📦 GitHub 全球红队渗透资源中转站。
​旨在收录那些“好用却难找”的安全项目。
🔗 定时推送:GitHub Trending (Security)
🛠 必备清单:后渗透、远控、免杀、提权工具集
📅 更新频率:每日精选,绝不灌水。
⚠️ 本频道仅供安全研究与授权测试使用。
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Spring #CVE

📦 项目名称: rhel9-app-full
👤 项目作者: kelleyblackmore
🛠 开发语言: Java
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-02 03:03:13

📝 项目描述:
SecureLedger — Spring Boot 3 secure task/audit API on the hardened UBI9 base; DISA STIG + CVE gated in CI

🔗 点击访问项目地址 GitHub - kelleyblackmore/rhel9-app-full: SecureLedger — Spring Boot 3 secure task/audit API on the hardened UBI9 base; DISA STIG…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #YARA #malware

📦 项目名称: HydraDragonAV-Mobile
👤 项目作者: HydraDragonAntivirus
🛠 开发语言: YARA
Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-02 01:56:36

📝 项目描述:
Military-grade Android Antivirus featuring AI-powered static analysis, Photon Technology, and real-time Ransomware mitigation.

🔗 点击访问项目地址 GitHub - HydraDragonAntivirus/HydraDragonAV-Mobile: Military-grade Android Antivirus featuring AI-powered static analysis, Photon…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Exploit #CVE #POC

📦 项目名称: cve-pocs
👤 项目作者: ykrishhh
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-02 01:56:45

📝 项目描述:
Proof-of-concept exploits for CVEs — security research, vulnerability analysis, and responsible disclosure

🔗 点击访问项目地址 GitHub - ykrishhh/cve-pocs: Proof-of-concept exploits for CVEs — security research, vulnerability analysis, and responsible disclosure
🚨 GitHub 监控消息提醒

🚨 发现关键词: #CVE-2026 #POC #RCE

📦 项目名称: CVE-2026-52813
👤 项目作者: thecodeb0ss
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-02 01:25:50

📝 项目描述:
Gogs has Path Traversal in organization name that results in RCE through Git hooks

🔗 点击访问项目地址 GitHub - thecodeb0ss/CVE-2026-52813: Gogs has Path Traversal in organization name that results in RCE through Git hooks
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Exploit #POC

📦 项目名称: UnknownKiller
👤 项目作者: lukmannurhikma
🛠 开发语言: C
Star数量: 1 | 🍴 Fork数量: 1
📅 更新时间: 2026-07-02 01:06:02

📝 项目描述:
Exploit a vulnerable signed kernel driver to terminate any process from kernel mode without security checks on Windows systems.

🔗 点击访问项目地址 GitHub - lukmannurhikma/UnknownKiller: Exploit a vulnerable signed kernel driver to terminate any process from kernel mode without…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #CVE-2026 #POC

📦 项目名称: CVE-2026-20896
👤 项目作者: kaleth4
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-02 00:23:50

📝 项目描述:
无描述

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #CVE-2026 #RCE

📦 项目名称: CVE-2026-53753
👤 项目作者: 0xEnc0der
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-02 00:35:48

📝 项目描述:
Crawl4AI <= 0.8.6 pre-auth RCE via AST sandbox escape (gi_frame.f_back.f_builtins chain) — CVSS 10.0

🔗 点击访问项目地址 GitHub - 0xEnc0der/CVE-2026-53753: Crawl4AI <= 0.8.6 pre-auth RCE via AST sandbox escape (gi_frame.f_back.f_builtins chain) — CVSS…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Burp #Extension

📦 项目名称: rekall-penetration-testing
👤 项目作者: tylerbcrawford
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-02 00:04:31

📝 项目描述:
Full pen test engagement — SQL injection, RCE, Nmap, Metasploit, Burp Suite (UofT Cybersecurity)

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Burp #Plugin

📦 项目名称: supascan-burp
👤 项目作者: imnotcha0s
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-02 00:07:44

📝 项目描述:
A Burpsuite plugin to audit Supabase instances

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: webguard-scanner
👤 项目作者: MojeebAlmahmoudi
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-01 23:36:26

📝 项目描述:
An educational web vulnerability scanner built with Python to detect common security issues and generate professional security reports

🔗 点击访问项目地址 GitHub - MojeebAlmahmoudi/webguard-scanner: An educational web vulnerability scanner built with Python to detect common security…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: bugspray
👤 项目作者: shahram08
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-01 23:06:54

📝 项目描述:
Multi-vector web application vulnerability scanner. SQLi / XSS / SSTI / SSRF / LFI / CMDi / NoSQLi / Open Redirect. Crawls + auth + reports.

🔗 点击访问项目地址 GitHub - shahram08/bugspray: Multi-vector web application vulnerability scanner. SQLi / XSS / SSTI / SSRF / LFI / CMDi / NoSQLi…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Shellcode #Evasion

📦 项目名称: wraith
👤 项目作者: sebafvs
🛠 开发语言: C
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-01 22:51:40

📝 项目描述:
Standalone process manipulation SDK for x64 Windows. Indirect syscalls, dynamic function resolution, PE parsing, and injection strategies. No CRT, no external dependencies.

🔗 点击访问项目地址 GitHub - sebafvs/wraith: Standalone process manipulation SDK for x64 Windows. Indirect syscalls, dynamic function resolution, PE…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #RCE #CVE

📦 项目名称: CVE_2026_44963
👤 项目作者: suce0155
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-01 22:30:28

📝 项目描述:
CVE_2026_44963 Veeam Backup and Replication Authenticated RCE

🔗 点击访问项目地址 GitHub - suce0155/CVE_2026_44963: CVE_2026_44963 Veeam Backup and Replication Authenticated RCE
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Burp #Extension

📦 项目名称: HashFinder_BurpExtension
👤 项目作者: keyb1t
🛠 开发语言: Java
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-01 22:55:56

📝 项目描述:
An extension for finding hashes in HTTP requests and responses that pass through Burp

🔗 点击访问项目地址 GitHub - keyb1t/HashFinder_BurpExtension: An extension for finding hashes in HTTP requests and responses that pass through Burp
🚨 GitHub 监控消息提醒

🚨 发现关键词: #POC #CVE #RCE

📦 项目名称: attackwatch-vulnerability-poc
👤 项目作者: fankh
🛠 开发语言: Python
Star数量: 11 | 🍴 Fork数量: 1
📅 更新时间: 2026-07-01 22:07:36

📝 项目描述:
无描述

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #YARA #malware

📦 项目名称: HATCHERY
👤 项目作者: aiagentmackenzie-lang
🛠 开发语言: Python
Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-01 21:42:29

📝 项目描述:
Malware Sandbox Engine. Automated static & dynamic analysis: intake, YARA scanning, Docker sandbox execution, IOC extraction, STIX export, and React dashboard. Built for safe malware triage and detonation.

🔗 点击访问项目地址 GitHub - aiagentmackenzie-lang/HATCHERY: Malware Sandbox Engine. Automated static & dynamic analysis: intake, YARA scanning, Docker…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #YARA #rule #malware

📦 项目名称: yaratune
👤 项目作者: Danush-Aries
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-01 21:56:14

📝 项目描述:
Generate a YARA rule from real malware + benign corpora, auto-tune it to zero false positives against the benign corpus, and emit a precision/recall test-evidence report. Modernizes the abandoned yarGen with an FP-tuning loop + proof.

🔗 点击访问项目地址 GitHub - Danush-Aries/yaratune: Generate a YARA rule from real malware + benign corpora, auto-tune it to zero false positives against…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Exploit #CVE #POC

📦 项目名称: CVE-PoC-Hub
👤 项目作者: javokhir-sec
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-01 20:59:49

📝 项目描述:
🔬 Curated collection of working Proof-of-Concept exploits for latest CVEs — tested & verified

🔗 点击访问项目地址 GitHub - javokhir-sec/CVE-PoC-Hub: 🔬 Curated collection of working Proof-of-Concept exploits for latest CVEs — tested & verified
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Burp #Extension

📦 项目名称: google-api-key-tools
👤 项目作者: Black0ffR
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-01 20:42:37

📝 项目描述:
Comprehensive toolkit for discovering, validating, and reporting exposed Google API keys (AIza format). Multi-service scanner (24 endpoints), Burp extension, capability testing, referer bypass, evidence reports. For authorized bug bounty research.

🔗 点击访问项目地址 GitHub - Black0ffR/google-api-key-tools: Comprehensive toolkit for discovering, validating, and reporting exposed Google API keys…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #CVE-2026 #Exploit #RCE

📦 项目名称: OpenSTAManager_RCE_Exploit-CVE-2026-38751-
👤 项目作者: hackthem
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-01 20:11:11

📝 项目描述:
OpenSTAManager RCE Exploit (CVE-2026-38751)

🔗 点击访问项目地址 GitHub - hackthem/OpenSTAManager_RCE_Exploit-CVE-2026-38751-: OpenSTAManager RCE Exploit (CVE-2026-38751)
Back to Top