📦 GitHub 全球红队渗透资源中转站。
​旨在收录那些“好用却难找”的安全项目。
🔗 定时推送:GitHub Trending (Security)
🛠 必备清单:后渗透、远控、免杀、提权工具集
📅 更新频率:每日精选,绝不灌水。
⚠️ 本频道仅供安全研究与授权测试使用。
🚨 GitHub 监控消息提醒

🚨 发现关键词: #XSS #Stored

📦 项目名称: BrokenVault
👤 项目作者: YashDahiwlikar914
🛠 开发语言: HTML
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-05 18:00:56

📝 项目描述:
A deliberately vulnerable web app for practicing OWASP attack patterns, built with Node.js, Express, and SQLite. It ships with real SQL injection and stored XSS bugs you can exploit, then flip a runtime flag to see the same routes locked down with parameterized queries, bcrypt, and DOMPurify sanitization.

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Nuclei #templates #CVE

📦 项目名称: snitch
👤 项目作者: n4uu
🛠 开发语言: Go
Star数量: 2 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-05 16:57:29

📝 项目描述:
Single static-binary recon orchestrator in Go: chains subfinder, httpx, nmap, nuclei, ffuf, katana + injection testing (dalfox/crlfuzz/sqlmap), with dedup, diff-based webhook alerts, an interactive TUI and JSON/CSV/SARIF export.

🔗 点击访问项目地址 GitHub - n4uu/snitch: Single static-binary recon orchestrator in Go: chains subfinder, httpx, nmap, nuclei, ffuf, katana + injection…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: Advanced-Vulnerability-Scanner
👤 项目作者: SAURABH8064
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-05 16:55:27

📝 项目描述:
Advanced Python-based Vulnerability Scanner with Port Scanning, Risk Analysis, PDF/CSV Reports, and GUI for Cyber Security Learning.

🔗 点击访问项目地址 GitHub - SAURABH8064/Advanced-Vulnerability-Scanner: Advanced Python-based Vulnerability Scanner with Port Scanning, Risk Analysis…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: Web-Application-Vulnerability-Scanner
👤 项目作者: vanshyadav-coder
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-05 16:58:07

📝 项目描述:
Cyber security

🔗 点击访问项目地址 GitHub - vanshyadav-coder/Web-Application-Vulnerability-Scanner: Cyber security
🚨 GitHub 监控消息提醒

🚨 发现关键词: #CVE-2026 #POC

📦 项目名称: CVE-2026-22874-PoC
👤 项目作者: Eliot-code
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-05 16:38:23

📝 项目描述:
无描述

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Exploit #POC

📦 项目名称: pi-xpi
👤 项目作者: x4cc3
🛠 开发语言: TypeScript
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-05 16:03:34

📝 项目描述:
XPI — offensive security tools for Pi Agent: casefile, exploit search, web lookup, code intelligence, todo tracker

🔗 点击访问项目地址 GitHub - x4cc3/pi-xpi: XPI — offensive security tools for Pi Agent: casefile, exploit search, web lookup, code intelligence, todo…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #C2 #Framework

📦 项目名称: endgame
👤 项目作者: endgamec2framework
🛠 开发语言: C
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-05 15:58:48

📝 项目描述:
ENDGAME C2 Framework — Advanced Red Team Command & Control

🔗 点击访问项目地址 GitHub - endgamec2framework/endgame: ENDGAME C2 Framework — Advanced Red Team Command & Control
🚨 GitHub 监控消息提醒

🚨 发现关键词: #SSRF #CVE

📦 项目名称: Blind-SSRF-to-Remote-Code-Execution-Shellshock-Professional-Bug-Bounty-Report
👤 项目作者: cyberexpert111
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-05 15:40:49

📝 项目描述:
This repository contains a professional bug bounty report demonstrating the successful exploitation of a Blind SSRF vulnerability that reached an internal CGI endpoint vulnerable to Shellshock (CVE-2014-6271). Remote command execution was confirmed using an out-of-band (OAST) DNS callback, showcasing the complete attack chain, technical analysis.

🔗 点击访问项目地址 GitHub - cyberexpert111/Blind-SSRF-to-Remote-Code-Execution-Shellshock-Professional-Bug-Bounty-Report: This repository contains…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #CVE-2026 #POC

📦 项目名称: CVE-2026-20896
👤 项目作者: rz1027
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-05 15:52:46

📝 项目描述:
Public PoC and detector for CVE-2026-20896 ("Gitea Docker: One Header, Any User")

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #XSS #POC

📦 项目名称: cpm-koodo-poc
👤 项目作者: Honeymalik007
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-05 14:28:18

📝 项目描述:
CPM vulnerability PoC hosting for koodo-reader XSS research (JHU EN.601.641)

🔗 点击访问项目地址 GitHub - Honeymalik007/cpm-koodo-poc: CPM vulnerability PoC hosting for koodo-reader XSS research (JHU EN.601.641)
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: Vulnerability-Scanner
👤 项目作者: Nicconcello
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-05 14:57:04

📝 项目描述:
Un vulnerability scanner scritto in Python per l'analisi automatizzata di applicazioni web.

🔗 点击访问项目地址 GitHub - Nicconcello/Vulnerability-Scanner: Un vulnerability scanner scritto in Python per l'analisi automatizzata di applicazioni…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #CVE-2026 #POC

📦 项目名称: CVE-2026-10104-POC
👤 项目作者: Ravi-lk
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-05 14:49:11

📝 项目描述:
Product Video Gallery for Woocommerce <= 1.5.1.8 - Authenticated Stored Cross-Site Scripting Proof of Concept

🔗 点击访问项目地址 GitHub - Ravi-lk/CVE-2026-10104-POC: Product Video Gallery for Woocommerce <= 1.5.1.8 - Authenticated Stored Cross-Site Scripting…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: DORM
👤 项目作者: MrEx-Right
🛠 开发语言: Go
Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-05 13:57:01

📝 项目描述:
Modern, High-Performance Vulnerability Scanner. Features: Spider Crawler, Chaos Fuzzer, and RAM-based Exploit-DB integration.

🔗 点击访问项目地址 GitHub - MrEx-Right/DORM: Modern, High-Performance Vulnerability Scanner. Features: Spider Crawler, Chaos Fuzzer, and RAM-based…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #XSS #Stored #Reflected

📦 项目名称: mtech-internship-week1-xss
👤 项目作者: adan-fatima1
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-05 13:35:43

📝 项目描述:
Week 1 – Cybersecurity Internship task: hands-on Reflected & Stored XSS exploitation using PortSwigger Web Security Academy (legal, sandboxed labs).

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #XSS #CVE

📦 项目名称: asdsadsadasdasdsadsad
👤 项目作者: frada321
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-05 12:56:01

📝 项目描述:
 CVE-2026-49049 - Unauthenticated File Deletion, Arbitrary Write & XSS Injection for Helix3 Joomla Extension

🔗 点击访问项目地址 GitHub - frada321/asdsadsadasdasdsadsad:  CVE-2026-49049 - Unauthenticated File Deletion, Arbitrary Write & XSS Injection for Helix3…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: ai-vulnerability-scanner
👤 项目作者: Root-Aamir
🛠 开发语言: Python
Star数量: 1 | 🍴 Fork数量: 1
📅 更新时间: 2026-07-05 12:43:58

📝 项目描述:
"A next-gen AI-powered vulnerability scanner that detects security flaws in real-time using Gemini 1.5 Flash. Features a War-Room dashboard, Breach Simulator, and a brutal AI 'Roast Mode'."

🔗 点击访问项目地址 GitHub - Root-Aamir/ai-vulnerability-scanner:
🚨 GitHub 监控消息提醒

🚨 发现关键词: #C2 #Framework #Command and Control

📦 项目名称: Nagomio-C2
👤 项目作者: itsnold
🛠 开发语言: C++
Star数量: 2 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-05 12:03:10

📝 项目描述:
A Command and Control Framework to be released for Ubuntu 20.04/22.04

🔗 点击访问项目地址 GitHub - itsnold/Nagomio-C2: A Command and Control Framework to be released for Ubuntu 20.04/22.04
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Exploit #CVE

📦 项目名称: Celsius
👤 项目作者: supamanluva
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-05 12:03:05

📝 项目描述:
Local AI-augmented offensive-security scanner: attack surface, CVE+exploitability, client-side intel, lab-mode verification, exploit-chain correlation. Authorization-gated.

🔗 点击访问项目地址 GitHub - supamanluva/Celsius: Local AI-augmented offensive-security scanner: attack surface, CVE+exploitability, client-side intel…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Bypass #Sandbox

📦 项目名称: macdbg
👤 项目作者: MZHeader
🛠 开发语言: Python
Star数量: 2 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-05 12:01:49

📝 项目描述:
Debugger for macOS. Multi-pane TUI wrapping lldb: syscall/network tracer, anti-debug bypass, memory search. For reverse engineers and malware analysts. x64dbg-alternative for Apple Silicon.

🔗 点击访问项目地址 GitHub - MZHeader/macdbg: Debugger for macOS. Multi-pane TUI wrapping lldb: syscall/network tracer, anti-debug bypass, memory search.…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #YARA #rules #malware

📦 项目名称: Praxion.
👤 项目作者: praxezz
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-05 11:59:23

📝 项目描述:
Praxion — Cross-platform USB malware scanner that auto-detects removable drives, scans files with YARA rules, PE/ELF/Mach-O analysis, ClamAV, and VirusTotal, then quarantines threats automatically.

🔗 点击访问项目地址 GitHub - praxezz/Praxion.: Praxion — Cross-platform USB malware scanner that auto-detects removable drives, scans files with YARA…
Back to Top