📦 GitHub 全球红队渗透资源中转站。
​旨在收录那些“好用却难找”的安全项目。
🔗 定时推送:GitHub Trending (Security)
🛠 必备清单:后渗透、远控、免杀、提权工具集
📅 更新频率:每日精选,绝不灌水。
⚠️ 本频道仅供安全研究与授权测试使用。
🚨 GitHub 监控消息提醒

🚨 发现关键词: #YARA #rules

📦 项目名称: IDS-with-Quantum-Safe-Digital-Forensics
👤 项目作者: Sanchay0123
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-13 21:19:35

📝 项目描述:
SENTINEL_QS is a high-velocity, multi-layered Intrusion Detection System (IDS) architected for modern Linux environments. It combines the deterministic precision of native C-compiled YARA rules with unsupervised machine learning and Shannon entropy analysis, providing post quantum cryptography

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #CVE-2026 #Exploit #RCE

📦 项目名称: KrayinCRM-RCE-Exploit-CVE-2026-38526
👤 项目作者: CerberusMrXi
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-13 21:44:23

📝 项目描述:
CVE-2026-38526 exploit for Krayin CRM v2.2.x - Authenticated RCE via TinyMCE file upload bypass. Features interactive shell, multi-type payloads, auto shell generation, and verification. Author: Sudeepa Wanigarathna. For authorized testing only.

🔗 点击访问项目地址 GitHub - CerberusMrXi/KrayinCRM-RCE-Exploit-CVE-2026-38526: CVE-2026-38526 exploit for Krayin CRM v2.2.x - Authenticated RCE via…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #POC #CVE

📦 项目名称: CVE-Labs-2025-2026
👤 项目作者: diedromeo
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-13 21:04:04

📝 项目描述:
Educational, Dockerized reproductions of publicly disclosed 2025-2026 CVEs: root-cause analysis, attack flows, PoCs, detections, and patch analysis.

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Bypass #Sandbox

📦 项目名称: glyph-studio-legacy-bypass
👤 项目作者: lijefrp-ops
🛠 开发语言: HTML
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-13 21:04:22

📝 项目描述:
Glyphs 3 Pro with Lifetime Access 2026 Best Typography Toolkit

🔗 点击访问项目地址 GitHub - lijefrp-ops/glyph-studio-legacy-bypass: Glyphs 3 Pro with Lifetime Access 2026 Best Typography Toolkit
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Exploit #RCE

📦 项目名称: nginx-http-shield-module
👤 项目作者: myguard-labs
🛠 开发语言: C
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-13 21:02:42

📝 项目描述:
nginx module blocking exploitation of long-patched web vulns (SQLi, Log4Shell, Shellshock, traversal, RCE chains). Not a WAF -- a near-zero-FP legacy-exploit floor.

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #SSRF #metadata

📦 项目名称: plexicus-qa-a10-ssrf
👤 项目作者: plexicus-qa
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-13 17:54:12

📝 项目描述:
OWASP A10:2025 - Server-Side Request Forgery (SSRF): Test repo with intentionally vulnerable code for security scanning

🔗 点击访问项目地址 GitHub - plexicus-qa/plexicus-qa-a10-ssrf: OWASP A10:2025 - Server-Side Request Forgery (SSRF): Test repo with intentionally vulnerable…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #SSRF #metadata

📦 项目名称: SSRF
👤 项目作者: AdityaBhatt3010
🛠 开发语言: Unknown
Star数量: 2 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-13 19:24:04

📝 项目描述:
SSRF, Server-Side Request Forgery: Exploiting a vulnerable avatar fetching feature using directory traversal to force the server to access an internal /private endpoint and retrieve a base64-encoded flag.

🔗 点击访问项目地址 GitHub - AdityaBhatt3010/SSRF: SSRF, Server-Side Request Forgery: Exploiting a vulnerable avatar fetching feature using directory…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #XSS #Reflected

📦 项目名称: DVWA-Web-Application-Penetration-Testing-Lab-SQL-Injection-XSS-Burp-Suite-Directory-Enumeration
👤 项目作者: RItu-Lokhande
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-13 20:04:29

📝 项目描述:
Performed a comprehensive web application penetration test on DVWA using Kali Linux. Demonstrated SQL Injection, Reflected XSS, directory enumeration with Dirsearch, and HTTP request interception using Burp Suite. Includes methodology, screenshots, findings, risk assessment, remediation, and a professional penetration testing report.

🔗 点击访问项目地址 RItu-Lokhande/DVWA-Web-Application-Penetration-Testing-Lab-SQL-Injection-XSS-Burp-Suite-Directory-Enumeration
🚨 GitHub 监控消息提醒

🚨 发现关键词: #CVE-2026 #RCE

📦 项目名称: CVE-2026-49049
👤 项目作者: ExDev994
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-13 19:56:12

📝 项目描述:
CVE-2026-49049 Helix3 (JoomShaper) Joomla Unauthenticated AJAX RCE Scanner

🔗 点击访问项目地址 GitHub - ExDev994/CVE-2026-49049: CVE-2026-49049 Helix3 (JoomShaper) Joomla Unauthenticated AJAX RCE Scanner
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: network-vulnerability-scanner
👤 项目作者: vrv305
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-13 18:48:58

📝 项目描述:
network-vulnerability-scanner

🔗 点击访问项目地址 GitHub - vrv305/network-vulnerability-scanner: network-vulnerability-scanner
🚨 GitHub 监控消息提醒

🚨 发现关键词: #RCE #CVE

📦 项目名称: CVE-2026-46456
👤 项目作者: oscerd
🛠 开发语言: Java
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-13 19:02:16

📝 项目描述:
Reproducer for CVE-2026-46456 — Apache Camel camel-aws2-sqs inbound message-attribute header injection (Camel control-header injection via sqs:SendMessage → downstream producer steering / RCE)

🔗 点击访问项目地址 GitHub - oscerd/CVE-2026-46456: Reproducer for CVE-2026-46456 — Apache Camel camel-aws2-sqs inbound message-attribute header injection…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #BlueTeam #Response

📦 项目名称: SimpleImager
👤 项目作者: QXJ6YW4
🛠 开发语言: Batchfile
Star数量: 31 | 🍴 Fork数量: 4
📅 更新时间: 2026-07-13 18:00:46

📝 项目描述:
Simple Imager has been created for performing live acquisition of Windows based systems in a forensically sound manner

🔗 点击访问项目地址 GitHub - QXJ6YW4/SimpleImager: Simple Imager has been created for performing live acquisition of Windows based systems in a forensically…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Burp #Extension

📦 项目名称: ghost-tunnel-community
👤 项目作者: NeuralGh0st
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-13 17:32:08

📝 项目描述:
Advanced Burp Suite extension built on Montoya API for real-time binary stream analysis and GZIP decompression. By NeuralGhost.

🔗 点击访问项目地址 GitHub - NeuralGh0st/ghost-tunnel-community: Advanced Burp Suite extension built on Montoya API for real-time binary stream analysis…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #0day #POC

📦 项目名称: front-run_0day
👤 项目作者: HUODONGREN
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-13 14:22:16

📝 项目描述:
For security reasons, we disclose contracts that may be vulnerable to front-running exploits.

🔗 点击访问项目地址 GitHub - HUODONGREN/front-run_0day: For security reasons, we disclose contracts that may be vulnerable to front-running exploits.
🚨 GitHub 监控消息提醒

🚨 发现关键词: #渗透测试 #漏洞

📦 项目名称: LnaLkIxuoY
👤 项目作者: cauwen
🛠 开发语言: Unknown
Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-13 16:18:58

📝 项目描述:
【Java计算机毕业设计分享】基于Jboss的渗透测试管理系统,MySQL Java开发 毕业设计 实战项目【附源码、文档报告、代码讲解】

🔗 点击访问项目地址 GitHub - cauwen/LnaLkIxuoY: 【Java计算机毕业设计分享】基于Jboss的渗透测试管理系统,MySQL Java开发 毕业设计 实战项目【附源码、文档报告、代码讲解】
🚨 GitHub 监控消息提醒

🚨 发现关键词: #渗透测试 #漏洞

📦 项目名称: UbrxxpZlqM
👤 项目作者: hartlez022
🛠 开发语言: Unknown
Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-13 16:48:17

📝 项目描述:
【Python计算机毕业设计分享】基于Python的Web安全渗透测试系统,MySQL Python开发 毕业设计 实战项目【附源码、文档报告、代码讲解】

🔗 点击访问项目地址 GitHub - hartlez022/UbrxxpZlqM: 【Python计算机毕业设计分享】基于Python的Web安全渗透测试系统,MySQL Python开发 毕业设计 实战项目【附源码、文档报告、代码讲解】
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: Vulnerability-Scanner
👤 项目作者: Nayanashree788
🛠 开发语言: JavaScript
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-13 17:34:20

📝 项目描述:
AI-Powered Vulnerability Scanner for detecting web application security risks with an interactive dashboard and real-time analysis

🔗 点击访问项目地址 GitHub - Nayanashree788/Vulnerability-Scanner: AI-Powered Vulnerability Scanner for detecting web application security risks with…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Confluence #POC

📦 项目名称: POC-Pulse
👤 项目作者: mjnazify
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-13 17:52:15

📝 项目描述:
POC Pulse – Market Profile POC with RSI Confluence A TradingView Pine Script (v4) indicator that calculates the Point of Control (POC) from a higher timeframe Market Profile and generates buy/sell signals when price touches a valid POC and the RSI is overbought or oversold.

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: Vulnerability-scanner
👤 项目作者: njambisharon24-ui
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-13 16:57:42

📝 项目描述:
security assessment across CSPM, attack path analysis, vulnerability detection,domain vulnerability assessments, CI/CD pipeline security scanning and threat monitoring.

🔗 点击访问项目地址 GitHub - njambisharon24-ui/Vulnerability-scanner: security assessment across CSPM, attack path analysis, vulnerability detection…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: wpfather
👤 项目作者: ps1-blacklist
🛠 开发语言: Go
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-13 17:01:41

📝 项目描述:
WPFather - WordPress Vulnerability Scanner & Security Recon Tool with 16 Modules | Zero Config Single Binary

🔗 点击访问项目地址 GitHub - ps1-blacklist/wpfather: WPFather - WordPress Vulnerability Scanner & Security Recon Tool with 16 Modules | Zero Config…
Back to Top