without authentication, CAI subscribed to temperature and humidity topics and injected false values, corrupting data shown in Grafana dashboards. | CAI-powered race condition exploitation in file upload vulnerability. This study demonstrates how AI-driven security testing can identify and exploit timing windows in web applications, successfully uploading and executing web shells through automated parallel requests. |
|
||||
| [](https://aliasrobotics.com/case-study-cai-mqtt-broker.php) | [](https://aliasrobotics.com/case-study-portswigger-1.php) |
|
||||
|
||||
|
||||
|
||||
|
|
|
|||
Binary file not shown.
|
After Width: | Height: | Size: 1.1 MiB |
Binary file not shown.
|
After Width: | Height: | Size: 261 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 105 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 905 KiB |
Loading…
Reference in New Issue