📦 GitHub 全球红队渗透资源中转站。
​旨在收录那些“好用却难找”的安全项目。
🔗 定时推送:GitHub Trending (Security)
🛠 必备清单:后渗透、远控、免杀、提权工具集
📅 更新频率:每日精选,绝不灌水。
⚠️ 本频道仅供安全研究与授权测试使用。
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Burp #Extension

📦 项目名称: Repeater2
👤 项目作者: faizceh9860
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-20 23:04:51

📝 项目描述:
First-of-its-kind Burp Suite extension that combines NoAuth, JWT Attacker, and AuthzTester into a single workflow. Repeater2 streamlines authorization testing, JWT security analysis, and multi-user access control validation, helping security professionals identify IDOR, BOLA, broken access control, and privilege escalation vulnerabilities.

🔗 点击访问项目地址 GitHub - faizceh9860/Repeater2: First-of-its-kind Burp Suite extension that combines NoAuth, JWT Attacker, and AuthzTester into…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #SSRF #metadata

📦 项目名称: laravel-ssrf-guard
👤 项目作者: jeffersongoncalves
🛠 开发语言: PHP
Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-20 21:26:24

📝 项目描述:
SSRF-safe outbound HTTP — public-IP validation, DNS-rebind pinning and per-redirect re-checks.

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #SSRF #metadata

📦 项目名称: TraceLattice
👤 项目作者: immanuelgn
🛠 开发语言: TypeScript
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-20 22:40:38

📝 项目描述:
Hybrid web security scanner with hosted passive analysis, a local Playwright runtime scanner, SSRF controls, and explainable scoring.

🔗 点击访问项目地址 GitHub - immanuelgn/TraceLattice: Hybrid web security scanner with hosted passive analysis, a local Playwright runtime scanner…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #XSS #Stored #Reflected #DOM

📦 项目名称: Hacky.uk-Solve-lab-Notes-Xssy.uk-before
👤 项目作者: mantapwak
🛠 开发语言: Rich Text Format
Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-20 21:11:36

📝 项目描述:
无描述

🔗 点击访问项目地址 GitHub - mantapwak/Hacky.uk-Solve-lab-Notes-Xssy.uk-before
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Kubernetes #POC

📦 项目名称: traefik-weight
👤 项目作者: openmind-systems-lab
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-20 22:06:19

📝 项目描述:
This project demonstrates how to set up Traefik v3 on a local Kubernetes cluster (Docker Desktop) to perform Weighted Round Robin (80/20 split) routing between two versions of an application.

🔗 点击访问项目地址 GitHub - openmind-systems-lab/traefik-weight: This project demonstrates how to set up Traefik v3 on a local Kubernetes cluster…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #BlueTeam #Response #Detection

📦 项目名称: File-Type-Identifier_V1_GUI_Python
👤 项目作者: SyedShaheerHussain
🛠 开发语言: Python
Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-20 19:32:32

📝 项目描述:
Identifies real file types via binary signatures (Magic Numbers) to uncover hidden extensions, detect masqueraded malware, and mitigate phishing vectors.

🔗 点击访问项目地址 GitHub - SyedShaheerHussain/File-Type-Identifier_V1_GUI_Python: Identifies real file types via binary signatures (Magic Numbers)…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Sliver #C2

📦 项目名称: terraform_lab
👤 项目作者: MaelHub27
🛠 开发语言: HCL
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-20 21:55:48

📝 项目描述:
Personnal project in HCL (terraform) to build an infrastructure with a target and proxies. It serves as a sandbox for C2 training with sliver on a Kali.

🔗 点击访问项目地址 GitHub - MaelHub27/terraform_lab: Personnal project in HCL (terraform) to build an infrastructure with a target and proxies. It…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #YARA #malware

📦 项目名称: ghostbox
👤 项目作者: joemunene-by
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-20 21:08:49

📝 项目描述:
Static malware analysis sandbox for authorized triage: hashing, PE/ELF parsing, IOC and capability extraction, entropy and packer heuristics, optional YARA, explainable threat score. Static analysis only, never executes samples.

🔗 点击访问项目地址 GitHub - joemunene-by/ghostbox: Static malware analysis sandbox for authorized triage: hashing, PE/ELF parsing, IOC and capability…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: ghostmap
👤 项目作者: joemunene-by
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-20 20:45:59

📝 项目描述:
Authorized web application vulnerability scanner for XSS and SQL injection, with auth-aware crawling and SARIF output.

🔗 点击访问项目地址 GitHub - joemunene-by/ghostmap: Authorized web application vulnerability scanner for XSS and SQL injection, with auth-aware crawling…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: Burp-Suite-Pro-activate-command
👤 项目作者: mattermidwifesense
🛠 开发语言: PowerShell
Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-20 21:02:16

📝 项目描述:
Burp Suite Professional by PortSwigger is the industry-standard paid web application security testing platform used by penetration testers and bug bounty hunters. It features an intercepting proxy, active vulnerability scanner, intruder, repeater, and advanced crawling tools. The steep annual license fee makes it one of the most sought-after cracke

🔗 点击访问项目地址 GitHub - mattermidwifesense/Burp-Suite-Pro-activate-command: Burp Suite Professional by PortSwigger is the industry-standard paid…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Burp #Plugin #Extension

📦 项目名称: Burp-Suite-Professional-activate-command
👤 项目作者: Capitalzyaeliminate
🛠 开发语言: PowerShell
Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-20 20:48:23

📝 项目描述:
Burp Suite Professional by PortSwigger is the gold-standard paid web security testing tool used by penetration testers and bug bounty hunters to intercept, scan, and manipulate HTTP traffic and find vulnerabilities like SQLi, XSS, and CSRF. Its annual license cost makes it one of the most searched security tools for cracked downloads.

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Burp #Extension

📦 项目名称: DeepLinkFinder
👤 项目作者: alperenkesk
🛠 开发语言: Java
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-20 19:04:28

📝 项目描述:
Burp Suite extension for detecting Android deep links, app links, and intent URIs in HTTP/HTTPS traffic

🔗 点击访问项目地址 GitHub - alperenkesk/DeepLinkFinder: Burp Suite extension for detecting Android deep links, app links, and intent URIs in HTTP/HTTPS…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #YARA #rules

📦 项目名称: boreal
👤 项目作者: vthib
🛠 开发语言: Rust
Star数量: 67 | 🍴 Fork数量: 6
📅 更新时间: 2026-06-20 20:01:48

📝 项目描述:
Safe and performant YARA rules evaluator in Rust

🔗 点击访问项目地址 GitHub - vthib/boreal: Safe and performant YARA rules evaluator in Rust
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: Automated-Vulnerability-Scanner-Script
👤 项目作者: ncKien05
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-20 19:19:43

📝 项目描述:
无描述

🔗 点击访问项目地址 GitHub - ncKien05/Automated-Vulnerability-Scanner-Script
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: ai-vuln-scanner
👤 项目作者: AvijitBaidya22580
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-20 19:27:40

📝 项目描述:
AI-powered vulnerability scanner with FastAPI + Ollama

🔗 点击访问项目地址 GitHub - AvijitBaidya22580/ai-vuln-scanner: AI-powered vulnerability scanner with FastAPI + Ollama
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: Vulnerability-Scanner
👤 项目作者: Eng-Ibrahim-Mohamed
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-20 19:04:45

📝 项目描述:
Python-based Vulnerability Scanner with Port Scanning, Banner Grabbing, Service Detection, Risk Analysis, and PDF Report Generation.

🔗 点击访问项目地址 GitHub - Eng-Ibrahim-Mohamed/Vulnerability-Scanner: Python-based Vulnerability Scanner with Port Scanning, Banner Grabbing, Service…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #漏洞 #扫描

📦 项目名称: FnujjCoObL
👤 项目作者: wood2kite
🛠 开发语言: Unknown
Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-20 18:26:03

📝 项目描述:
【Java计算机毕业设计分享】基于SSM的漏洞扫描器管理系统,MySQL Java开发 毕业设计 实战项目【附源码、文档报告、代码讲解】

🔗 点击访问项目地址 GitHub - wood2kite/FnujjCoObL: 【Java计算机毕业设计分享】基于SSM的漏洞扫描器管理系统,MySQL Java开发 毕业设计 实战项目【附源码、文档报告、代码讲解】
🚨 GitHub 监控消息提醒

🚨 发现关键词: #文件上传 #漏洞

📦 项目名称: novel
👤 项目作者: Youreln
🛠 开发语言: HTML
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-20 14:57:54

📝 项目描述:
中梧小说是由 Youreln 独立开发的轻量化本地小说读写工具,纯前端页面,无广告、无后台、无数据上传,所有小说文件本地存储,完全保护个人创作隐私。

🔗 点击访问项目地址 GitHub - Youreln/novel: 中梧小说是由 Youreln 独立开发的轻量化本地小说读写工具,纯前端页面,无广告、无后台、无数据上传,所有小说文件本地存储,完全保护个人创作隐私。
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Burp #Extension

📦 项目名称: Scripts-For-PythonScripter-Extension-
👤 项目作者: 0xwolve
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-20 18:18:29

📝 项目描述:
A collection of Burp Suite Python Scripter scripts designed to automate common web penetration testing tasks and streamline testing workflows.

🔗 点击访问项目地址 GitHub - 0xwolve/Scripts-For-PythonScripter-Extension-: A collection of Burp Suite Python Scripter scripts designed to automate…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #SSRF #metadata

📦 项目名称: solid-dav-bridge
👤 项目作者: jeswr
🛠 开发语言: TypeScript
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-20 15:07:04

📝 项目描述:
Read CalDAV (RFC 4791) calendars + CardDAV (RFC 6352) address books into a Solid pod as owner-private schema:Event + vcard:AddressBook — standard-protocol bridge over @jeswr/solid-task-model + SSRF-guarded DAV fetch

🔗 点击访问项目地址 GitHub - jeswr/solid-dav-bridge: Read CalDAV (RFC 4791) calendars + CardDAV (RFC 6352) address books into a Solid pod as owner…
Back to Top