📦 GitHub 全球红队渗透资源中转站。
旨在收录那些“好用却难找”的安全项目。
🔗 定时推送:GitHub Trending (Security)
🛠 必备清单:后渗透、远控、免杀、提权工具集
📅 更新频率:每日精选,绝不灌水。
⚠️ 本频道仅供安全研究与授权测试使用。
旨在收录那些“好用却难找”的安全项目。
🔗 定时推送:GitHub Trending (Security)
🛠 必备清单:后渗透、远控、免杀、提权工具集
📅 更新频率:每日精选,绝不灌水。
⚠️ 本频道仅供安全研究与授权测试使用。
🚨 GitHub 监控消息提醒
🚨 发现关键词: #Vulnerability Scanner
📦 项目名称: Website-Vulnerability-Scanner-IBM-Project
👤 项目作者: vaibhavirkarvir04-hub
🛠 开发语言: Python
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-13 05:54:03
📝 项目描述:
🔗 点击访问项目地址
🚨 发现关键词: #Vulnerability Scanner
📦 项目名称: Website-Vulnerability-Scanner-IBM-Project
👤 项目作者: vaibhavirkarvir04-hub
🛠 开发语言: Python
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-13 05:54:03
📝 项目描述:
An intelligent Website Vulnerability Scanner developed using Python Flask that analyzes HTTPS implementation, security headers, cookie security, and website risk posture to generate security scores, warnings, and remediation recommendations through an interactive dashboard.🔗 点击访问项目地址
GitHub
GitHub - vaibhavirkarvir04-hub/Website-Vulnerability-Scanner-IBM-Project: An intelligent Website Vulnerability Scanner developed…
An intelligent Website Vulnerability Scanner developed using Python Flask that analyzes HTTPS implementation, security headers, cookie security, and website risk posture to generate security scores...
🚨 GitHub 监控消息提醒
🚨 发现关键词: #CVE-2026 #POC #漏洞 #利用
📦 项目名称: http2-bomb-detector
👤 项目作者: adminlove520
🛠 开发语言: Python
⭐ Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-13 04:06:36
📝 项目描述:
🔗 点击访问项目地址
🚨 发现关键词: #CVE-2026 #POC #漏洞 #利用
📦 项目名称: http2-bomb-detector
👤 项目作者: adminlove520
🛠 开发语言: Python
⭐ Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-13 04:06:36
📝 项目描述:
HTTP/2 Bomb (CVE-2026-49975) non-destructive vulnerability detector for Nginx / Apache httpd. Zero-dependency Python.🔗 点击访问项目地址
GitHub
GitHub - adminlove520/http2-bomb-detector: HTTP/2 Bomb (CVE-2026-49975) non-destructive vulnerability detector for Nginx / Apache…
HTTP/2 Bomb (CVE-2026-49975) non-destructive vulnerability detector for Nginx / Apache httpd. Zero-dependency Python. - adminlove520/http2-bomb-detector
🚨 GitHub 监控消息提醒
🚨 发现关键词: #CVE-2026 #Exploit #RCE #漏洞 #复现
📦 项目名称: CVE-2026-42945_NGINX_Rift
👤 项目作者: niekaicheng
🛠 开发语言: CSS
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-13 05:10:42
📝 项目描述:
🔗 点击访问项目地址
🚨 发现关键词: #CVE-2026 #Exploit #RCE #漏洞 #复现
📦 项目名称: CVE-2026-42945_NGINX_Rift
👤 项目作者: niekaicheng
🛠 开发语言: CSS
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-13 05:10:42
📝 项目描述:
无描述🔗 点击访问项目地址
GitHub
GitHub - niekaicheng/CVE-2026-42945_NGINX_Rift
Contribute to niekaicheng/CVE-2026-42945_NGINX_Rift development by creating an account on GitHub.
🚨 GitHub 监控消息提醒
🚨 发现关键词: #Burp #Extension
📦 项目名称: Retrishul
👤 项目作者: Mehran-Seifalinia
🛠 开发语言: Python
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-13 04:29:43
📝 项目描述:
🔗 点击访问项目地址
🚨 发现关键词: #Burp #Extension
📦 项目名称: Retrishul
👤 项目作者: Mehran-Seifalinia
🛠 开发语言: Python
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-13 04:29:43
📝 项目描述:
ReTrishul – Burp Suite extension for active XSS, SQLi & SSTI detection. Intercepts in‑scope requests, injects payloads into GET/POST/JSON params, analyses responses. Results in a dedicated tab with issue tree, advisory & request/response viewers.🔗 点击访问项目地址
🚨 GitHub 监控消息提醒
🚨 发现关键词: #CVE-2026 #RCE
📦 项目名称: CVE-2026-22356
👤 项目作者: xxconi
🛠 开发语言: Unknown
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-13 04:54:33
📝 项目描述:
🔗 点击访问项目地址
🚨 发现关键词: #CVE-2026 #RCE
📦 项目名称: CVE-2026-22356
👤 项目作者: xxconi
🛠 开发语言: Unknown
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-13 04:54:33
📝 项目描述:
CVE-2026-22356: Jetpack CRM Path Traversal Vulnerability and RCE🔗 点击访问项目地址
GitHub
GitHub - xxconi/CVE-2026-22356: CVE-2026-22356: Jetpack CRM Path Traversal Vulnerability and RCE
CVE-2026-22356: Jetpack CRM Path Traversal Vulnerability and RCE - xxconi/CVE-2026-22356
🚨 GitHub 监控消息提醒
🚨 发现关键词: #漏洞 #扫描
📦 项目名称: msYqTsaPRp
👤 项目作者: sandhyaman
🛠 开发语言: Unknown
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-12 17:20:24
📝 项目描述:
🔗 点击访问项目地址
🚨 发现关键词: #漏洞 #扫描
📦 项目名称: msYqTsaPRp
👤 项目作者: sandhyaman
🛠 开发语言: Unknown
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-12 17:20:24
📝 项目描述:
【Java计算机毕业设计分享】基于Python的漏洞挖掘系统,MySQL Java开发 毕业设计 实战项目【附源码、文档报告、代码讲解】🔗 点击访问项目地址
GitHub
GitHub - sandhyaman/msYqTsaPRp: 【Java计算机毕业设计分享】基于Python的漏洞挖掘系统,MySQL Java开发 毕业设计 实战项目【附源码、文档报告、代码讲解】
【Java计算机毕业设计分享】基于Python的漏洞挖掘系统,MySQL Java开发 毕业设计 实战项目【附源码、文档报告、代码讲解】 - sandhyaman/msYqTsaPRp
🚨 GitHub 监控消息提醒
🚨 发现关键词: #Vulnerability Scanner
📦 项目名称: WebSecMonitor
👤 项目作者: hashtags2023
🛠 开发语言: Python
⭐ Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-13 00:53:24
📝 项目描述:
🔗 点击访问项目地址
🚨 发现关键词: #Vulnerability Scanner
📦 项目名称: WebSecMonitor
👤 项目作者: hashtags2023
🛠 开发语言: Python
⭐ Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-13 00:53:24
📝 项目描述:
Python web vulnerability scanner detecting SQL injection, XSS, open redirects, and security misconfigurations. Multithreaded directory enumeration across 40+ sensitive paths. Generates color-coded HTML/JSON reports with OWASP Top 10 severity rankings.🔗 点击访问项目地址
GitHub
GitHub - hashtags2023/WebSecMonitor: Python web vulnerability scanner detecting SQL injection, XSS, open redirects, and security…
Python web vulnerability scanner detecting SQL injection, XSS, open redirects, and security misconfigurations. Multithreaded directory enumeration across 40+ sensitive paths. Generates color-coded ...
🚨 GitHub 监控消息提醒
🚨 发现关键词: #XSS #Stored
📦 项目名称: Atithi-attacker
👤 项目作者: Tarikul3639
🛠 开发语言: JavaScript
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-12 23:45:57
📝 项目描述:
🔗 点击访问项目地址
🚨 发现关键词: #XSS #Stored
📦 项目名称: Atithi-attacker
👤 项目作者: Tarikul3639
🛠 开发语言: JavaScript
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-12 23:45:57
📝 项目描述:
🔐 Atithi-Attacker — XSS-based cookie hijacking lab demonstrating session theft through stored XSS vulnerabilities. Frontend (HTML/JS) + Backend (PHP) with real-time stolen cookie dashboard.🔗 点击访问项目地址
GitHub
GitHub - Tarikul3639/Atithi-attacker: 🔐 Atithi-Attacker — XSS-based cookie hijacking lab demonstrating session theft through stored…
🔐 Atithi-Attacker — XSS-based cookie hijacking lab demonstrating session theft through stored XSS vulnerabilities. Frontend (HTML/JS) + Backend (PHP) with real-time stolen cookie dashboard. - Tarik...
🚨 GitHub 监控消息提醒
🚨 发现关键词: #Bypass #WAF
📦 项目名称: Captcha-Bypass-Tool
👤 项目作者: SeseyqOw
🛠 开发语言: C#
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-12 23:04:31
📝 项目描述:
🔗 点击访问项目地址
🚨 发现关键词: #Bypass #WAF
📦 项目名称: Captcha-Bypass-Tool
👤 项目作者: SeseyqOw
🛠 开发语言: C#
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-12 23:04:31
📝 项目描述:
pentesting tool to bypass captcha Steam, Gmail, Instagram, Facebook, Twitter, Snapchat, Outlook, Netflix, Adobe Bot Automation🔗 点击访问项目地址
GitHub
GitHub - SeseyqOw/Captcha-Bypass-Tool: pentesting tool to bypass captcha Steam, Gmail, Instagram, Facebook, Twitter, Snapchat,…
pentesting tool to bypass captcha Steam, Gmail, Instagram, Facebook, Twitter, Snapchat, Outlook, Netflix, Adobe Bot Automation - SeseyqOw/Captcha-Bypass-Tool
🚨 GitHub 监控消息提醒
🚨 发现关键词: #YARA #malware
📦 项目名称: mlw-lab
👤 项目作者: allsmog
🛠 开发语言: Shell
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-12 22:27:03
📝 项目描述:
🔗 点击访问项目地址
🚨 发现关键词: #YARA #malware
📦 项目名称: mlw-lab
👤 项目作者: allsmog
🛠 开发语言: Shell
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-12 22:27:03
📝 项目描述:
Reproducible Stuxnet malware-analysis lab with static and dynamic workflows, YARA/Sigma detections, and safety-first documentation.🔗 点击访问项目地址
GitHub
GitHub - allsmog/mlw-lab: Reproducible Stuxnet malware-analysis lab with static and dynamic workflows, YARA/Sigma detections, and…
Reproducible Stuxnet malware-analysis lab with static and dynamic workflows, YARA/Sigma detections, and safety-first documentation. - allsmog/mlw-lab
🚨 GitHub 监控消息提醒
🚨 发现关键词: #SSRF #漏洞
📦 项目名称: ember
👤 项目作者: exergyleizhou-ux
🛠 开发语言: Python
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-12 21:57:03
📝 项目描述:
🔗 点击访问项目地址
🚨 发现关键词: #SSRF #漏洞
📦 项目名称: ember
👤 项目作者: exergyleizhou-ux
🛠 开发语言: Python
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-12 21:57:03
📝 项目描述:
5-layer offensive & defensive security toolkit: API scanner + payload injection (SQLi/XSS/JWT/PathTrav/SSRF) + network recon + AI prompt injection/red-team engine. Built on CL4R1T4S (29.5k ★).🔗 点击访问项目地址
GitHub
GitHub - exergyleizhou-ux/ember: 5-layer offensive & defensive security toolkit: API scanner + payload injection (SQLi/XSS/JWT/PathTrav/SSRF)…
5-layer offensive & defensive security toolkit: API scanner + payload injection (SQLi/XSS/JWT/PathTrav/SSRF) + network recon + AI prompt injection/red-team engine. Built on CL4R1T4S (29.5k ...
🚨 GitHub 监控消息提醒
🚨 发现关键词: #SSRF #metadata
📦 项目名称: ressrf
👤 项目作者: R0X4R
🛠 开发语言: Go
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-12 22:07:34
📝 项目描述:
🔗 点击访问项目地址
🚨 发现关键词: #SSRF #metadata
📦 项目名称: ressrf
👤 项目作者: R0X4R
🛠 开发语言: Go
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-12 22:07:34
📝 项目描述:
An advanced Out-of-Band and In-Band SSRF fuzzing scanner with dynamic request tracking.🔗 点击访问项目地址
GitHub
GitHub - R0X4R/ressrf: An advanced Out-of-Band and In-Band SSRF fuzzing scanner with dynamic request tracking.
An advanced Out-of-Band and In-Band SSRF fuzzing scanner with dynamic request tracking. - R0X4R/ressrf
🚨 GitHub 监控消息提醒
🚨 发现关键词: #Nuclei #template #templates
📦 项目名称: webstrike-framework
👤 项目作者: FlinnZee
🛠 开发语言: Python
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-12 21:09:55
📝 项目描述:
🔗 点击访问项目地址
🚨 发现关键词: #Nuclei #template #templates
📦 项目名称: webstrike-framework
👤 项目作者: FlinnZee
🛠 开发语言: Python
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-12 21:09:55
📝 项目描述:
WebStrike — automated web-pentesting framework that orchestrates Kali tools (subfinder, httpx, katana, ffuf, nuclei, sqlmap, dalfox) into one phased recon→exploit→report pipeline.🔗 点击访问项目地址
GitHub
GitHub - FlinnZee/webstrike-framework: WebStrike — automated web-pentesting framework that orchestrates Kali tools (subfinder,…
WebStrike — automated web-pentesting framework that orchestrates Kali tools (subfinder, httpx, katana, ffuf, nuclei, sqlmap, dalfox) into one phased recon→exploit→report pipeline. - FlinnZee/webstr...
🚨 GitHub 监控消息提醒
🚨 发现关键词: #C2 #Framework
📦 项目名称: orchestra
👤 项目作者: t-h-i-n-k-er
🛠 开发语言: Rust
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-12 21:56:08
📝 项目描述:
🔗 点击访问项目地址
🚨 发现关键词: #C2 #Framework
📦 项目名称: orchestra
👤 项目作者: t-h-i-n-k-er
🛠 开发语言: Rust
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-12 21:56:08
📝 项目描述:
Orchestra is the most advanced C2 framework in development. Features are beta and final version will be available commercially only to approved candidates.🔗 点击访问项目地址
GitHub
GitHub - t-h-i-n-k-er/orchestra: Orchestra is the most advanced C2 framework in development. Features are beta and final version…
Orchestra is the most advanced C2 framework in development. Features are beta and final version will be available commercially only to approved candidates. - t-h-i-n-k-er/orchestra
🚨 GitHub 监控消息提醒
🚨 发现关键词: #YARA #malware
📦 项目名称: detonate
👤 项目作者: allsmog
🛠 开发语言: Python
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-12 21:59:33
📝 项目描述:
🔗 点击访问项目地址
🚨 发现关键词: #YARA #malware
📦 项目名称: detonate
👤 项目作者: allsmog
🛠 开发语言: Python
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-12 21:59:33
📝 项目描述:
Open-source malware analysis sandbox with Docker/QEMU execution, telemetry, YARA, Suricata, threat-intel enrichment, and AI reports.🔗 点击访问项目地址
GitHub
GitHub - allsmog/detonate: Open-source malware analysis sandbox with Docker/QEMU execution, telemetry, YARA, Suricata, threat-intel…
Open-source malware analysis sandbox with Docker/QEMU execution, telemetry, YARA, Suricata, threat-intel enrichment, and AI reports. - allsmog/detonate
🚨 GitHub 监控消息提醒
🚨 发现关键词: #YARA #rules #malware
📦 项目名称: ghostforensics
👤 项目作者: joemunene-by
🛠 开发语言: Python
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-12 21:06:02
📝 项目描述:
🔗 点击访问项目地址
🚨 发现关键词: #YARA #rules #malware
📦 项目名称: ghostforensics
👤 项目作者: joemunene-by
🛠 开发语言: Python
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-12 21:06:02
📝 项目描述:
Memory forensics automation — process analysis, injection detection, YARA scanning, IOC extraction with STIX 2.1 export. Works standalone or with Volatility3.🔗 点击访问项目地址
🚨 GitHub 监控消息提醒
🚨 发现关键词: #Credential Dumping #Mimikatz #sekurlsa
📦 项目名称: THM-Boogeyman3
👤 项目作者: czabatta
🛠 开发语言: Unknown
⭐ Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-12 20:24:17
📝 项目描述:
🔗 点击访问项目地址
🚨 发现关键词: #Credential Dumping #Mimikatz #sekurlsa
📦 项目名称: THM-Boogeyman3
👤 项目作者: czabatta
🛠 开发语言: Unknown
⭐ Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-12 20:24:17
📝 项目描述:
TryHackMe SOC Level 1 — Full kill chain analysis: HTA lure, DLL execution, credential dumping, DCSync, ransomware staging🔗 点击访问项目地址
GitHub
GitHub - czabatta/THM-Boogeyman3: TryHackMe SOC Level 1 — Full kill chain analysis: HTA lure, DLL execution, credential dumping…
TryHackMe SOC Level 1 — Full kill chain analysis: HTA lure, DLL execution, credential dumping, DCSync, ransomware staging - czabatta/THM-Boogeyman3
🚨 GitHub 监控消息提醒
🚨 发现关键词: #Burp #Extension
📦 项目名称: burpsuite-oauth2.0
👤 项目作者: matiassequeira
🛠 开发语言: Python
⭐ Star数量: 2 | 🍴 Fork数量: 1
📅 更新时间: 2026-06-12 20:20:14
📝 项目描述:
🔗 点击访问项目地址
🚨 发现关键词: #Burp #Extension
📦 项目名称: burpsuite-oauth2.0
👤 项目作者: matiassequeira
🛠 开发语言: Python
⭐ Star数量: 2 | 🍴 Fork数量: 1
📅 更新时间: 2026-06-12 20:20:14
📝 项目描述:
Burp Suite Extension for auditing OAuth 2.0 implementations. Supports both Community and Professional Editions.🔗 点击访问项目地址
GitHub
GitHub - matiassequeira/burpsuite-oauth2.0: Burp Suite Extension for auditing OAuth 2.0 implementations. Supports both Community…
Burp Suite Extension for auditing OAuth 2.0 implementations. Supports both Community and Professional Editions. - matiassequeira/burpsuite-oauth2.0
🚨 GitHub 监控消息提醒
🚨 发现关键词: #Vulnerability Scanner
📦 项目名称: webguard
👤 项目作者: amr-khaledd
🛠 开发语言: HTML
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-12 21:00:31
📝 项目描述:
🔗 点击访问项目地址
🚨 发现关键词: #Vulnerability Scanner
📦 项目名称: webguard
👤 项目作者: amr-khaledd
🛠 开发语言: HTML
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-12 21:00:31
📝 项目描述:
Web Vulnerability Scanner — Flask REST API + SQLite + Security Scanning🔗 点击访问项目地址
GitHub
GitHub - amr-khaledd/webguard: Web Vulnerability Scanner — Flask REST API + SQLite + Security Scanning
Web Vulnerability Scanner — Flask REST API + SQLite + Security Scanning - amr-khaledd/webguard
🚨 GitHub 监控消息提醒
🚨 发现关键词: #CVE-2026 #POC
📦 项目名称: CVE-2026-20230-Scanner
👤 项目作者: HalilDeniz
🛠 开发语言: Python
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-12 19:50:53
📝 项目描述:
🔗 点击访问项目地址
🚨 发现关键词: #CVE-2026 #POC
📦 项目名称: CVE-2026-20230-Scanner
👤 项目作者: HalilDeniz
🛠 开发语言: Python
⭐ Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-06-12 19:50:53
📝 项目描述:
Cisco Unified Communications Manager (Unified CM) deployments affected by CVE-2026-20230.🔗 点击访问项目地址
GitHub
GitHub - HalilDeniz/CVE-2026-20230-Scanner: Cisco Unified Communications Manager (Unified CM) deployments affected by CVE-2026…
Cisco Unified Communications Manager (Unified CM) deployments affected by CVE-2026-20230. - HalilDeniz/CVE-2026-20230-Scanner
