📦 GitHub 全球红队渗透资源中转站。
​旨在收录那些“好用却难找”的安全项目。
🔗 定时推送:GitHub Trending (Security)
🛠 必备清单:后渗透、远控、免杀、提权工具集
📅 更新频率:每日精选,绝不灌水。
⚠️ 本频道仅供安全研究与授权测试使用。
🚨 GitHub 监控消息提醒

🚨 发现关键词: #漏洞 #扫描

📦 项目名称: cm-VulnScanner
👤 项目作者: 2580369ll
🛠 开发语言: Python
Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-19 17:03:18

📝 项目描述:
漏洞扫描

🔗 点击访问项目地址
GitHub
GitHub - 2580369ll/cm-VulnScanner: 漏洞扫描
漏洞扫描. Contribute to 2580369ll/cm-VulnScanner development by creating an account on GitHub.
漏洞 扫描
🚨 GitHub 监控消息提醒

🚨 发现关键词: #C2 #Framework #Command and Control

📦 项目名称: crystal-c2
👤 项目作者: CrystalC2
🛠 开发语言: C#
Star数量: 4 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-19 16:47:55

📝 项目描述:
Command and control framework

🔗 点击访问项目地址
GitHub
GitHub - CrystalC2/crystal-c2: Command and control framework
GitHub - CrystalC2/crystal-c2: Command and control framework
Command and control framework. Contribute to CrystalC2/crystal-c2 development by creating an account on GitHub.
C2 Framework Command
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: SecureGate-AI
👤 项目作者: DevOps-Capstones
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-19 16:30:42

📝 项目描述:
Container Image Vulnerability Scanner with Reporting

🔗 点击访问项目地址
GitHub
GitHub - DevOps-Capstones/SecureGate-AI: Container Image Vulnerability Scanner with Reporting
Container Image Vulnerability Scanner with Reporting - DevOps-Capstones/SecureGate-AI
Vulnerability
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: web-shield-analyzer
👤 项目作者: etlevakoci
🛠 开发语言: Java
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-19 16:49:08

📝 项目描述:
A Java-based automated web vulnerability scanner and security analyzer that evaluates target URLs for configuration flaws, missing headers, and common vulnerabilities.

🔗 点击访问项目地址
GitHub
GitHub - etlevakoci/web-shield-analyzer: A Java-based automated web vulnerability scanner and security analyzer that evaluates…
GitHub - etlevakoci/web-shield-analyzer: A Java-based automated web vulnerability scanner and security analyzer that evaluates…
A Java-based automated web vulnerability scanner and security analyzer that evaluates target URLs for configuration flaws, missing headers, and common vulnerabilities. - etlevakoci/web-shield-analyzer
Vulnerability
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Shellcode #Loader #Execute

📦 项目名称: ShellcodeGenerator
👤 项目作者: n0bele
🛠 开发语言: C++
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-19 16:20:15

📝 项目描述:
Shellcode Generator

🔗 点击访问项目地址
GitHub
GitHub - n0bele/ShellcodeGenerator: Shellcode Generator
GitHub - n0bele/ShellcodeGenerator: Shellcode Generator
Shellcode Generator. Contribute to n0bele/ShellcodeGenerator development by creating an account on GitHub.
Shellcode Loader Execute
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Burp #Extension

📦 项目名称: EvidenceCreator
👤 项目作者: charnyladaro
🛠 开发语言: Python
Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-19 14:19:00

📝 项目描述:
Burp Suite extension (Jython) for SQL injection testing and CSRF verification with automatic, file-based evidence collection.

🔗 点击访问项目地址
GitHub
GitHub - charnyladaro/EvidenceCreator: Burp Suite extension (Jython) for SQL injection testing and CSRF verification with automatic…
Burp Suite extension (Jython) for SQL injection testing and CSRF verification with automatic, file-based evidence collection. - charnyladaro/EvidenceCreator
Burp Extension
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Burp #Extension

📦 项目名称: SelectHue
👤 项目作者: evenmonk
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-19 15:01:59

📝 项目描述:
A Burp Suite extension for customizing the text selection background color used in Burp message editors.

🔗 点击访问项目地址
GitHub
evenmonk/SelectHue
evenmonk/SelectHue
A Burp Suite extension for customizing the text selection background color used in Burp message editors. - evenmonk/SelectHue
Burp Extension
🚨 GitHub 监控消息提醒

🚨 发现关键词: #CVE-2026 #POC

📦 项目名称: CVE-2026-54761-poc
👤 项目作者: Saku0512
🛠 开发语言: Shell
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-19 13:38:56

📝 项目描述:
无描述

🔗 点击访问项目地址
GitHub
GitHub - Saku0512/CVE-2026-54761-poc
GitHub - Saku0512/CVE-2026-54761-poc
Contribute to Saku0512/CVE-2026-54761-poc development by creating an account on GitHub.
CVE POC
🚨 GitHub 监控消息提醒

🚨 发现关键词: #SSRF #metadata

📦 项目名称: async-document-processing
👤 项目作者: varun-2595
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-19 13:51:59

📝 项目描述:
Production-shaped async medical document ingestion service — FastAPI + Celery + PostgreSQL + Redis, hexagonal architecture, at-least-once delivery with exponential backoff, API-key auth, structured JSON logging, and SSRF hardening.

🔗 点击访问项目地址
GitHub
GitHub - varun-2595/async-document-processing: Production-shaped async medical document ingestion service — FastAPI + Celery +…
Production-shaped async medical document ingestion service — FastAPI + Celery + PostgreSQL + Redis, hexagonal architecture, at-least-once delivery with exponential backoff, API-key auth, structured...
SSRF metadata
🚨 GitHub 监控消息提醒

🚨 发现关键词: #SSRF #metadata

📦 项目名称: Sentinel
👤 项目作者: arkanzasfeziii
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-19 13:58:23

📝 项目描述:
Offensive web and API attack framework — fingerprinting, SSRF to cloud metadata, IDOR enumeration, JWT/OAuth attacks, SQL/NoSQL/SSTI injection, and GraphQL exploitation.

🔗 点击访问项目地址
GitHub
GitHub - arkanzasfeziii/Sentinel: Offensive web and API attack framework — fingerprinting, SSRF to cloud metadata, IDOR enumeration…
Offensive web and API attack framework — fingerprinting, SSRF to cloud metadata, IDOR enumeration, JWT/OAuth attacks, SQL/NoSQL/SSTI injection, and GraphQL exploitation. - arkanzasfeziii/Sentinel
SSRF metadata
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Bypass #UAC

📦 项目名称: Win-PrivEsc
👤 项目作者: PEDRO00100
🛠 开发语言: PowerShell
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-19 14:05:41

📝 项目描述:
PowerShell toolkit for Windows research and privilege escalation testing. Contains UAC bypass techniques, persistence mechanisms, and automated testing scripts.

🔗 点击访问项目地址
GitHub
GitHub - PEDRO00100/Win-PrivEsc: PowerShell toolkit for Windows research and privilege escalation testing. Contains UAC bypass…
GitHub - PEDRO00100/Win-PrivEsc: PowerShell toolkit for Windows research and privilege escalation testing. Contains UAC bypass…
PowerShell toolkit for Windows research and privilege escalation testing. Contains UAC bypass techniques, persistence mechanisms, and automated testing scripts. - PEDRO00100/Win-PrivEsc
Bypass UAC
🚨 GitHub 监控消息提醒

🚨 发现关键词: #YARA #malware

📦 项目名称: DeNuitkanizator
👤 项目作者: 2M12
🛠 开发语言: Python
Star数量: 11 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-19 13:44:10

📝 项目描述:
Nuitka Assembly analyzer (as well as PyInstaller and other packagers) and native exe-files for extracting metadata, strings, modules, and structures from compiled ones.exe files. It is not a decompiler - it does not restore the source code.

🔗 点击访问项目地址
GitHub
GitHub - 2M12/DeNuitkanizator: Анализатор Nuitka-сборок (а также PyInstaller и другие упаковщики) для извлечения метаданных, строк…
Анализатор Nuitka-сборок (а также PyInstaller и другие упаковщики) для извлечения метаданных, строк, модулей и структуры из скомпилированных .exe файлов. Не декомпилятор - не восстанавливает исходн...
YARA malware
🚨 GitHub 监控消息提醒

🚨 发现关键词: #CVE-2026 #Exploit

📦 项目名称: CVE-2026-39259
👤 项目作者: yousif-IQ
🛠 开发语言: Unknown
Star数量: 2 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-19 13:46:24

📝 项目描述:
CVE-2026-39259

🔗 点击访问项目地址
GitHub
GitHub - yousif-IQ/CVE-2026-39259: CVE-2026-39259
GitHub - yousif-IQ/CVE-2026-39259: CVE-2026-39259
CVE-2026-39259. Contribute to yousif-IQ/CVE-2026-39259 development by creating an account on GitHub.
CVE Exploit
🚨 GitHub 监控消息提醒

🚨 发现关键词: #CVE-2026 #POC #Exploit

📦 项目名称: CVE-2026-11784-Optimole-CSRF
👤 项目作者: AlexMihailEngineer
🛠 开发语言: HTML
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-19 13:51:57

📝 项目描述:
无描述

🔗 点击访问项目地址
GitHub
AlexMihailEngineer/CVE-2026-11784-Optimole-CSRF
Contribute to AlexMihailEngineer/CVE-2026-11784-Optimole-CSRF development by creating an account on GitHub.
CVE POC Exploit
🚨 GitHub 监控消息提醒

🚨 发现关键词: #YARA #malware

📦 项目名称: Windows-Forensics-Tool
👤 项目作者: vminkook028
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-19 12:41:28

📝 项目描述:
A Windows digital forensics and malware assessment tool — collects system artifacts (processes, persistence, registry, network), analyzes for IOCs/YARA matches, and generates HTML/JSON/PDF case reports.

🔗 点击访问项目地址
GitHub
GitHub - vminkook028/Windows-Forensics-Tool: A Windows digital forensics and malware assessment tool — collects system artifacts…
GitHub - vminkook028/Windows-Forensics-Tool: A Windows digital forensics and malware assessment tool — collects system artifacts…
A Windows digital forensics and malware assessment tool — collects system artifacts (processes, persistence, registry, network), analyzes for IOCs/YARA matches, and generates HTML/JSON/PDF case rep...
YARA malware
🚨 GitHub 监控消息提醒

🚨 发现关键词: #CVE-2026 #POC

📦 项目名称: cve-2026-43515-poc
👤 项目作者: covepseng
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-19 11:08:23

📝 项目描述:
Exploitability PoC for CVE-2026-43515 (Apache Tomcat constraint bypass).

🔗 点击访问项目地址
GitHub
covepseng/cve-2026-43515-poc
covepseng/cve-2026-43515-poc
Exploitability PoC for CVE-2026-43515 (Apache Tomcat constraint bypass). - covepseng/cve-2026-43515-poc
CVE POC
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Nuclei #template

📦 项目名称: phantomred-recon-workflows
👤 项目作者: adityamachiraju4
🛠 开发语言: Shell
Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-19 08:12:47

📝 项目描述:
bug-bounty, recon, subfinder, nuclei, ffuf, penetration-testing, automation, attack-surface, oscp, offensive-security Recon workflow documentation, tool chaining patterns, and attack surface enumeration methodology for bug bounty hunters and pentesters.

🔗 点击访问项目地址
GitHub
GitHub - adityamachiraju4/phantomred-recon-workflows: bug-bounty, recon, subfinder, nuclei, ffuf, penetration-testing, automation…
bug-bounty, recon, subfinder, nuclei, ffuf, penetration-testing, automation, attack-surface, oscp, offensive-security Recon workflow documentation, tool chaining patterns, and attack surface enume...
Nuclei template
🚨 GitHub 监控消息提醒

🚨 发现关键词: #0day #Exploit #POC

📦 项目名称: 0day_scripts
👤 项目作者: 3rdn4Li
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-19 02:52:31

📝 项目描述:
无描述

🔗 点击访问项目地址
GitHub
GitHub - 3rdn4Li/0day_scripts
GitHub - 3rdn4Li/0day_scripts
Contribute to 3rdn4Li/0day_scripts development by creating an account on GitHub.
0day Exploit POC
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Exploit #CVE

📦 项目名称: CVE-Intel
👤 项目作者: yadavnikhil17102004
🛠 开发语言: HTML
Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-19 10:39:34

📝 项目描述:
Native Go engine for automated aggregation, sanitization, and JSON-exporting of global CVE exploit Proof-of-Concepts. Continuously mirrored from the wild

🔗 点击访问项目地址
GitHub
GitHub - yadavnikhil17102004/CVE-Intel: Native Go engine for automated aggregation, sanitization, and JSON-exporting of global…
Native Go engine for automated aggregation, sanitization, and JSON-exporting of global CVE exploit Proof-of-Concepts. Continuously mirrored from the wild - yadavnikhil17102004/CVE-Intel
Exploit CVE
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Exploit #CVE #RCE #POC

📦 项目名称: spellbook
👤 项目作者: htrgouvea
🛠 开发语言: Perl
Star数量: 114 | 🍴 Fork数量: 28
📅 更新时间: 2026-06-19 10:41:22

📝 项目描述:
Framework for rapid development of offensive security tools

🔗 点击访问项目地址
GitHub
GitHub - htrgouvea/spellbook: Framework for rapid development of offensive security tools
GitHub - htrgouvea/spellbook: Framework for rapid development of offensive security tools
Framework for rapid development of offensive security tools - htrgouvea/spellbook
Exploit CVE RCE POC
Before
After
Back to Top