📦 GitHub 全球红队渗透资源中转站。
旨在收录那些“好用却难找”的安全项目。
🔗 定时推送:GitHub Trending (Security)
🛠 必备清单:后渗透、远控、免杀、提权工具集
📅 更新频率:每日精选,绝不灌水。
⚠️ 本频道仅供安全研究与授权测试使用。
旨在收录那些“好用却难找”的安全项目。
🔗 定时推送:GitHub Trending (Security)
🛠 必备清单:后渗透、远控、免杀、提权工具集
📅 更新频率:每日精选,绝不灌水。
⚠️ 本频道仅供安全研究与授权测试使用。
GitHub监控消息提醒!!!
更新了:RCE
描述:This repository contains a Proof of Concept (PoC) for CVE-2024-37054, a critical deserialization vulnerability in MLflow that allows for Remote Code Execution (RCE).
URL:https://github.com/NiteeshPujari/CVE-2024-37054-MLflow-RCE
标签:#RCE
更新了:RCE
描述:This repository contains a Proof of Concept (PoC) for CVE-2024-37054, a critical deserialization vulnerability in MLflow that allows for Remote Code Execution (RCE).
URL:https://github.com/NiteeshPujari/CVE-2024-37054-MLflow-RCE
标签:#RCE
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:PoC exploit for Below privilege escalation (CVE-2025-27591) allowing local root access via symlink manipulation in world-writable log directory.
URL:https://github.com/Diabl0xE/CVE-2025-27519
标签:#CVE-2025
更新了:CVE-2025
描述:PoC exploit for Below privilege escalation (CVE-2025-27591) allowing local root access via symlink manipulation in world-writable log directory.
URL:https://github.com/Diabl0xE/CVE-2025-27519
标签:#CVE-2025
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:CVE-2025-43300的在野利用代码.
URL:https://github.com/XiaomingX/CVE-2025-43300-exp
标签:#CVE-2025
更新了:CVE-2025
描述:CVE-2025-43300的在野利用代码.
URL:https://github.com/XiaomingX/CVE-2025-43300-exp
标签:#CVE-2025
GitHub监控消息提醒!!!
更新了:RCE
描述:The IoT smart water meter monitoring platform affiliated to Shandong Kede Electronics Co., Ltd. has an unauthorized remote code execution (RCE) vulnerability
URL:https://github.com/songqb-xx/Internet-of-Things-Smart-Water-Meter-Monitoring-Platform-Unauthorized-RCE
标签:#RCE
更新了:RCE
描述:The IoT smart water meter monitoring platform affiliated to Shandong Kede Electronics Co., Ltd. has an unauthorized remote code execution (RCE) vulnerability
URL:https://github.com/songqb-xx/Internet-of-Things-Smart-Water-Meter-Monitoring-Platform-Unauthorized-RCE
标签:#RCE
GitHub监控消息提醒!!!
更新了:RCE
描述:ANTI-RCE Remote Command Execution From HRDP
URL:https://github.com/SentityX/Xworm-RCEBlock
标签:#RCE
更新了:RCE
描述:ANTI-RCE Remote Command Execution From HRDP
URL:https://github.com/SentityX/Xworm-RCEBlock
标签:#RCE
GitHub监控消息提醒!!!
更新了:RCE
描述:灵当CRM getLogInfo.php 文件上传致RCE的poc
URL:https://github.com/1424306324/-CRM-getLogInfo.php-RCE-poc
标签:#RCE
更新了:RCE
描述:灵当CRM getLogInfo.php 文件上传致RCE的poc
URL:https://github.com/1424306324/-CRM-getLogInfo.php-RCE-poc
标签:#RCE
GitHub监控消息提醒!!!
更新了:信息收集
描述:一款面向SRC漏洞挖掘中,页面信息收集场景的浏览器扩展,自动收集页面及相关资源中的敏感信息与可疑线索,支持基础扫描、深度递归扫描、批量 API 测试及结果导出与自定义正则配置
URL:https://github.com/yumyum-05/longxinzhiyou
标签:#信息收集
更新了:信息收集
描述:一款面向SRC漏洞挖掘中,页面信息收集场景的浏览器扩展,自动收集页面及相关资源中的敏感信息与可疑线索,支持基础扫描、深度递归扫描、批量 API 测试及结果导出与自定义正则配置
URL:https://github.com/yumyum-05/longxinzhiyou
标签:#信息收集
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:CVE-2025-25256: Fortinet FortiSIEM OS Command Injection CVE PoC (Proof of Concept)
URL:https://github.com/JMS-Security/CVE-2025-25256-PoC
标签:#CVE-2025
更新了:CVE-2025
描述:CVE-2025-25256: Fortinet FortiSIEM OS Command Injection CVE PoC (Proof of Concept)
URL:https://github.com/JMS-Security/CVE-2025-25256-PoC
标签:#CVE-2025
GitHub监控消息提醒!!!
更新了:红队
描述:A.I.G (AI-Infra-Guard) 是腾讯朱雀实验室推出的 AI 红队安全测试平台,支持AI基础设施漏洞扫描、MCP Server风险检测与大模型安全体检。
URL:https://github.com/Tencent/AI-Infra-Guard
标签:#红队
更新了:红队
描述:A.I.G (AI-Infra-Guard) 是腾讯朱雀实验室推出的 AI 红队安全测试平台,支持AI基础设施漏洞扫描、MCP Server风险检测与大模型安全体检。
URL:https://github.com/Tencent/AI-Infra-Guard
标签:#红队
GitHub监控消息提醒!!!
更新了:webshell
描述:serial port webshell simulation
URL:https://github.com/skyrover001/com_ws
标签:#webshell
更新了:webshell
描述:serial port webshell simulation
URL:https://github.com/skyrover001/com_ws
标签:#webshell
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:This PoC is for authorized study and testing. CVE-2025-8088 is actively exploited, and misuse may violate laws or cause harm. Update to WinRAR 7.13+ to avoid suspicious RARs.
URL:https://github.com/ghostn4444/CVE-2025-8088
标签:#CVE-2025
更新了:CVE-2025
描述:This PoC is for authorized study and testing. CVE-2025-8088 is actively exploited, and misuse may violate laws or cause harm. Update to WinRAR 7.13+ to avoid suspicious RARs.
URL:https://github.com/ghostn4444/CVE-2025-8088
标签:#CVE-2025
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:🚀 Demonstrate the WinRAR CVE-2025-8088 exploit with a PoC RAR archive that installs a VBScript on startup, showcasing its impact on vulnerable systems.
URL:https://github.com/amel-62/WinRAR-CVE-2025-8088-PoC-RAR
标签:#CVE-2025
更新了:CVE-2025
描述:🚀 Demonstrate the WinRAR CVE-2025-8088 exploit with a PoC RAR archive that installs a VBScript on startup, showcasing its impact on vulnerable systems.
URL:https://github.com/amel-62/WinRAR-CVE-2025-8088-PoC-RAR
标签:#CVE-2025
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:🛠️ Demonstrate CVE-2025-55188, a 7-Zip vulnerability allowing symlink attacks to overwrite files, highlighting crucial security risks for users.
URL:https://github.com/rhllsingh/CVE-2025-55188-7z-exploit
标签:#CVE-2025
更新了:CVE-2025
描述:🛠️ Demonstrate CVE-2025-55188, a 7-Zip vulnerability allowing symlink attacks to overwrite files, highlighting crucial security risks for users.
URL:https://github.com/rhllsingh/CVE-2025-55188-7z-exploit
标签:#CVE-2025
GitHub监控消息提醒!!!
更新了:RCE
描述:Estudo de caso de uma análise de segurança ofensiva (Red Team) que resultou na descoberta de múltiplas vulnerabilidades, incluindo uma crítica de RCE.
URL:https://github.com/NaassonRibeiro/estudo-de-caso-de-seguranca-red-team
标签:#RCE
更新了:RCE
描述:Estudo de caso de uma análise de segurança ofensiva (Red Team) que resultou na descoberta de múltiplas vulnerabilidades, incluindo uma crítica de RCE.
URL:https://github.com/NaassonRibeiro/estudo-de-caso-de-seguranca-red-team
标签:#RCE
GitHub监控消息提醒!!!
更新了:信息收集
描述:一款面向SRC漏洞挖掘中,页面信息收集场景的浏览器扩展,自动收集页面及相关资源中的敏感信息与可疑线索,支持基础扫描、深度递归扫描、批量 API 测试及结果导出与自定义正则配置
URL:https://github.com/Team-intN18-SoybeanSeclab/Phantom
标签:#信息收集
更新了:信息收集
描述:一款面向SRC漏洞挖掘中,页面信息收集场景的浏览器扩展,自动收集页面及相关资源中的敏感信息与可疑线索,支持基础扫描、深度递归扫描、批量 API 测试及结果导出与自定义正则配置
URL:https://github.com/Team-intN18-SoybeanSeclab/Phantom
标签:#信息收集
GitHub监控消息提醒!!!
更新了:RCE
描述:2025 RCEC Internship Summer Project Code and Related Files
URL:https://github.com/rebeccajhuwin99/2025rcecIntern
标签:#RCE
更新了:RCE
描述:2025 RCEC Internship Summer Project Code and Related Files
URL:https://github.com/rebeccajhuwin99/2025rcecIntern
标签:#RCE