📦 GitHub 全球红队渗透资源中转站。
旨在收录那些“好用却难找”的安全项目。
🔗 定时推送:GitHub Trending (Security)
🛠 必备清单:后渗透、远控、免杀、提权工具集
📅 更新频率:每日精选,绝不灌水。
⚠️ 本频道仅供安全研究与授权测试使用。
旨在收录那些“好用却难找”的安全项目。
🔗 定时推送:GitHub Trending (Security)
🛠 必备清单:后渗透、远控、免杀、提权工具集
📅 更新频率:每日精选,绝不灌水。
⚠️ 本频道仅供安全研究与授权测试使用。
GitHub监控消息提醒!!!
更新了:RCE
描述:Undocumented RCE in PLY via `picklefile` Parameter
URL:https://github.com/bohmiiidd/Undocumented-RCE-in-PLY
标签:#RCE
更新了:RCE
描述:Undocumented RCE in PLY via `picklefile` Parameter
URL:https://github.com/bohmiiidd/Undocumented-RCE-in-PLY
标签:#RCE
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:Simple exploit for Wing FTP Server RCE (CVE-2025-47812) to run commands and get a reverse shell. For educational use only.
URL:https://github.com/0xcan1337/CVE-2025-47812-poC
标签:#CVE-2025
更新了:CVE-2025
描述:Simple exploit for Wing FTP Server RCE (CVE-2025-47812) to run commands and get a reverse shell. For educational use only.
URL:https://github.com/0xcan1337/CVE-2025-47812-poC
标签:#CVE-2025
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:POC script for CVE-2025-32462 a vulnerability in sudo
URL:https://github.com/Hacksparo/CVE-2025-32462
标签:#CVE-2025
更新了:CVE-2025
描述:POC script for CVE-2025-32462 a vulnerability in sudo
URL:https://github.com/Hacksparo/CVE-2025-32462
标签:#CVE-2025
GitHub监控消息提醒!!!
更新了:代码审计
描述:X-SAST 专业多语言轻量代码审计工具套件
URL:https://github.com/listener-He/yunxiao-LLM-reviewer
标签:#代码审计
更新了:代码审计
描述:X-SAST 专业多语言轻量代码审计工具套件
URL:https://github.com/listener-He/yunxiao-LLM-reviewer
标签:#代码审计
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:CVE-2025-32463 Proof of concept
URL:https://github.com/K1tt3h/CVE-2025-32463-POC
标签:#CVE-2025
更新了:CVE-2025
描述:CVE-2025-32463 Proof of concept
URL:https://github.com/K1tt3h/CVE-2025-32463-POC
标签:#CVE-2025
GitHub监控消息提醒!!!
更新了:代码审计
描述:X-SAST 替代Seay的轻量级多语言支持的GUI代码审计工具
URL:https://github.com/winezer0/X-SAST-Public
标签:#代码审计
更新了:代码审计
描述:X-SAST 替代Seay的轻量级多语言支持的GUI代码审计工具
URL:https://github.com/winezer0/X-SAST-Public
标签:#代码审计
GitHub监控消息提醒!!!
更新了:RCE
描述:Wing FTP Server Remote Code Execution (RCE) Exploit (CVE-2025-47812)
URL:https://github.com/4m3rr0r/CVE-2025-47812-poc
标签:#RCE
更新了:RCE
描述:Wing FTP Server Remote Code Execution (RCE) Exploit (CVE-2025-47812)
URL:https://github.com/4m3rr0r/CVE-2025-47812-poc
标签:#RCE
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:Wing FTP Server Remote Code Execution (RCE) Exploit (CVE-2025-47812)
URL:https://github.com/4m3rr0r/CVE-2025-47812
标签:#CVE-2025
更新了:CVE-2025
描述:Wing FTP Server Remote Code Execution (RCE) Exploit (CVE-2025-47812)
URL:https://github.com/4m3rr0r/CVE-2025-47812
标签:#CVE-2025
GitHub监控消息提醒!!!
更新了:RCE
描述:codeBox RCE is a service that provides a secure, containerized environment to run code remotely. The API supports Python, JavaScript, and C++, with potential for more languages in the future.
URL:https://github.com/Rajivkumawat3/code-box
标签:#RCE
更新了:RCE
描述:codeBox RCE is a service that provides a secure, containerized environment to run code remotely. The API supports Python, JavaScript, and C++, with potential for more languages in the future.
URL:https://github.com/Rajivkumawat3/code-box
标签:#RCE
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:Simple Proof of Concept for CVE-2025-6218, demonstrating the exploitation of a vulnerability involving WinRAR’s handling of archive extraction paths.
URL:https://github.com/skimask1690/CVE-2025-6218-POC
标签:#CVE-2025
更新了:CVE-2025
描述:Simple Proof of Concept for CVE-2025-6218, demonstrating the exploitation of a vulnerability involving WinRAR’s handling of archive extraction paths.
URL:https://github.com/skimask1690/CVE-2025-6218-POC
标签:#CVE-2025
GitHub监控消息提醒!!!
更新了:渗透测试
描述:本项目是一个基于FastAPI+React的Web安全自动化渗透测试平台,集成了资产发现、端口探测、网站信息抓取、漏洞扫描等功能,支持JWT认证、API自动化测试、前端进度条展示、工具状态检测、全流程自动化、结构化结果展示、项目/任务归档,适配云端环境。
URL:https://github.com/wooluo/scan
标签:#渗透测试
更新了:渗透测试
描述:本项目是一个基于FastAPI+React的Web安全自动化渗透测试平台,集成了资产发现、端口探测、网站信息抓取、漏洞扫描等功能,支持JWT认证、API自动化测试、前端进度条展示、工具状态检测、全流程自动化、结构化结果展示、项目/任务归档,适配云端环境。
URL:https://github.com/wooluo/scan
标签:#渗透测试
GitHub监控消息提醒!!!
更新了:RCE
描述:This is a simple and benign Go script that red teamers can drop and attempt execution to test RCE on Windows machine
URL:https://github.com/maverick-doan/win-rce-checker
标签:#RCE
更新了:RCE
描述:This is a simple and benign Go script that red teamers can drop and attempt execution to test RCE on Windows machine
URL:https://github.com/maverick-doan/win-rce-checker
标签:#RCE
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:PoC and Setup for CVE-2025-4664
URL:https://github.com/amalmurali47/cve-2025-4664
标签:#CVE-2025
更新了:CVE-2025
描述:PoC and Setup for CVE-2025-4664
URL:https://github.com/amalmurali47/cve-2025-4664
标签:#CVE-2025
GitHub监控消息提醒!!!
更新了:应急响应
描述:一套标准化的数字取证与应急响应信息采集规则格式规范。
URL:https://github.com/Just-Hack-For-Fun/OpenForensicRules
标签:#应急响应
更新了:应急响应
描述:一套标准化的数字取证与应急响应信息采集规则格式规范。
URL:https://github.com/Just-Hack-For-Fun/OpenForensicRules
标签:#应急响应
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:详细讲解CitrixBleed 2 — CVE-2025-5777(越界泄漏)PoC 和检测套件
URL:https://github.com/mingshenhk/CitrixBleed-2-CVE-2025-5777-PoC-
标签:#CVE-2025
更新了:CVE-2025
描述:详细讲解CitrixBleed 2 — CVE-2025-5777(越界泄漏)PoC 和检测套件
URL:https://github.com/mingshenhk/CitrixBleed-2-CVE-2025-5777-PoC-
标签:#CVE-2025
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:> 🔓 Proof-of-Concept for a fictional Next.js middleware bypass (CVE-2025-29927) — craft sub-requests to test protected routes.
URL:https://github.com/m2hcz/PoC-for-Next.js-Middleware
标签:#CVE-2025
更新了:CVE-2025
描述:> 🔓 Proof-of-Concept for a fictional Next.js middleware bypass (CVE-2025-29927) — craft sub-requests to test protected routes.
URL:https://github.com/m2hcz/PoC-for-Next.js-Middleware
标签:#CVE-2025
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:Reproduce CVE-2022-32250 and CVE-2025-21756 by tampering with modprobe_path and hijacking control flow, respectively.
URL:https://github.com/KuanKuanQAQ/cve-testing
标签:#CVE-2025
更新了:CVE-2025
描述:Reproduce CVE-2022-32250 and CVE-2025-21756 by tampering with modprobe_path and hijacking control flow, respectively.
URL:https://github.com/KuanKuanQAQ/cve-testing
标签:#CVE-2025