📦 GitHub 全球红队渗透资源中转站。
旨在收录那些“好用却难找”的安全项目。
🔗 定时推送:GitHub Trending (Security)
🛠 必备清单:后渗透、远控、免杀、提权工具集
📅 更新频率:每日精选,绝不灌水。
⚠️ 本频道仅供安全研究与授权测试使用。
旨在收录那些“好用却难找”的安全项目。
🔗 定时推送:GitHub Trending (Security)
🛠 必备清单:后渗透、远控、免杀、提权工具集
📅 更新频率:每日精选,绝不灌水。
⚠️ 本频道仅供安全研究与授权测试使用。
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:🛠️ Exploit CVE-2025-21333 in vkrnlintvsp.sys with this proof of concept, aimed at demonstrating potential threats on Windows 11 systems.
URL:https://github.com/pradip022/CVE-2025-21333-POC
标签:#CVE-2025
更新了:CVE-2025
描述:🛠️ Exploit CVE-2025-21333 in vkrnlintvsp.sys with this proof of concept, aimed at demonstrating potential threats on Windows 11 systems.
URL:https://github.com/pradip022/CVE-2025-21333-POC
标签:#CVE-2025
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:This repository contains POC scenarios as part of CVE-2025-0411 MotW bypass.
URL:https://github.com/Makavellik/POC-CVE-2025-24813-Apache-Tomcat-Remote-Code-Execution
标签:#CVE-2025
更新了:CVE-2025
描述:This repository contains POC scenarios as part of CVE-2025-0411 MotW bypass.
URL:https://github.com/Makavellik/POC-CVE-2025-24813-Apache-Tomcat-Remote-Code-Execution
标签:#CVE-2025
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:🔓 Decrypt FairPlay-protected iOS apps on macOS (SIP-enabled) using CVE-2025-24204. Supports macOS 15.0-15.2.
URL:https://github.com/Makavellik/POC-CVE-2025-24813-Apache-Tomcat-Remote-Code-Execution
标签:#CVE-2025
更新了:CVE-2025
描述:🔓 Decrypt FairPlay-protected iOS apps on macOS (SIP-enabled) using CVE-2025-24204. Supports macOS 15.0-15.2.
URL:https://github.com/Makavellik/POC-CVE-2025-24813-Apache-Tomcat-Remote-Code-Execution
标签:#CVE-2025
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:CVE-2025-24799 Exploit: GLPI - Unauthenticated SQL Injection
URL:https://github.com/Rosemary1337/CVE-2025-24799
标签:#CVE-2025
更新了:CVE-2025
描述:CVE-2025-24799 Exploit: GLPI - Unauthenticated SQL Injection
URL:https://github.com/Rosemary1337/CVE-2025-24799
标签:#CVE-2025
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:CVE-2025-24799 Exploit: GLPI - Unauthenticated SQL Injection
URL:https://github.com/Rosemary1337/CVE-2025-24799
标签:#CVE-2025
更新了:CVE-2025
描述:CVE-2025-24799 Exploit: GLPI - Unauthenticated SQL Injection
URL:https://github.com/Rosemary1337/CVE-2025-24799
标签:#CVE-2025
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:CVE-2025-57819
URL:https://github.com/B1ack4sh/Blackash-CVE-2025-57819
标签:#CVE-2025
更新了:CVE-2025
描述:CVE-2025-57819
URL:https://github.com/B1ack4sh/Blackash-CVE-2025-57819
标签:#CVE-2025
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:CVE-2025-6934 - Exploit WordPress Opal Estate Pro
URL:https://github.com/Rosemary1337/CVE-2025-6934
标签:#CVE-2025
更新了:CVE-2025
描述:CVE-2025-6934 - Exploit WordPress Opal Estate Pro
URL:https://github.com/Rosemary1337/CVE-2025-6934
标签:#CVE-2025
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:🛠️ Exploit CVE-2025-21333 in vkrnlintvsp.sys with this proof of concept, aimed at demonstrating potential threats on Windows 11 systems.
URL:https://github.com/pradip022/CVE-2025-21333-POC
标签:#CVE-2025
更新了:CVE-2025
描述:🛠️ Exploit CVE-2025-21333 in vkrnlintvsp.sys with this proof of concept, aimed at demonstrating potential threats on Windows 11 systems.
URL:https://github.com/pradip022/CVE-2025-21333-POC
标签:#CVE-2025
GitHub监控消息提醒!!!
更新了:渗透测试
描述:Shark-空间聚合测绘平台,是一个功能强大的网络空间聚合测绘平台,专为安全研究人员、渗透测试工程师和网络管理员设计。通过整合多个主流网络空间搜索引擎(FOFA、Quake、Hunter、00Zone等),提供统一的查询接口和智能语法转换,为用户提供全面、精确的网络资产发现和分析能力。
URL:https://github.com/CllmsyK/Shark
标签:#渗透测试
更新了:渗透测试
描述:Shark-空间聚合测绘平台,是一个功能强大的网络空间聚合测绘平台,专为安全研究人员、渗透测试工程师和网络管理员设计。通过整合多个主流网络空间搜索引擎(FOFA、Quake、Hunter、00Zone等),提供统一的查询接口和智能语法转换,为用户提供全面、精确的网络资产发现和分析能力。
URL:https://github.com/CllmsyK/Shark
标签:#渗透测试
GitHub监控消息提醒!!!
更新了:CVE-2025
描述: CVE-2025-52970 - FortiWeb Authentication Bypass to Remote Code Execution Exploit
URL:https://github.com/34zY/CVE-2025-52970
标签:#CVE-2025
更新了:CVE-2025
描述: CVE-2025-52970 - FortiWeb Authentication Bypass to Remote Code Execution Exploit
URL:https://github.com/34zY/CVE-2025-52970
标签:#CVE-2025
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:🔓 Decrypt FairPlay-protected iOS apps on macOS (SIP-enabled) using CVE-2025-24204. Supports macOS 15.0-15.2.
URL:https://github.com/dollarboysushil/CVE-2025-32433-Erlang-OTP-SSH-Unauthenticated-RCE
标签:#CVE-2025
更新了:CVE-2025
描述:🔓 Decrypt FairPlay-protected iOS apps on macOS (SIP-enabled) using CVE-2025-24204. Supports macOS 15.0-15.2.
URL:https://github.com/dollarboysushil/CVE-2025-32433-Erlang-OTP-SSH-Unauthenticated-RCE
标签:#CVE-2025
GitHub监控消息提醒!!!
更新了:权限维持
描述:Powershell 权限维持后门
URL:https://github.com/AV1080p/Schtasks-Backdoor
标签:#权限维持
更新了:权限维持
描述:Powershell 权限维持后门
URL:https://github.com/AV1080p/Schtasks-Backdoor
标签:#权限维持
GitHub监控消息提醒!!!
更新了:Cobalt Strike
描述:Go-based C2 server inspired by Cobalt Strike; seamless agent control, web UI, and Malleable Profile support. Fast, extensible, and secure for red-team ops. 🐙
URL:https://github.com/armin-hg/NewCobaltstrikeTeamServer
标签:#Cobalt Strike
更新了:Cobalt Strike
描述:Go-based C2 server inspired by Cobalt Strike; seamless agent control, web UI, and Malleable Profile support. Fast, extensible, and secure for red-team ops. 🐙
URL:https://github.com/armin-hg/NewCobaltstrikeTeamServer
标签:#Cobalt Strike
GitHub监控消息提醒!!!
更新了:RCE
描述:A consolidated bug bounty hunting checklist covering everything from recon to critical RCE and cloud exploits.
URL:https://github.com/vux06/BB-Methodology
标签:#RCE
更新了:RCE
描述:A consolidated bug bounty hunting checklist covering everything from recon to critical RCE and cloud exploits.
URL:https://github.com/vux06/BB-Methodology
标签:#RCE
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:CVE-2025-7771 ThrottleStop.sys privilege escalation exploit - unrestricted IOCTL access to physical memory via MmMapIoSpace
URL:https://github.com/Demoo1337/ThrottleStop
标签:#CVE-2025
更新了:CVE-2025
描述:CVE-2025-7771 ThrottleStop.sys privilege escalation exploit - unrestricted IOCTL access to physical memory via MmMapIoSpace
URL:https://github.com/Demoo1337/ThrottleStop
标签:#CVE-2025
GitHub监控消息提醒!!!
更新了:RCE
描述:A proof-of-concept (PoC) remote code execution (RCE) exploit targeting vulnerable applications that deserialize untrusted Python pickle objects.
URL:https://github.com/4nuxd/pickle-rce-exploit
标签:#RCE
更新了:RCE
描述:A proof-of-concept (PoC) remote code execution (RCE) exploit targeting vulnerable applications that deserialize untrusted Python pickle objects.
URL:https://github.com/4nuxd/pickle-rce-exploit
标签:#RCE
GitHub监控消息提醒!!!
更新了:RCE
描述:Python-based web vulnerability scanner for detecting SQLi, XSS, IDOR, CSRF, JWT, LFI, RCE, and more.
URL:https://github.com/EbramSec/ebram_web_scanner
标签:#RCE
更新了:RCE
描述:Python-based web vulnerability scanner for detecting SQLi, XSS, IDOR, CSRF, JWT, LFI, RCE, and more.
URL:https://github.com/EbramSec/ebram_web_scanner
标签:#RCE