📦 GitHub 全球红队渗透资源中转站。
​旨在收录那些“好用却难找”的安全项目。
🔗 定时推送:GitHub Trending (Security)
🛠 必备清单:后渗透、远控、免杀、提权工具集
📅 更新频率:每日精选,绝不灌水。
⚠️ 本频道仅供安全研究与授权测试使用。
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Bypass #Filter

📦 项目名称: Spark-Mail-Pro-Crack-Download-2026
👤 项目作者: CobblerStronghold81
🛠 开发语言: Scala
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-03 20:01:07

📝 项目描述:
⭐️ Spark-Mail-Pro Download | Email Management Software 2026 | Installer v1.5 | Setup Keygen License Pre-Activated | Full Version Serial | Latest Build Pro Updated | Get Desktop Windows 10/11 PC | Bypass Activation Loader Mod ⭐️

🔗 点击访问项目地址
GitHub
GitHub - CobblerStronghold81/Spark-Mail-Pro-Crack-Download-2026: ⭐️ Spark-Mail-Pro Download | Email Management Software 2026 |…
GitHub - CobblerStronghold81/Spark-Mail-Pro-Crack-Download-2026: ⭐️ Spark-Mail-Pro Download | Email Management Software 2026 |…
⭐️ Spark-Mail-Pro Download | Email Management Software 2026 | Installer v1.5 | Setup Keygen License Pre-Activated | Full Version Serial | Latest Build Pro Updated | Get Desktop Windows 10/11 PC | B...
Bypass Filter
🚨 GitHub 监控消息提醒

🚨 发现关键词: #RedTeam #Tools

📦 项目名称: LitterBox
👤 项目作者: BlackSnufkin
🛠 开发语言: YARA
Star数量: 1368 | 🍴 Fork数量: 155
📅 更新时间: 2026-05-03 19:59:55

📝 项目描述:
A secure sandbox environment for malware developers and red teamers to test payloads against detection mechanisms before deployment. Integrates with LLM agents via MCP for enhanced analysis capabilities.

🔗 点击访问项目地址
GitHub
GitHub - BlackSnufkin/LitterBox: A self-hosted sandbox for red teams to test payloads against modern detection before deployment.…
GitHub - BlackSnufkin/LitterBox: A self-hosted sandbox for red teams to test payloads against modern detection before deployment.…
A self-hosted sandbox for red teams to test payloads against modern detection before deployment. MCP integration lets an LLM agent drive analysis end to end. - BlackSnufkin/LitterBox
RedTeam Tools
🚨 GitHub 监控消息提醒

🚨 发现关键词: #CVE-2026

📦 项目名称: CopyFail-for-dummies
👤 项目作者: ChernStepanov
🛠 开发语言: C++
Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-03 19:57:38

📝 项目描述:
A tiny explanation + PoC for CVE-2026-31431

🔗 点击访问项目地址
GitHub
GitHub - ChernStepanov/CopyFail-for-dummies: A tiny explanation + PoC for CVE-2026-31431
A tiny explanation + PoC for CVE-2026-31431. Contribute to ChernStepanov/CopyFail-for-dummies development by creating an account on GitHub.
CVE
🚨 GitHub 监控消息提醒

🚨 发现关键词: #SSRF

📦 项目名称: Agent-Warden
👤 项目作者: FreeGuy21-code
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-03 18:59:05

📝 项目描述:
Open-source security scanner for MCP servers — finds auth issues, SSRF, prompt injection, and more before attackers do.

🔗 点击访问项目地址
GitHub
GitHub - FreeGuy21-code/Agent-Warden: Open-source security scanner for MCP servers — finds auth issues, SSRF, prompt injection…
Open-source security scanner for MCP servers — finds auth issues, SSRF, prompt injection, and more before attackers do. - FreeGuy21-code/Agent-Warden
SSRF
🚨 GitHub 监控消息提醒

🚨 发现关键词: #CVE-2026

📦 项目名称: CVE-2026-31431
👤 项目作者: kaleth4
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-03 18:59:54

📝 项目描述:
无描述

🔗 点击访问项目地址
GitHub
GitHub - kaleth4/CVE-2026-31431
GitHub - kaleth4/CVE-2026-31431
Contribute to kaleth4/CVE-2026-31431 development by creating an account on GitHub.
CVE
🚨 GitHub 监控消息提醒

🚨 发现关键词: #SSRF

📦 项目名称: babysea-security-reports
👤 项目作者: babysea-ai
🛠 开发语言: MDX
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-03 16:52:41

📝 项目描述:
Public security reports, red-team summaries, and infrastructure hardening notes for BabySea’s generative-media execution control plane.

🔗 点击访问项目地址
GitHub
GitHub - babysea-ai/babysea-security-reports: Public security reports, red-team summaries, and infrastructure hardening notes for…
Public security reports, red-team summaries, and infrastructure hardening notes for BabySea’s generative-media execution control plane. - babysea-ai/babysea-security-reports
SSRF
🚨 GitHub 监控消息提醒

🚨 发现关键词: #渗透 #内网

📦 项目名称: xnmap
👤 项目作者: yanxinwu946
🛠 开发语言: Shell
Star数量: 10 | 🍴 Fork数量: 1
📅 更新时间: 2026-05-03 16:34:56

📝 项目描述:
一款集成了 RustScan + Nmap + fscan + Nuclei 的全自动化内网渗透扫描利器

🔗 点击访问项目地址
GitHub
GitHub - yanxinwu946/xnmap: 一款集成了 RustScan + Nmap + fscan + Nuclei 的全自动化内网渗透扫描利器
GitHub - yanxinwu946/xnmap: 一款集成了 RustScan + Nmap + fscan + Nuclei 的全自动化内网渗透扫描利器
一款集成了 RustScan + Nmap + fscan + Nuclei 的全自动化内网渗透扫描利器 - yanxinwu946/xnmap
渗透 内网
🚨 GitHub 监控消息提醒

🚨 发现关键词: #RCE #Remote

📦 项目名称: rce.github.io
👤 项目作者: abhimanyubhowmik
🛠 开发语言: HTML
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-03 16:55:57

📝 项目描述:
无描述

🔗 点击访问项目地址
GitHub
GitHub - abhimanyubhowmik/rce.github.io
Contribute to abhimanyubhowmik/rce.github.io development by creating an account on GitHub.
RCE Remote
🚨 GitHub 监控消息提醒

🚨 发现关键词: #XXE

📦 项目名称: procbuster
👤 项目作者: magicrc
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-03 15:14:26

📝 项目描述:
Python-based /proc brute-forcer that enumerates running processes via arbitrary file read vulnerabilities (LFI, path traversal, XXE, etc.)

🔗 点击访问项目地址
GitHub
GitHub - magicrc/procbuster: Python-based /proc brute-forcer that enumerates running processes via arbitrary file read vulnerabilities…
GitHub - magicrc/procbuster: Python-based /proc brute-forcer that enumerates running processes via arbitrary file read vulnerabilities…
Python-based /proc brute-forcer that enumerates running processes via arbitrary file read vulnerabilities (LFI, path traversal, XXE, etc.) - magicrc/procbuster
XXE
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Bypass #AV

📦 项目名称: ClaudeCode-Model-Rotator
👤 项目作者: tullextraterrestrial3175
🛠 开发语言: Shell
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-03 16:01:16

📝 项目描述:
Connect Claude Code to local Ollama models and OpenRouter via a dynamic proxy to bypass ecosystem locks and use free APIs.

🔗 点击访问项目地址
GitHub
GitHub - tullextraterrestrial3175/ClaudeCode-Model-Rotator: Connect Claude Code to local Ollama models and OpenRouter via a dynamic…
GitHub - tullextraterrestrial3175/ClaudeCode-Model-Rotator: Connect Claude Code to local Ollama models and OpenRouter via a dynamic…
Connect Claude Code to local Ollama models and OpenRouter via a dynamic proxy to bypass ecosystem locks and use free APIs. - tullextraterrestrial3175/ClaudeCode-Model-Rotator
Bypass AV
🚨 GitHub 监控消息提醒

🚨 发现关键词: #C2 #Client #Command #Control

📦 项目名称: SpectralEye
👤 项目作者: njavro
🛠 开发语言: TypeScript
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-03 14:02:45

📝 项目描述:
Advanced EW C2 System

🔗 点击访问项目地址
GitHub
GitHub - njavro/SpectralEye: Advanced EW C2 System
Advanced EW C2 System. Contribute to njavro/SpectralEye development by creating an account on GitHub.
C2 Client Command Control
🚨 GitHub 监控消息提醒

🚨 发现关键词: #XXE

📦 项目名称: WebPentestKit2
👤 项目作者: ozancolhak
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-03 13:30:55

📝 项目描述:
**SSTI · XXE · Deserialization** — Three powerful modules, one command-line tool.

🔗 点击访问项目地址
GitHub
GitHub - ozancolhak/WebPentestKit2: **SSTI · XXE · Deserialization** — Three powerful modules, one command-line tool.
GitHub - ozancolhak/WebPentestKit2: **SSTI · XXE · Deserialization** — Three powerful modules, one command-line tool.
**SSTI · XXE · Deserialization** — Three powerful modules, one command-line tool. - ozancolhak/WebPentestKit2
XXE
🚨 GitHub 监控消息提醒

🚨 发现关键词: #渗透 #测试

📦 项目名称: WuRen-CTF
👤 项目作者: JXJZJWHCM
🛠 开发语言: None
Star数量: 2 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-03 13:28:04

📝 项目描述:
玄坤信安科技有限公司开发的雾刃-AI自动化渗透测试平台(CTF特别版)(商业正式版)

🔗 点击访问项目地址
GitHub
GitHub - JXJZJWHCM/WuRen-CTF: 玄坤信安科技有限公司开发的雾刃-AI自动化渗透测试平台(CTF特别版)(商业正式版)
GitHub - JXJZJWHCM/WuRen-CTF: 玄坤信安科技有限公司开发的雾刃-AI自动化渗透测试平台(CTF特别版)(商业正式版)
玄坤信安科技有限公司开发的雾刃-AI自动化渗透测试平台(CTF特别版)(商业正式版). Contribute to JXJZJWHCM/WuRen-CTF development by creating an account on GitHub.
渗透 测试
🚨 GitHub 监控消息提醒

🚨 发现关键词: #CVE-2026

📦 项目名称: Weekly-Breach-Investigation--006
👤 项目作者: jamal-soc21
🛠 开发语言: None
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-03 13:49:04

📝 项目描述:
Repository documenting the Copy Fail (CVE-2026-31431) Linux kernel vulnerability, a local privilege escalation flaw enabling root access and mapped to MITRE ATT&CK techniques.

🔗 点击访问项目地址
GitHub
GitHub - jamal-soc21/Weekly-Breach-Investigation--006: Repository documenting the Copy Fail (CVE-2026-31431) Linux kernel vulnerability…
GitHub - jamal-soc21/Weekly-Breach-Investigation--006: Repository documenting the Copy Fail (CVE-2026-31431) Linux kernel vulnerability…
Repository documenting the Copy Fail (CVE-2026-31431) Linux kernel vulnerability, a local privilege escalation flaw enabling root access and mapped to MITRE ATT&CK techniques. - jamal-soc21...
CVE
🚨 GitHub 监控消息提醒

🚨 发现关键词: #供应链 #安全

📦 项目名称: caihongyzf
👤 项目作者: qq293814
🛠 开发语言: None
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-03 13:04:31

📝 项目描述:
彩虹商城V8.2是一款功能强大的自动发卡商城系统,基于PHP+MySQL架构,专为虚拟商品销售打造。系统内置智能自动发货引擎,付款后即时提取卡密,无需人工干预,支持批量导入导出与库存自动管理。 营销方面,提供优惠券、秒杀、满减满赠及拼团功能,有效提升转化率。分站代理体系支持多级等级划分与独立域名绑定,各分站可自定义商品价格和模板风格,实现独立品牌运营。供应商模块支持入驻、供货与自动分润结算,构建完整供应链。 后台管理覆盖商品分类、订单处理、数据统计与财务报表,集成智能客服系统,支持关键词自动回复。安全方面采用代码加密、防SQL注入与XSS防护,配合完整操作日志。系统还提供DNS域名管理、虚拟主机管理及开放API接口,便于第三方对接扩展,真正实现无人化高效经营。

🔗 点击访问项目地址
GitHub
GitHub - qq293814/caihongyzf: 彩虹商城V8.2是一款功能强大的自动发卡商城系统,基于PHP+MySQL架构,专为虚拟商品销售打造。系统内置智能自动发货引擎,付款后即时提取卡密,无需人工干预,支持批量导入导出与库存自动管理。…
GitHub - qq293814/caihongyzf: 彩虹商城V8.2是一款功能强大的自动发卡商城系统,基于PHP+MySQL架构,专为虚拟商品销售打造。系统内置智能自动发货引擎,付款后即时提取卡密,无需人工干预,支持批量导入导出与库存自动管理。…
彩虹商城V8.2是一款功能强大的自动发卡商城系统,基于PHP+MySQL架构,专为虚拟商品销售打造。系统内置智能自动发货引擎,付款后即时提取卡密,无需人工干预,支持批量导入导出与库存自动管理。 营销方面,提供优惠券、秒杀、满减满赠及拼团功能,有效提升转化率。分站代理体系支持多级等级划分与独立域名绑定,各分站可自定义商品价格和模板风格,实现独立品牌运营。供应商模块支持入驻、供货与自动分润结算...
供应链 安全
🚨 GitHub 监控消息提醒

🚨 发现关键词: #SSRF

📦 项目名称: WebPentestKit
👤 项目作者: ozancolhak
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-03 12:55:37

📝 项目描述:
Modular Web Pentest Framework - SQLi, SSRF, XSS, JWT

🔗 点击访问项目地址
GitHub
GitHub - ozancolhak/WebPentestKit: Modular Web Pentest Framework - SQLi, SSRF, XSS, JWT
Modular Web Pentest Framework - SQLi, SSRF, XSS, JWT - ozancolhak/WebPentestKit
SSRF
🚨 GitHub 监控消息提醒

🚨 发现关键词: #渗透 #测试

📦 项目名称: HackerToolsByPython
👤 项目作者: hzja
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-03 13:00:05

📝 项目描述:
根据《黑帽子——黑客与渗透测试编程之道》而编写的代码,有些根据需要改动

🔗 点击访问项目地址
GitHub
GitHub - hzja/HackerToolsByPython: 根据《黑帽子——黑客与渗透测试编程之道》而编写的代码,有些根据需要改动
根据《黑帽子——黑客与渗透测试编程之道》而编写的代码,有些根据需要改动. Contribute to hzja/HackerToolsByPython development by creating an account on GitHub.
渗透 测试
🚨 GitHub 监控消息提醒

🚨 发现关键词: #EXP #Exploit

📦 项目名称: IT-Security-Vulnerability-Exploit-Intelligence-Scraper
👤 项目作者: Threathunter7
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-03 13:00:21

📝 项目描述:
IT Security Vulnerability & Exploit Intelligence Scraper

🔗 点击访问项目地址
GitHub
GitHub - Threathunter7/IT-Security-Vulnerability-Exploit-Intelligence-Scraper: IT Security Vulnerability & Exploit Intelligence…
IT Security Vulnerability & Exploit Intelligence Scraper - Threathunter7/IT-Security-Vulnerability-Exploit-Intelligence-Scraper
EXP Exploit
🚨 GitHub 监控消息提醒

🚨 发现关键词: #0day

📦 项目名称: 0day_Passwords
👤 项目作者: 0day77
🛠 开发语言: C++
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-03 12:51:40

📝 项目描述:
🔐 Secure hardware password manager for M5StickC Plus 2. BLE HID injection, AES-256 encryption, PIN lock, TOTP authenticator, and local web portal.

🔗 点击访问项目地址
GitHub
GitHub - 0day77/0day_Passwords: 🔐 Secure hardware password manager for M5StickC Plus 2. BLE HID injection, AES-256 encryption,…
GitHub - 0day77/0day_Passwords: 🔐 Secure hardware password manager for M5StickC Plus 2. BLE HID injection, AES-256 encryption,…
🔐 Secure hardware password manager for M5StickC Plus 2. BLE HID injection, AES-256 encryption, PIN lock, TOTP authenticator, and local web portal. - 0day77/0day_Passwords
0day
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Xray #Scanner

📦 项目名称: CodeXray
👤 项目作者: Fordbeing
🛠 开发语言: Java
Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-03 12:03:00

📝 项目描述:
AI-powered code analysis platform — paste a repo link, get a professional report with scores, architecture analysis, and RAG-based code Q&A

🔗 点击访问项目地址
GitHub
GitHub - Fordbeing/CodeXray: AI-powered code analysis platform — paste a repo link, get a professional report with scores, architecture…
GitHub - Fordbeing/CodeXray: AI-powered code analysis platform — paste a repo link, get a professional report with scores, architecture…
AI-powered code analysis platform — paste a repo link, get a professional report with scores, architecture analysis, and RAG-based code Q&A - Fordbeing/CodeXray
Xray Scanner
Before
After
Back to Top