📦 GitHub 全球红队渗透资源中转站。
​旨在收录那些“好用却难找”的安全项目。
🔗 定时推送:GitHub Trending (Security)
🛠 必备清单:后渗透、远控、免杀、提权工具集
📅 更新频率:每日精选,绝不灌水。
⚠️ 本频道仅供安全研究与授权测试使用。
🚨 GitHub 监控消息提醒

🚨 发现关键词: #漏洞 #Exploit #RCE #扫描 #利用

📦 项目名称: Python_RCE_DETECT_script
👤 项目作者: JY-666-YINZI
🛠 开发语言: Python
Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-14 06:57:13

📝 项目描述:
🚀 A high-performance, multi-processing RCE scanner & exploit helper written in Python. Specifically designed for fast, concurrent vulnerability scanning in isolated network environments.一款高性能、多进程的RCE扫描器和漏洞利用辅助工具,采用Python编写。专为在隔离网络环境中快速并发进行漏洞扫描而设计。

🔗 点击访问项目地址 GitHub - JY-666-YINZI/Python_RCE_DETECT_script: 🚀 A high-performance, multi-processing RCE scanner & exploit helper written in…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #漏洞 #RCE

📦 项目名称: Python_loadTree_JNDI_script
👤 项目作者: JY-666-YINZI
🛠 开发语言: Python
Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-14 06:57:14

📝 项目描述:
[RCE/JNDI] Improper auth on /loadTree leads to RCE (Requires lower JDK). Legacy vuln, patched in Aug. (EAS also affected via different path). 应用服务器权限验证不当导致 /loadTree 接口存在 JNDI 注入 RCE 漏洞(需低版本 JDK)。历史漏洞,8月已补,EAS 存在同类异轨漏洞。

🔗 点击访问项目地址 GitHub - JY-666-YINZI/Python_loadTree_JNDI_script: Due to improper permission checks on the app server, attackers can trigger JNDI…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: ai-vuln-scanner
👤 项目作者: ayushoj28
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-14 06:50:32

📝 项目描述:
AI-powered Web Vulnerability Scanner using Flask, Machine Learning, and Llama 3.1 for intelligent security analysis and vulnerability detection.

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #C2 #Beacon

📦 项目名称: talon
👤 项目作者: egetones
🛠 开发语言: Makefile
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-14 06:03:41

📝 项目描述:
Talon — Kernel-level mini EDR detecting DKOM hidden modules, syscall table hooks, ptrace injection, and C2 beacon patterns via kallsyms + kprobes + netlink. Built as the defensive counterpart to Titan-Rootkit, Needle, and Vortex-C2.

🔗 点击访问项目地址 GitHub - egetones/talon: Talon — Kernel-level mini EDR detecting DKOM hidden modules, syscall table hooks, ptrace injection, and…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #权限维持 #后门 #持久化

📦 项目名称: Linux-schoolncident-response
👤 项目作者: JY-666-YINZI
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-14 03:49:26

📝 项目描述:
🚨 真实应急响应实战靶场笔记:在极端不出网环境下,通过进程溯源、代码审计,彻底根除 Java 挖矿木马及 crontab/sh 隐藏持久化权限维持后门。

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #XSS #Reflected

📦 项目名称: websentinel
👤 项目作者: Moscvv
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-14 02:54:29

📝 项目描述:
Python CLI scanner that audits web apps against the OWASP Top 10 — security headers, open redirects, SQLi/XSS indicators, CORS misconfig, sensitive file exposure, and more.

🔗 点击访问项目地址 GitHub - Moscvv/websentinel: Python CLI scanner that audits web apps against the OWASP Top 10 — security headers, open redirects…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: Network-Vulnerability-Scanner-Python-Script-
👤 项目作者: sanjeevsrivathsan
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-14 02:36:04

📝 项目描述:
Python-based vulnerability scanner that performs multi-threaded port scanning, banner grabbing, and outdated software detection on network hosts. Also audits web apps for missing security headers, plain-HTTP usage, and exposed paths. Generates severity-ranked TXT/JSON reports. Tested on localhost — found open MS-RPC, SMB, and MySQL ports.

🔗 点击访问项目地址 GitHub - sanjeevsrivathsan/Network-Vulnerability-Scanner-Python-Script-: Python-based vulnerability scanner that performs multi…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Exploit #CVE

📦 项目名称: wp-cve-exploits
👤 项目作者: incogbyte
🛠 开发语言: Python
Star数量: 3 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-14 02:55:16

📝 项目描述:
AI 🤖 automatically generates exploit PoCs for WordPress and WordPress plugins already patched! 🔥🔥🔥

🔗 点击访问项目地址 GitHub - incogbyte/wp-cve-exploits
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Nuclei #templates

📦 项目名称: wp-nuclei-templates
👤 项目作者: pagehafterkjw
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-14 01:18:55

📝 项目描述:
无描述

🔗 点击访问项目地址 GitHub - pagehafterkjw/wp-nuclei-templates
🚨 GitHub 监控消息提醒

🚨 发现关键词: #RCE #CVE #Remote Code Execution

📦 项目名称: DWARCE
👤 项目作者: thezakman
🛠 开发语言: JavaScript
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-14 02:05:19

📝 项目描述:
Days Without And RCE

🔗 点击访问项目地址 GitHub - thezakman/DWARCE: Days Without And RCE
🚨 GitHub 监控消息提醒

🚨 发现关键词: #YARA #rules #malware

📦 项目名称: Yara-malware-detector
👤 项目作者: Mshibe-dotcom
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-14 01:33:37

📝 项目描述:
Beginner YARA Malware Detector with 10 detection rules

🔗 点击访问项目地址 Mshibe-dotcom/Yara-malware-detector
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Exploit #POC

📦 项目名称: rblx-security-poc
👤 项目作者: matheuspessole
🛠 开发语言: Lua
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-14 01:57:31

📝 项目描述:
Repositório de estudo técnico e análise de scripts de exploit para Roblox. Código aberto, sem ofuscação, focado em auditoria de segurança e mecanismos de contra-medidas.

🔗 点击访问项目地址 GitHub - matheuspessole/rblx-security-poc: Repositório de estudo técnico e análise de scripts de exploit para Roblox. Código aberto…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #CVE-2026 #RCE

📦 项目名称: tugtainer-1.30.2-CVE-2026-55494-and-CVE-2026-62308-to-RCE
👤 项目作者: 4qu4r1um
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-14 01:49:06

📝 项目描述:
A combination of CVE-2026-55494 and CVE-2026-62308 to get root privilege RCE in tugtainer

🔗 点击访问项目地址 GitHub - 4qu4r1um/tugtainer-1.30.2-CVE-2026-55494-and-CVE-2026-62308-to-RCE: A combination of CVE-2026-55494 and CVE-2026-62308…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #SSRF #metadata

📦 项目名称: flowrelay
👤 项目作者: maa883151-eng
🛠 开发语言: TypeScript
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-13 22:41:21

📝 项目描述:
Zapier-style webhook connector — declarative field mapping, SSRF-guarded relay, delivery logging

🔗 点击访问项目地址 GitHub - maa883151-eng/flowrelay: Zapier-style webhook connector — declarative field mapping, SSRF-guarded relay, delivery logging
🚨 GitHub 监控消息提醒

🚨 发现关键词: #SSRF #metadata

📦 项目名称: serverless-url-shortener
👤 项目作者: jersonvillamizar214
🛠 开发语言: TypeScript
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-14 00:31:42

📝 项目描述:
Serverless URL shortener on Cloudflare Workers: edge KV lookups, analytics written after the response via ctx.waitUntil(), D1 for aggregations, and SSRF-safe redirect validation.

🔗 点击访问项目地址 GitHub - jersonvillamizar214/serverless-url-shortener: Serverless URL shortener on Cloudflare Workers: edge KV lookups, analytics…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Nuclei #template

📦 项目名称: template-drafts
👤 项目作者: panchiko-p
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-14 00:46:26

📝 项目描述:
A small list of template nuclei drafts.

🔗 点击访问项目地址 GitHub - panchiko-p/template-drafts: A small list of template nuclei drafts.
🚨 GitHub 监控消息提醒

🚨 发现关键词: #YARA #rule

📦 项目名称: DEFEND-yara
👤 项目作者: defend-pippa
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-14 00:51:08

📝 项目描述:
Yara rule repo

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Burp #Extension

📦 项目名称: burpsuite-extension-hub
👤 项目作者: taylordaniel44
🛠 开发语言: HTML
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-13 23:11:43

📝 项目描述:
A curated collection of Burp Suite plugins, extensions, and practical notes for security practitioners and penetration testers, including tools, scripts, and writeups that go beyond the official marketplace.

🔗 点击访问项目地址 GitHub - taylordaniel44/burpsuite-extension-hub: A curated collection of Burp Suite plugins, extensions, and practical notes for…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #CVE-2026 #POC

📦 项目名称: CVE-2026-56291
👤 项目作者: 0xdenis77
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-13 23:08:05

📝 项目描述:
Mendeteksi versi (passive detection) & Exploitation CVE POC

🔗 点击访问项目地址 GitHub - 0xdenis77/CVE-2026-56291: Mendeteksi versi (passive detection) & Exploitation CVE POC
Back to Top