📦 GitHub 全球红队渗透资源中转站。
​旨在收录那些“好用却难找”的安全项目。
🔗 定时推送:GitHub Trending (Security)
🛠 必备清单:后渗透、远控、免杀、提权工具集
📅 更新频率:每日精选,绝不灌水。
⚠️ 本频道仅供安全研究与授权测试使用。
🚨 GitHub 监控消息提醒

🚨 发现关键词: #SSTI #RCE

📦 项目名称: sst1_filt3r_bypass
👤 项目作者: 6876h9
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-07 09:35:02

📝 项目描述:
Server-Side Template Injection (SSTI) exploit for picoCTF 2025 SST1 web exploitation challenge. Demonstrates blacklist bypass techniques and Jinja2 template injection vulnerabilities.

🔗 点击访问项目地址 GitHub - 6876h9/sst1_filt3r_bypass: Server-Side Template Injection (SSTI) exploit for picoCTF 2025 SST1 web exploitation challenge.…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #漏洞 #Exploit #利用

📦 项目名称: CTF-Writeups
👤 项目作者: MounT1veR
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-07 11:59:34

📝 项目描述:
🚩 我的 CTF 解题记录与漏洞分析

🔗 点击访问项目地址 GitHub - MounT1veR/CTF-Writeups: 🚩 我的 CTF 解题记录与漏洞分析
🚨 GitHub 监控消息提醒

🚨 发现关键词: #RCE #CVE #Remote Code Execution

📦 项目名称: cisco-CVE-2023-31488
👤 项目作者: ly1g3
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-07 14:00:55

📝 项目描述:
Email to zero-click RCE as root - Remote Code Execution/Memory Corruption/ROP-chain

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: zeroshi
👤 项目作者: code-zm
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-07 13:55:18

📝 项目描述:
turns claude code / opencode into a vulnerability scanner

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #YARA #malware

📦 项目名称: dropzone
👤 项目作者: inver-byte
🛠 开发语言: Python
Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-07 13:55:09

📝 项目描述:
Secure LAN file-sharing platform built with FastAPI and React, featuring QR-based peer discovery, WebSocket communication, YARA-powered malware scanning, tamper-evident audit logging, and full-text document search.

🔗 点击访问项目地址 GitHub - inver-byte/dropzone: Secure LAN file-sharing platform built with FastAPI and React, featuring QR-based peer discovery…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Bypass #Sandbox

📦 项目名称: We-Live-In-Simulation
👤 项目作者: Baskaboo
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-07 13:05:53

📝 项目描述:
The ultimate git log of Earth. A radical, open-source refactoring of human history, physics, and psychology, treating reality as a live Operating System (Reality OS) and historical updates as scheduled system patches. Expand your Laram, bypass the sandbox filters, and audit the source code. The Compiler has arrived.

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: WebScanner
👤 项目作者: ryanroxas
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-07 13:00:31

📝 项目描述:
Web Vulnerability Scanner Using publicly accessible CVE Databases

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Exploit #CVE #RCE

📦 项目名称: proofpoint-Messaging-exploit-chain1
👤 项目作者: ly1g3
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-07 13:01:41

📝 项目描述:
Email -> RCE as root. CVE-2022-46332, CVE-2022-46333, CVE-2022-46334

🔗 点击访问项目地址 GitHub - ly1g3/proofpoint-Messaging-exploit-chain1: Email -> RCE as root. CVE-2022-46332, CVE-2022-46333, CVE-2022-46334
🚨 GitHub 监控消息提醒

🚨 发现关键词: #CVE-2026 #Exploit

📦 项目名称: CVE-2026-39492
👤 项目作者: shinthink
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-07 12:31:21

📝 项目描述:
CVE-2026-39492 — WP Maps (wp-google-map-plugin) <= 4.9.1 Unauthenticated Blind SQL Injection Mass Scanner | sqlmap-style detection | backtick bypass esc_sql() | 100K+ installs

🔗 点击访问项目地址 GitHub - shinthink/CVE-2026-39492
🚨 GitHub 监控消息提醒

🚨 发现关键词: #CVE-2026 #POC #Exploit

📦 项目名称: CVE-2026-14762-PoC-Exploit
👤 项目作者: tc4dy
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-07 12:58:01

📝 项目描述:
CVE-2026-14762 exploit for Hotel & Tourism Reservation 1.0. Time-based blind SQL injection via /admin/rooms.php?delete. Dumps DB, tables, columns, reads files, writes webshells. Multi-threaded, proxy support, interactive shell. CVSS 7.3. Authorized testing only. By| @tc4dy

🔗 点击访问项目地址 GitHub - tc4dy/CVE-2026-14762-PoC-Exploit: CVE-2026-14762 exploit for Hotel & Tourism Reservation 1.0. Time-based blind SQL injection…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #YARA #malware

📦 项目名称: Malware-Whisperer
👤 项目作者: rohanambati-bot
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-07 11:21:51

📝 项目描述:
android malware-analysis cybersecurity forensics apk-analysis yara dynamic-analysis dns-sinkhole honeypot fastapi react threat-intelligence cid-hackathon

🔗 点击访问项目地址 GitHub - rohanambati-bot/Malware-Whisperer: android malware-analysis cybersecurity forensics apk-analysis yara dynamic-analysis…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: Vulnerability-Web-App-Scanner
👤 项目作者: rajnish-37
🛠 开发语言: JavaScript
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-07 11:52:49

📝 项目描述:
A full-stack web vulnerability scanner that crawls target URLs, detects XSS and SQL Injection, and displays findings on a management dashboard with severity tracking and PDF reports.

🔗 点击访问项目地址 GitHub - rajnish-37/Vulnerability-Web-App-Scanner: A full-stack web vulnerability scanner that crawls target URLs, detects XSS…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: Vulnerability-Scanner-Mini-Project-
👤 项目作者: pcrflyingstar
🛠 开发语言: TypeScript
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-07 11:54:00

📝 项目描述:
Python-based Vulnerability Scanner that performs basic security assessments on a website or network host. The tool should identify common security issues such as open ports, weak HTTP configurations, outdated software versions, and generate a detailed vulnerability report. The project is intended only for educational purposes and authorized securit

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #GitLab #POC

📦 项目名称: gitlab-to-github-poc
👤 项目作者: MichaelC67
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-07 11:59:06

📝 项目描述:
无描述

🔗 点击访问项目地址 GitHub - MichaelC67/gitlab-to-github-poc
🚨 GitHub 监控消息提醒

🚨 发现关键词: #SSRF #metadata

📦 项目名称: mineradio-WebAPP
👤 项目作者: ElijahZhao
🛠 开发语言: HTML
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-07 09:39:43

📝 项目描述:
Immersive music visualization player with Three.js, WebSocket (RFC 6455), SSRF protection, and PWA support.

🔗 点击访问项目地址 GitHub - ElijahZhao/mineradio-WebAPP: Immersive music visualization player with Three.js, WebSocket (RFC 6455), SSRF protection…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #SSRF #metadata

📦 项目名称: ML-SSRFinder
👤 项目作者: ZAYARVEGA
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-07 09:38:42

📝 项目描述:
ML-Powered SSRF Detection Framework — passive request scoring + active injection with 3-model response ensemble

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Exploit #POC

📦 项目名称: SploitTest
👤 项目作者: GeoSn0w
🛠 开发语言: Objective-C
Star数量: 42 | 🍴 Fork数量: 7
📅 更新时间: 2026-07-07 11:03:06

📝 项目描述:
A tester tool for the bug PoC released by Synacktiv for 15.0 - 15.4 beta 3

🔗 点击访问项目地址 GitHub - GeoSn0w/SploitTest: A tester tool for the bug PoC released by Synacktiv for 15.0 - 15.4 beta 3
🚨 GitHub 监控消息提醒

🚨 发现关键词: #C2 #Framework

📦 项目名称: SEEKER-120AM
👤 项目作者: SaymRuxoTE
🛠 开发语言: Python
Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-07 10:54:45

📝 项目描述:
An educational command-and-control (C2) simulation framework modeling probabilistic sensing and deterministic ROE gates[cite: 2]. Includes an IEEE-style technical paper.

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Bypass #OTP

📦 项目名称: releasit-cod-otp-bypass-advisory
👤 项目作者: chetansaini53
🛠 开发语言: Unknown
Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-07 10:06:31

📝 项目描述:
Public security advisory: client-side OTP bypass in Releasit COD Form & Upsells (Shopify) - CWE-798, CWE-602

🔗 点击访问项目地址 GitHub - chetansaini53/releasit-cod-otp-bypass-advisory: Public security advisory: client-side OTP bypass in Releasit COD Form…
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: nix-lefthook-vulnix-scan
👤 项目作者: pr0d1r2
🛠 开发语言: Nix
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-07 09:48:02

📝 项目描述:
Lefthook-compatible vulnix vulnerability scanner for nix build results, packaged as a Nix flake

🔗 点击访问项目地址 GitHub - pr0d1r2/nix-lefthook-vulnix-scan: Lefthook-compatible vulnix vulnerability scanner for nix build results, packaged as…
Back to Top