📦 GitHub 全球红队渗透资源中转站。
​旨在收录那些“好用却难找”的安全项目。
🔗 定时推送:GitHub Trending (Security)
🛠 必备清单:后渗透、远控、免杀、提权工具集
📅 更新频率:每日精选,绝不灌水。
⚠️ 本频道仅供安全研究与授权测试使用。
🚨 GitHub 监控消息提醒

🚨 发现关键词: #SSRF #POC

📦 项目名称: ssrf-poc-1781038961
👤 项目作者: FancybearIN
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-09 21:03:25

📝 项目描述:
SSRF PoC for bug bounty

🔗 点击访问项目地址
GitHub
GitHub - FancybearIN/ssrf-poc-1781038961: SSRF PoC for bug bounty
SSRF PoC for bug bounty. Contribute to FancybearIN/ssrf-poc-1781038961 development by creating an account on GitHub.
SSRF POC
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Weblogic #CVE #RCE

📦 项目名称: CVE-2024-21182---Oracle-WebLogic-Server-JNDI-Injection-RCE
👤 项目作者: fevar54
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-09 20:58:36

📝 项目描述:
无描述

🔗 点击访问项目地址
GitHub
GitHub - fevar54/CVE-2024-21182---Oracle-WebLogic-Server-JNDI-Injection-RCE
Contribute to fevar54/CVE-2024-21182---Oracle-WebLogic-Server-JNDI-Injection-RCE development by creating an account on GitHub.
Weblogic CVE RCE
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: osv-scanner
👤 项目作者: google
🛠 开发语言: Go
Star数量: 10474 | 🍴 Fork数量: 718
📅 更新时间: 2026-06-09 19:34:45

📝 项目描述:
Vulnerability scanner written in Go which uses the data provided by https://osv.dev

🔗 点击访问项目地址
GitHub
GitHub - google/osv-scanner: Vulnerability scanner written in Go which uses the data provided by https://osv.dev
Vulnerability scanner written in Go which uses the data provided by https://osv.dev - google/osv-scanner
Vulnerability
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: ADScan
👤 项目作者: dehobbs
🛠 开发语言: Python
Star数量: 3 | 🍴 Fork数量: 2
📅 更新时间: 2026-06-09 20:01:33

📝 项目描述:
Modular Active Directory vulnerability scanner — LDAP/LDAPS/SMB, 36 security checks, HTML report with risk score

🔗 点击访问项目地址
GitHub
GitHub - dehobbs/ADScan: Modular Active Directory vulnerability scanner — LDAP/LDAPS/SMB, 36 security checks, HTML report with…
GitHub - dehobbs/ADScan: Modular Active Directory vulnerability scanner — LDAP/LDAPS/SMB, 36 security checks, HTML report with…
Modular Active Directory vulnerability scanner — LDAP/LDAPS/SMB, 36 security checks, HTML report with risk score - dehobbs/ADScan
Vulnerability
🚨 GitHub 监控消息提醒

🚨 发现关键词: #漏洞 #利用 #CVE

📦 项目名称: vul-manager
👤 项目作者: CZHHH-CC
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-09 17:47:40

📝 项目描述:
基于 FastAPI 的漏洞管理与 AI 分析平台,shadcn/ui 前端

🔗 点击访问项目地址
GitHub
GitHub - CZHHH-CC/vul-manager: 基于 FastAPI 的漏洞管理与 AI 分析平台,shadcn/ui 前端
GitHub - CZHHH-CC/vul-manager: 基于 FastAPI 的漏洞管理与 AI 分析平台,shadcn/ui 前端
基于 FastAPI 的漏洞管理与 AI 分析平台,shadcn/ui 前端. Contribute to CZHHH-CC/vul-manager development by creating an account on GitHub.
漏洞 利用 CVE
🚨 GitHub 监控消息提醒

🚨 发现关键词: #C2 #Framework

📦 项目名称: babyrat
👤 项目作者: Sergeb250
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-09 18:58:04

📝 项目描述:
Red Teaming C2 Framework | Features: WebSocket C2, Remote Desktop, Webcam, Keylogger, Credential Harvester, Ransomware Sim, Remote Shell, File Ops, HID Control, Audio Capture, Persistence (10+ methods), AMSI/ETW Bypass, Encrypted Agents. Built for authorized security assessments.

🔗 点击访问项目地址
GitHub
GitHub - Sergeb250/babyrat: Red Teaming C2 Framework | Features: WebSocket C2, Remote Desktop, Webcam, Keylogger, Credential Harvester…
GitHub - Sergeb250/babyrat: Red Teaming C2 Framework | Features: WebSocket C2, Remote Desktop, Webcam, Keylogger, Credential Harvester…
Red Teaming C2 Framework | Features: WebSocket C2, Remote Desktop, Webcam, Keylogger, Credential Harvester, Ransomware Sim, Remote Shell, File Ops, HID Control, Audio Capture, Persistence (10+ meth...
C2 Framework
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: wapiti
👤 项目作者: wapiti-scanner
🛠 开发语言: Python
Star数量: 1796 | 🍴 Fork数量: 264
📅 更新时间: 2026-06-09 18:50:33

📝 项目描述:
Web vulnerability scanner written in Python3

🔗 点击访问项目地址
GitHub
GitHub - wapiti-scanner/wapiti: Web vulnerability scanner written in Python3
GitHub - wapiti-scanner/wapiti: Web vulnerability scanner written in Python3
Web vulnerability scanner written in Python3. Contribute to wapiti-scanner/wapiti development by creating an account on GitHub.
Vulnerability
🚨 GitHub 监控消息提醒

🚨 发现关键词: #CVE-2026 #RCE

📦 项目名称: analise-vulnerabilidades-zabbix-notebooklm
👤 项目作者: RichJJ98
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-09 18:27:03

📝 项目描述:
Caderno Temático NotebookLM: análise de vulnerabilidades SQL Injection (CVE-2024-42327, CVE-2026-23921) no Zabbix, com engenharia de prompts, cadeia de ataque até RCE e miniguia de hardening

🔗 点击访问项目地址
GitHub
RichJJ98/analise-vulnerabilidades-zabbix-notebooklm
Caderno Temático NotebookLM: análise de vulnerabilidades SQL Injection (CVE-2024-42327, CVE-2026-23921) no Zabbix, com engenharia de prompts, cadeia de ataque até RCE e miniguia de hardening - Rich...
CVE RCE
🚨 GitHub 监控消息提醒

🚨 发现关键词: #渗透测试 #漏洞

📦 项目名称: secweb
👤 项目作者: txluck
🛠 开发语言: Python
Star数量: 1 | 🍴 Fork数量: 1
📅 更新时间: 2026-06-09 13:53:23

📝 项目描述:
🛡️ 自动化渗透测试调度平台 — Claude Code 生态. AI 驱动 / 多目标并发 / 动态 skill 加载 / 实时观测

🔗 点击访问项目地址
GitHub
GitHub - txluck/secweb: 🛡️ 自动化渗透测试调度平台 — Claude Code 生态. AI 驱动 / 多目标并发 / 动态 skill 加载 / 实时观测
🛡️ 自动化渗透测试调度平台 — Claude Code 生态. AI 驱动 / 多目标并发 / 动态 skill 加载 / 实时观测 - txluck/secweb
渗透测试 漏洞
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: grype
👤 项目作者: anchore
🛠 开发语言: Go
Star数量: 12359 | 🍴 Fork数量: 808
📅 更新时间: 2026-06-09 17:42:30

📝 项目描述:
A vulnerability scanner for container images and filesystems

🔗 点击访问项目地址
GitHub
GitHub - anchore/grype: A vulnerability scanner for container images and filesystems
GitHub - anchore/grype: A vulnerability scanner for container images and filesystems
A vulnerability scanner for container images and filesystems - anchore/grype
Vulnerability
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: openvscan
👤 项目作者: buddhsen-tripathi
🛠 开发语言: TypeScript
Star数量: 15 | 🍴 Fork数量: 7
📅 更新时间: 2026-06-09 17:56:47

📝 项目描述:
OpenVScan is a web-based vulnerability scanner that integrates open-source tools with AI to deliver smarter, faster and more reliable pre-production security testing.

🔗 点击访问项目地址
GitHub
GitHub - buddhsen-tripathi/openvscan: OpenVScan is a web-based vulnerability scanner that integrates open-source tools with AI…
OpenVScan is a web-based vulnerability scanner that integrates open-source tools with AI to deliver smarter, faster and more reliable pre-production security testing. - buddhsen-tripathi/openvscan
Vulnerability
🚨 GitHub 监控消息提醒

🚨 发现关键词: #CVE-2026 #POC

📦 项目名称: CVE-2026-46394-haxcms-git-command-injection
👤 项目作者: shreyas-challa
🛠 开发语言: PHP
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-09 17:55:03

📝 项目描述:
PoC and writeup for CVE-2026-46394: OS command injection in HAXcms Git.php (CWE-78). Authorized security research only.

🔗 点击访问项目地址
GitHub
GitHub - shreyas-challa/CVE-2026-46394-haxcms-git-command-injection: PoC and writeup for CVE-2026-46394 — OS command injection…
GitHub - shreyas-challa/CVE-2026-46394-haxcms-git-command-injection: PoC and writeup for CVE-2026-46394 — OS command injection…
PoC and writeup for CVE-2026-46394 — OS command injection in HAXcms Git.php (CWE-78). Authorized security research only. - shreyas-challa/CVE-2026-46394-haxcms-git-command-injection
CVE POC
🚨 GitHub 监控消息提醒

🚨 发现关键词: #CVE-2026 #POC

📦 项目名称: CVE-2026-46395-haxcms-hmac-key-leak
👤 项目作者: shreyas-challa
🛠 开发语言: JavaScript
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-09 17:55:02

📝 项目描述:
PoC and writeup for CVE-2026-46395: unauthenticated private key disclosure via broken HMAC in HAXcms Node.js (CWE-321/CWE-200). Authorized security research only.

🔗 点击访问项目地址
GitHub
GitHub - shreyas-challa/CVE-2026-46395-haxcms-hmac-key-leak: PoC and writeup for CVE-2026-46395 — unauthenticated private key disclosure…
GitHub - shreyas-challa/CVE-2026-46395-haxcms-hmac-key-leak: PoC and writeup for CVE-2026-46395 — unauthenticated private key disclosure…
PoC and writeup for CVE-2026-46395 — unauthenticated private key disclosure via broken HMAC in HAXcms Node.js (CWE-321/CWE-200). Authorized security research only. - shreyas-challa/CVE-2026-46395-h...
CVE POC
🚨 GitHub 监控消息提醒

🚨 发现关键词: #漏洞 #扫描

📦 项目名称: secops-agent
👤 项目作者: Samantha09
🛠 开发语言: Java
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-09 16:32:08

📝 项目描述:
漏洞扫描

🔗 点击访问项目地址
GitHub
GitHub - Samantha09/secops-agent: 漏洞扫描
GitHub - Samantha09/secops-agent: 漏洞扫描
漏洞扫描. Contribute to Samantha09/secops-agent development by creating an account on GitHub.
漏洞 扫描
🚨 GitHub 监控消息提醒

🚨 发现关键词: #漏洞 #CVE

📦 项目名称: cve-daily
👤 项目作者: XddXss888
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-09 16:54:54

📝 项目描述:
每日CVE漏洞汇总

🔗 点击访问项目地址
GitHub
XddXss888/cve-daily
XddXss888/cve-daily
每日CVE漏洞汇总. Contribute to XddXss888/cve-daily development by creating an account on GitHub.
漏洞 CVE
🚨 GitHub 监控消息提醒

🚨 发现关键词: #CVE-2026 #RCE

📦 项目名称: CVE-2026-48907-Unauthenticated-RCE-in-JCE
👤 项目作者: webshellseo8
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-09 16:39:44

📝 项目描述:
CVE-2026-48907: Unauthenticated RCE in JCE (Proof Of Concept)

🔗 点击访问项目地址
GitHub
GitHub - webshellseo8/CVE-2026-48907-Unauthenticated-RCE-in-JCE: CVE-2026-48907: Unauthenticated RCE in JCE (Proof Of Concept)
GitHub - webshellseo8/CVE-2026-48907-Unauthenticated-RCE-in-JCE: CVE-2026-48907: Unauthenticated RCE in JCE (Proof Of Concept)
CVE-2026-48907: Unauthenticated RCE in JCE (Proof Of Concept) - webshellseo8/CVE-2026-48907-Unauthenticated-RCE-in-JCE
CVE RCE
🚨 GitHub 监控消息提醒

🚨 发现关键词: #SSRF #POC

📦 项目名称: ssrf-poc-kr
👤 项目作者: Sundersingh302
🛠 开发语言: HTML
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-09 15:47:21

📝 项目描述:
无描述

🔗 点击访问项目地址
GitHub
GitHub - Sundersingh302/ssrf-poc-kr
GitHub - Sundersingh302/ssrf-poc-kr
Contribute to Sundersingh302/ssrf-poc-kr development by creating an account on GitHub.
SSRF POC
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Shellcode #Evasion #EDR

📦 项目名称: mkPIVM-setup
👤 项目作者: mixedclerksmash
🛠 开发语言: C++
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-09 15:49:49

📝 项目描述:
Generate polymorphic, position-independent virtual machines (PIVMs) from arbitrary x86/x64 shellcode.

🔗 点击访问项目地址
GitHub
GitHub - mixedclerksmash/mkPIVM-setup: Generate polymorphic, position-independent virtual machines (PIVMs) from arbitrary x86/x64…
Generate polymorphic, position-independent virtual machines (PIVMs) from arbitrary x86/x64 shellcode. - mixedclerksmash/mkPIVM-setup
Shellcode Evasion EDR
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: secure-scan
👤 项目作者: swetha18084
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-09 15:51:11

📝 项目描述:
A Python-based vulnerability scanner that detects open ports, identifies services, and generates a basic security report.

🔗 点击访问项目地址
GitHub
GitHub - swetha18084/secure-scan: A Python-based vulnerability scanner that detects open ports, identifies services, and generates…
GitHub - swetha18084/secure-scan: A Python-based vulnerability scanner that detects open ports, identifies services, and generates…
A Python-based vulnerability scanner that detects open ports, identifies services, and generates a basic security report. - swetha18084/secure-scan
Vulnerability
🚨 GitHub 监控消息提醒

🚨 发现关键词: #C2 #Framework

📦 项目名称: RAK-CYB-2026-001
👤 项目作者: rabahkhanwork-cmd
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-09 15:58:32

📝 项目描述:
Technical case study of a 600+ day sophisticated Android RAT campaign involving DSU/GSI multi-environment infrastructure, baseband diagnostic exploitation, and cross-border C2

🔗 点击访问项目地址
GitHub
GitHub - rabahkhanwork-cmd/RAK-CYB-2026-001: Technical case study of a 600+ day sophisticated Android RAT campaign involving DSU/GSI…
Technical case study of a 600+ day sophisticated Android RAT campaign involving DSU/GSI multi-environment infrastructure, baseband diagnostic exploitation, and cross-border C2 - rabahkhanwork-cmd/R...
C2 Framework
Before
After
Back to Top