📦 GitHub 全球红队渗透资源中转站。
​旨在收录那些“好用却难找”的安全项目。
🔗 定时推送:GitHub Trending (Security)
🛠 必备清单:后渗透、远控、免杀、提权工具集
📅 更新频率:每日精选,绝不灌水。
⚠️ 本频道仅供安全研究与授权测试使用。
🚨 GitHub 监控消息提醒

🚨 发现关键词: #C2 #Command and Control

📦 项目名称: noPROXY-c2s
👤 项目作者: ekomsSavior
🛠 开发语言: Go
Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-21 01:04:13

📝 项目描述:
Command and Control instances that dont use proxies.

🔗 点击访问项目地址
GitHub
GitHub - ekomsSavior/noPROXY-c2s: Command and Control instances that dont use proxies.
GitHub - ekomsSavior/noPROXY-c2s: Command and Control instances that dont use proxies.
Command and Control instances that dont use proxies. - ekomsSavior/noPROXY-c2s
C2 Command
🚨 GitHub 监控消息提醒

🚨 发现关键词: #SSRF #漏洞 #云元数据

📦 项目名称: ssrf-scanner
👤 项目作者: kobe2778-2778
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-21 01:07:34

📝 项目描述:
无描述

🔗 点击访问项目地址
GitHub
GitHub - kobe2778-2778/ssrf-scanner
GitHub - kobe2778-2778/ssrf-scanner
Contribute to kobe2778-2778/ssrf-scanner development by creating an account on GitHub.
SSRF 漏洞 云元数据
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Exchange #POC

📦 项目名称: CryptoVault-Exchange
👤 项目作者: Taeyjtcom
🛠 开发语言: TypeScript
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-21 01:01:50

📝 项目描述:
🪙 Explore CryptoVault Exchange, a non-custodial platform linking clients to secure, XPUB-derived crypto deposit addresses without revealing private keys.

🔗 点击访问项目地址
GitHub
GitHub - Taeyjtcom/CryptoVault-Exchange: 🪙 Explore CryptoVault Exchange, a non-custodial platform linking clients to secure, XPUB…
🪙 Explore CryptoVault Exchange, a non-custodial platform linking clients to secure, XPUB-derived crypto deposit addresses without revealing private keys. - Taeyjtcom/CryptoVault-Exchange
Exchange POC
🚨 GitHub 监控消息提醒

🚨 发现关键词: #C2 #Command and Control

📦 项目名称: malicious-outgoing-ip
👤 项目作者: romainmarcoux
🛠 开发语言: Unknown
Star数量: 26 | 🍴 Fork数量: 2
📅 更新时间: 2026-05-20 23:51:02

📝 项目描述:
Aggregation of lists of malicious IP addresses (C2, malware, phishing), to be blocked in the LAN > WAN direction, integrated into firewalls: FortiGate, Palo Alto, pfSense, IPtables

🔗 点击访问项目地址
GitHub
GitHub - romainmarcoux/malicious-outgoing-ip: Aggregation of lists of malicious IP addresses (C2, malware, phishing), to be blocked…
Aggregation of lists of malicious IP addresses (C2, malware, phishing), to be blocked in the LAN > WAN direction, integrated into firewalls: FortiGate, Palo Alto, pfSense, IPtables - romainm...
C2 Command
🚨 GitHub 监控消息提醒

🚨 发现关键词: #C2 #Implant

📦 项目名称: phantom-c2-android
👤 项目作者: aymouo
🛠 开发语言: Kotlin
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-20 23:55:33

📝 项目描述:
Phantom C2 Android Implant — Discord Gateway WebSocket

🔗 点击访问项目地址
GitHub
GitHub - aymouo/phantom-c2-android: Phantom C2 Android Implant — Discord Gateway WebSocket
GitHub - aymouo/phantom-c2-android: Phantom C2 Android Implant — Discord Gateway WebSocket
Phantom C2 Android Implant — Discord Gateway WebSocket - aymouo/phantom-c2-android
C2 Implant
🚨 GitHub 监控消息提醒

🚨 发现关键词: #GitLab #POC

📦 项目名称: gitlab_rag_leave_policy_source
👤 项目作者: M-Longoria
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-21 00:00:44

📝 项目描述:
Source data for Gitlab US Time-Off Policy Specialist PoC

🔗 点击访问项目地址
GitHub
M-Longoria/gitlab_rag_leave_policy_source
Source data for Gitlab US Time-Off Policy Specialist PoC - M-Longoria/gitlab_rag_leave_policy_source
GitLab POC
🚨 GitHub 监控消息提醒

🚨 发现关键词: #C2 #Framework

📦 项目名称: abyss-c2
👤 项目作者: flags-alt
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-20 22:55:03

📝 项目描述:
ABYSS C2 — HiSilicon DVR Exploit Framework (CVE-2020-25078). Educational IoT security research platform.

🔗 点击访问项目地址
GitHub
flags-alt/abyss-c2
flags-alt/abyss-c2
ABYSS C2 — HiSilicon DVR Exploit Framework (CVE-2020-25078). Educational IoT security research platform. - flags-alt/abyss-c2
C2 Framework
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Spring4Shell #CVE #RCE

📦 项目名称: Spring4ShellExample
👤 项目作者: kasia-kittel
🛠 开发语言: Java
Star数量: 0 | 🍴 Fork数量: 1
📅 更新时间: 2026-02-16 11:37:52

📝 项目描述:
A demo exploitation of the Sprin4Shell vulnerability.

🔗 点击访问项目地址
GitHub
GitHub - kasia-kittel/Spring4ShellExample: A demo exploitation of the Sprin4Shell vulnerability.
GitHub - kasia-kittel/Spring4ShellExample: A demo exploitation of the Sprin4Shell vulnerability.
A demo exploitation of the Sprin4Shell vulnerability. - kasia-kittel/Spring4ShellExample
Spring4Shell CVE RCE
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Exploit #CVE

📦 项目名称: PrintSpoofer-ReflectiveDLL
👤 项目作者: JonyFilc
🛠 开发语言: C
Star数量: 1 | 🍴 Fork数量: 3
📅 更新时间: 2026-05-20 22:59:37

📝 项目描述:
The Windows Print Spooler privilege escalation vulnerability (CVE-2019-1040/CVE-2019-1019) has been implemented as a Reflective DLL for penetration testing.

🔗 点击访问项目地址
GitHub
GitHub - JonyFilc/PrintSpoofer-ReflectiveDLL: The Windows Print Spooler privilege escalation vulnerability (CVE-2019-1040/CVE-2019…
GitHub - JonyFilc/PrintSpoofer-ReflectiveDLL: The Windows Print Spooler privilege escalation vulnerability (CVE-2019-1040/CVE-2019…
The Windows Print Spooler privilege escalation vulnerability (CVE-2019-1040/CVE-2019-1019) has been implemented as a Reflective DLL for penetration testing. - JonyFilc/PrintSpoofer-ReflectiveDLL
Exploit CVE
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Bypass #AV

📦 项目名称: PolyCrypt-Crypter-Polymorphic-Runtime-Crypter-Fud-Defender
👤 项目作者: Grymenaso
🛠 开发语言: Visual Basic .NET
Star数量: 3 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-20 22:59:57

📝 项目描述:
A crypter encrypts payloads to bypass antivirus and Windows Defender. Tools like crypter FUD or obfuscator ensure stealthy execution while avoiding detection through advanced obfuscation techniques.

🔗 点击访问项目地址
GitHub
GitHub - Grymenaso/PolyCrypt-Crypter-Polymorphic-Runtime-Crypter-Fud-Defender: A crypter encrypts payloads to bypass antivirus…
A crypter encrypts payloads to bypass antivirus and Windows Defender. Tools like crypter FUD or obfuscator ensure stealthy execution while avoiding detection through advanced obfuscation techniques...
Bypass AV
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Bypass #AV

📦 项目名称: KGB-Crypter-WdKiller-DLL-Sideloading-Ev-Cert-Unpacked-Fud
👤 项目作者: Grymenaso
🛠 开发语言: Visual Basic .NET
Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-20 23:00:05

📝 项目描述:
Crypter tools focus on encrypting malware and bypassing AV systems. Features like FUD backdoor creation and Windows compatibility make them ideal for stealthy payload deployment.

🔗 点击访问项目地址
GitHub
GitHub - Grymenaso/KGB-Crypter-WdKiller-DLL-Sideloading-Ev-Cert-Unpacked-Fud: Crypter tools focus on encrypting malware and bypassing…
Crypter tools focus on encrypting malware and bypassing AV systems. Features like FUD backdoor creation and Windows compatibility make them ideal for stealthy payload deployment. - Grymenaso/KGB-Cr...
Bypass AV
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Kubernetes #CVE

📦 项目名称: Command-Line-To-Do-Manager-Python-
👤 项目作者: Shivvvanshh
🛠 开发语言: Unknown
Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-20 22:59:36

📝 项目描述:
无描述

🔗 点击访问项目地址
GitHub
GitHub - Shivvvanshh/Command-Line-To-Do-Manager-Python-
Contribute to Shivvvanshh/Command-Line-To-Do-Manager-Python- development by creating an account on GitHub.
Kubernetes CVE
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Sigma #rule

📦 项目名称: BruteForce_Detection
👤 项目作者: prashersumesh
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-20 22:06:49

📝 项目描述:
Executed T1110 brute-force attacks using NetExec (SMB protocol). Built risk-scored Splunk detections and Sigma rule. All attack patterns detected with correct risk classification.

🔗 点击访问项目地址
GitHub
GitHub - prashersumesh/BruteForce_Detection: Executed T1110 brute-force attacks using NetExec (SMB protocol). Built risk-scored…
Executed T1110 brute-force attacks using NetExec (SMB protocol). Built risk-scored Splunk detections and Sigma rule. All attack patterns detected with correct risk classification. - prashersumesh/B...
Sigma rule
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Exploit #CVE #POC

📦 项目名称: cvss-te
👤 项目作者: kston83
🛠 开发语言: JavaScript
Star数量: 14 | 🍴 Fork数量: 2
📅 更新时间: 2026-05-20 22:02:55

📝 项目描述:
Improves vulnerability prioritization by enhancing CVSS scores with exploit intelligence. Combines data from CISA KEV, EPSS, Metasploit, and other sources to create actionable severity ratings that reflect real-world threat levels.

🔗 点击访问项目地址
GitHub
GitHub - kston83/cvss-te: Improves vulnerability prioritization by enhancing CVSS scores with exploit intelligence. Combines data…
Improves vulnerability prioritization by enhancing CVSS scores with exploit intelligence. Combines data from CISA KEV, EPSS, Metasploit, and other sources to create actionable severity ratings that...
Exploit CVE POC
🚨 GitHub 监控消息提醒

🚨 发现关键词: #POC #CVE

📦 项目名称: CVE-2024-56426
👤 项目作者: Creeeeger
🛠 开发语言: Python
Star数量: 8 | 🍴 Fork数量: 2
📅 更新时间: 2026-05-20 22:01:07

📝 项目描述:
A PoC of the CVE-2024-56426 vulnerability.

🔗 点击访问项目地址
GitHub
GitHub - Creeeeger/CVE-2024-56426: A PoC of the CVE-2024-56426 vulnerability.
GitHub - Creeeeger/CVE-2024-56426: A PoC of the CVE-2024-56426 vulnerability.
A PoC of the CVE-2024-56426 vulnerability. Contribute to Creeeeger/CVE-2024-56426 development by creating an account on GitHub.
POC CVE
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Docker #CVE

📦 项目名称: CyberTwin-SOC
👤 项目作者: omarbabba779xx
🛠 开发语言: HTML
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-20 22:00:34

📝 项目描述:
Open-source SOC digital twin (POC) — simulate, detect, respond, measure. 46 detection rules + Sigma loader · 40/622 MITRE techniques rule-mapped (6.4%) · OCSF live ingestion · rule-based analyst · SOAR adapters · multi-tenant RBAC × 12 roles · PostgreSQL/Alembic · Helm-ready · 855 backend tests · 0 known CVE.

🔗 点击访问项目地址
GitHub
GitHub - omarbabba779xx/CyberTwin-SOC: Open-source SOC digital twin (POC) — simulate, detect, respond, measure. 46 detection rules…
Open-source SOC digital twin (POC) — simulate, detect, respond, measure. 46 detection rules + Sigma loader · 40/622 MITRE techniques rule-mapped (6.4%) · OCSF live ingestion · rule-based analyst · ...
Docker CVE
🚨 GitHub 监控消息提醒

🚨 发现关键词: #CVE-2026 #POC #Exploit #RCE

📦 项目名称: CVE-2026-2587-Exploit-POC
👤 项目作者: Bhanunamikaze
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-20 21:39:10

📝 项目描述:
PoC validator for CVE-2026-2587 — Critical (CVSS 9.6) EL Injection RCE in Eclipse GlassFish < 7.1.0 admin console gadget handler. Multi-target scanner with CSV/JSON output.

🔗 点击访问项目地址
GitHub
GitHub - Bhanunamikaze/CVE-2026-2587-Exploit-POC: PoC validator for CVE-2026-2587 — Critical (CVSS 9.6) EL Injection RCE in Eclipse…
PoC validator for CVE-2026-2587 — Critical (CVSS 9.6) EL Injection RCE in Eclipse GlassFish < 7.1.0 admin console gadget handler. Multi-target scanner with CSV/JSON output. - Bhanunamikaze/C...
CVE POC Exploit RCE
🚨 GitHub 监控消息提醒

🚨 发现关键词: #RCE #CVE #Remote Code Execution

📦 项目名称: CVE-2024-37054
👤 项目作者: vanhari
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-20 21:01:25

📝 项目描述:
a proof-of-concept for MLflow RCE (remote code execution)

🔗 点击访问项目地址
GitHub
GitHub - vanhari/CVE-2024-37054: a proof-of-concept for MLflow RCE (remote code execution)
a proof-of-concept for MLflow RCE (remote code execution) - vanhari/CVE-2024-37054
RCE CVE Remote
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Sliver #C2

📦 项目名称: GodPotatoBOF-Sliver
👤 项目作者: ScotSec
🛠 开发语言: C
Star数量: 2 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-20 20:48:49

📝 项目描述:
A Sliver C2 port of incursi0n's GodPotato CobaltStrike BOF.

🔗 点击访问项目地址
GitHub
GitHub - ScotSec/GodPotatoBOF-Sliver: A Sliver C2 port of incursi0n's GodPotato CobaltStrike BOF.
A Sliver C2 port of incursi0n's GodPotato CobaltStrike BOF. - ScotSec/GodPotatoBOF-Sliver
Sliver C2
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Exploit #CVE

📦 项目名称: CVE-2024-0582
👤 项目作者: nanabingies
🛠 开发语言: C
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-05-20 20:41:46

📝 项目描述:
An exploit for a Use-After-Free vulnerability in the io_uring subsystem in the linux kernel

🔗 点击访问项目地址
GitHub
GitHub - nanabingies/CVE-2024-0582: An exploit for a Use-After-Free vulnerability in the io_uring subsystem in the linux kernel
GitHub - nanabingies/CVE-2024-0582: An exploit for a Use-After-Free vulnerability in the io_uring subsystem in the linux kernel
An exploit for a Use-After-Free vulnerability in the io_uring subsystem in the linux kernel - nanabingies/CVE-2024-0582
Exploit CVE
Before
After
Back to Top