监控Github上的漏洞、红队等信息。
GitHub监控消息提醒!!!

更新了:CVE-2025
描述:CVE-2025-66723: inMusic Brands Engine DJ >=3.0.0 through <4.3.4 exposes local and network files to external parties
URL:https://github.com/audiopump/cve-2025-66723

标签:#CVE-2025
GitHub
GitHub - audiopump/cve-2025-66723: CVE-2025-66723: inMusic Brands Engine DJ >=3.0.0 through <4.3.4 exposes local and network files…
GitHub - audiopump/cve-2025-66723: CVE-2025-66723: inMusic Brands Engine DJ >=3.0.0 through <4.3.4 exposes local and network files…
CVE-2025-66723: inMusic Brands Engine DJ >=3.0.0 through <4.3.4 exposes local and network files to external parties - audiopump/cve-2025-66723
CVE
GitHub监控消息提醒!!!

更新了:CVE-2025
描述:Exploit, Lab, and Scanner (code and external scanner) for Mongobleed CVE-2025-14847 plus sync with phoenix security vulnerability analysis and attribution
URL:https://github.com/Security-Phoenix-demo/Mongobleed-CVE-2025-14847

标签:#CVE-2025
CVE
GitHub监控消息提醒!!!

更新了:RCE
描述:🛠️ Explore vulnerabilities in Next.js apps with this RCE Security Research Kit for safe, ethical testing and learning.
URL:https://github.com/hrefcoder/hrefcoder.github.io

标签:#RCE
GitHub
GitHub - hrefcoder/hrefcoder.github.io: 🛠️ Explore vulnerabilities in Next.js apps with this RCE Security Research Kit for safe…
GitHub - hrefcoder/hrefcoder.github.io: 🛠️ Explore vulnerabilities in Next.js apps with this RCE Security Research Kit for safe…
🛠️ Explore vulnerabilities in Next.js apps with this RCE Security Research Kit for safe, ethical testing and learning. - hrefcoder/hrefcoder.github.io
RCE
GitHub监控消息提醒!!!

更新了:CVE-2025
描述:🚨 Exploit the CVE-2025-49844 Redis Lua interpreter UAF vulnerability to execute arbitrary shellcode and gain persistent backdoor access.
URL:https://github.com/JemHadar/MongoBleed-DFIR-Triage-Script-CVE-2025-14847

标签:#CVE-2025
GitHub
GitHub - JemHadar/MongoBleed-DFIR-Triage-Script-CVE-2025-14847: The script focuses on safe artifact acquisition first, followed…
GitHub - JemHadar/MongoBleed-DFIR-Triage-Script-CVE-2025-14847: The script focuses on safe artifact acquisition first, followed…
The script focuses on safe artifact acquisition first, followed by optional on-host analysis, and produces a portable, hashed forensic archive suitable for offline investigation on a forensic works...
CVE
GitHub监控消息提醒!!!

更新了:CVE-2025
描述:Proof of Concept for CVE-2025-24893 demonstrating unauthenticated remote command execution in XWiki through unsafe server-side template evaluation.
URL:https://github.com/BreakingRohit/CVE-2025-24893-PoC

标签:#CVE-2025
GitHub
GitHub - BreakingRohit/CVE-2025-24893-PoC: CVE-2025-24893 PoC for unauthenticated remote command execution in XWiki.
CVE-2025-24893 PoC for unauthenticated remote command execution in XWiki. - BreakingRohit/CVE-2025-24893-PoC
CVE
GitHub监控消息提醒!!!

更新了:CVE-2025
描述:Basic customization app using CVE-2025-24203. Patched in iOS 18.4.
URL:https://github.com/JemHadar/MongoBleed-DFIR-Triage-Script-CVE-2025-14847-

标签:#CVE-2025
GitHub
GitHub - JemHadar/MongoBleed-DFIR-Triage-Script-CVE-2025-14847-: The script focuses on safe artifact acquisition first, followed…
GitHub - JemHadar/MongoBleed-DFIR-Triage-Script-CVE-2025-14847-: The script focuses on safe artifact acquisition first, followed…
The script focuses on safe artifact acquisition first, followed by optional on-host analysis, and produces a portable, hashed forensic archive suitable for offline investigation on a forensic works...
CVE
GitHub监控消息提醒!!!

更新了:CVE-2025
描述:n8n CVE-2025-68613
URL:https://github.com/gagaltotal/n8n-cve-2025-68613

标签:#CVE-2025
GitHub
GitHub - gagaltotal/n8n-cve-2025-68613: n8n CVE-2025-68613
GitHub - gagaltotal/n8n-cve-2025-68613: n8n CVE-2025-68613
n8n CVE-2025-68613. Contribute to gagaltotal/n8n-cve-2025-68613 development by creating an account on GitHub.
CVE
GitHub监控消息提醒!!!

更新了:应急响应
描述:本系统为基于Springboot+vue的应急物资管理系统,采用前后端分离架构,实现了物资信息管理、供应协调等核心功能。通过MVC设计模式,结合Spring、Mybatis等技术,构建了简洁易用的Web操作界面,满足应急情况下物资的高效管理需求。系统基于MySQL数据库,确保数据稳定存储,为应急响应提供可靠支持。
URL:https://github.com/kevinyang11103/mdSweSIGWA

标签:#应急响应
GitHub
GitHub - kevinyang11103/mdSweSIGWA: 本系统为基于Springboot+vue的应急物资管理系统,采用前后端分离架构,实现了物资信息管理、供应协调等核心功能。通过MVC设计模式,结合Spring、Mybatis等技术,…
本系统为基于Springboot+vue的应急物资管理系统,采用前后端分离架构,实现了物资信息管理、供应协调等核心功能。通过MVC设计模式,结合Spring、Mybatis等技术,构建了简洁易用的Web操作界面,满足应急情况下物资的高效管理需求。系统基于MySQL数据库,确保数据稳定存储,为应急响应提供可靠支持。 - kevinyang11103/mdSweSIGWA
应急响应
GitHub监控消息提醒!!!

更新了:信息收集
描述:Cobalt Strike插件,用于快速进行信息收集和内网渗透,不需要敲击复杂的命令,只需手动点点点即可完成。
URL:https://github.com/5ma111eaf/DarkHunter

标签:#信息收集
GitHub
5ma111eaf/DarkHunter
5ma111eaf/DarkHunter
Cobalt Strike插件,用于快速进行信息收集和内网渗透,不需要敲击复杂的命令,只需手动点点点即可完成。 - 5ma111eaf/DarkHunter
信息收集
GitHub监控消息提醒!!!

更新了:渗透测试
描述:GlobalProxy Master v2.0 是一款专为渗透测试和网络安全研究设计的专业级异步代理管理与分发系统。它能够将海量的远程代理源转化为本地稳定的高可用代理池,并通过智能调度算法保障网络请求的连通性。
URL:https://github.com/hzhsec/ProxyGlobal-Master

标签:#渗透测试
GitHub
GitHub - hzhsec/ProxyGlobal-Master: GlobalProxy Master v2.0 是一款专为渗透测试和网络安全研究设计的专业级异步代理管理与分发系统。它能够将海量的远程代理源转化为本地稳定的高可用代理池,并通过智能调度算法保障网络请求的连通性。
GitHub - hzhsec/ProxyGlobal-Master: GlobalProxy Master v2.0 是一款专为渗透测试和网络安全研究设计的专业级异步代理管理与分发系统。它能够将海量的远程代理源转化为本地稳定的高可用代理池,并通过智能调度算法保障网络请求的连通性。
GlobalProxy Master v2.0 是一款专为渗透测试和网络安全研究设计的专业级异步代理管理与分发系统。它能够将海量的远程代理源转化为本地稳定的高可用代理池,并通过智能调度算法保障网络请求的连通性。 - hzhsec/ProxyGlobal-Master
渗透测试
GitHub监控消息提醒!!!

更新了:渗透测试
描述:GlobalProxy Master v2.0 是一款专为渗透测试和网络安全研究设计的专业级异步代理管理与分发系统。它能够将海量的远程代理源转化为本地稳定的高可用代理池,并通过智能调度算法保障网络请求的连通性。
URL:https://github.com/hzhsec/GlobalProxy-Master-

标签:#渗透测试
GitHub
GitHub - hzhsec/ProxyGlobal-Master: GlobalProxy Master v2.0 是一款专为渗透测试和网络安全研究设计的专业级异步代理管理与分发系统。它能够将海量的远程代理源转化为本地稳定的高可用代理池,并通过智能调度算法保障网络请求的连通性。
GitHub - hzhsec/ProxyGlobal-Master: GlobalProxy Master v2.0 是一款专为渗透测试和网络安全研究设计的专业级异步代理管理与分发系统。它能够将海量的远程代理源转化为本地稳定的高可用代理池,并通过智能调度算法保障网络请求的连通性。
GlobalProxy Master v2.0 是一款专为渗透测试和网络安全研究设计的专业级异步代理管理与分发系统。它能够将海量的远程代理源转化为本地稳定的高可用代理池,并通过智能调度算法保障网络请求的连通性。 - hzhsec/ProxyGlobal-Master
渗透测试
GitHub监控消息提醒!!!

更新了:RCE
描述:🛠️ Exploit CVE-2025-55182 in Next.js with this interactive shell tool, enabling security researchers to verify vulnerabilities on authorized targets.
URL:https://github.com/MysticalHearts/CVE-2025-55182-React2Shell-RCE-Shell

标签:#RCE
GitHub
GitHub - MysticalHearts/CVE-2025-55182-React2Shell-RCE-Shell: 🛠️ Exploit CVE-2025-55182 in Next.js with this interactive shell…
GitHub - MysticalHearts/CVE-2025-55182-React2Shell-RCE-Shell: 🛠️ Exploit CVE-2025-55182 in Next.js with this interactive shell…
🛠️ Exploit CVE-2025-55182 in Next.js with this interactive shell tool, enabling security researchers to verify vulnerabilities on authorized targets. - MysticalHearts/CVE-2025-55182-React2Shell-RCE...
RCE
GitHub监控消息提醒!!!

更新了:CVE-2025
描述:🛠️ Exploit CVE-2025-55182 in Next.js with an interactive shell for security testing on authorized targets. Use responsibly for effective vulnerability assessment.
URL:https://github.com/MysticalHearts/mysticalhearts.github.io

标签:#CVE-2025
GitHub
GitHub - MysticalHearts/mysticalhearts.github.io: 🛠️ Exploit CVE-2025-55182 in Next.js with an interactive shell for security testing…
GitHub - MysticalHearts/mysticalhearts.github.io: 🛠️ Exploit CVE-2025-55182 in Next.js with an interactive shell for security testing…
🛠️ Exploit CVE-2025-55182 in Next.js with an interactive shell for security testing on authorized targets. Use responsibly for effective vulnerability assessment. - MysticalHearts/mysticalhearts.gi...
CVE
GitHub监控消息提醒!!!

更新了:代码审计
描述:Java代码审计入门
URL:https://github.com/BlkSword/CTX-Audit

标签:#代码审计
GitHub
GitHub - BlkSword/CTX-Audit: A high-level code auditing tool that supports the MCP protocol, integrated with an AST engine, rule…
GitHub - BlkSword/CTX-Audit: A high-level code auditing tool that supports the MCP protocol, integrated with an AST engine, rule…
A high-level code auditing tool that supports the MCP protocol, integrated with an AST engine, rule engine, code graph, and other tools, can further enhance LLM auditing capabilities. 支持 MCP 协议的高级...
代码审计
GitHub监控消息提醒!!!

更新了:CVE-2025
描述:MongoDB CVE-2025-14847 Heap Memory Leak Scanner | OP_COMPRESSED zlib Vulnerability | Bug Bounty & Red Team Tool
URL:https://github.com/Black1hp/mongobleed-scanner

标签:#CVE-2025
GitHub
GitHub - Black1hp/mongobleed-scanner: MongoDB CVE-2025-14847 Heap Memory Leak Scanner | OP_COMPRESSED zlib Vulnerability | Bug…
GitHub - Black1hp/mongobleed-scanner: MongoDB CVE-2025-14847 Heap Memory Leak Scanner | OP_COMPRESSED zlib Vulnerability | Bug…
MongoDB CVE-2025-14847 Heap Memory Leak Scanner | OP_COMPRESSED zlib Vulnerability | Bug Bounty & Red Team Tool - Black1hp/mongobleed-scanner
CVE
GitHub监控消息提醒!!!

更新了:CVE-2025
描述:Critical supply-chain vulnerability research on NiceHash QuickMiner update mechanism (CVE-2025-56513). Includes technical analysis, attack scenarios, impact assessment, and remediation guidance.
URL:https://github.com/psycho-prince/CVE-2025-56513-NiceHash-Update-Chain-Compromise

标签:#CVE-2025
GitHub
GitHub - psycho-prince/CVE-2025-56513-NiceHash-Update-Chain-Compromise: Critical supply-chain vulnerability research on NiceHash…
GitHub - psycho-prince/CVE-2025-56513-NiceHash-Update-Chain-Compromise: Critical supply-chain vulnerability research on NiceHash…
Critical supply-chain vulnerability research on NiceHash QuickMiner update mechanism (CVE-2025-56513). Includes technical analysis, attack scenarios, impact assessment, and remediation guidance. - ...
CVE
GitHub监控消息提醒!!!

更新了:CVE-2025
描述:CVE-2025-14847
URL:https://github.com/Ashwesker/Blackash-CVE-2025-14847

标签:#CVE-2025
GitHub
GitHub - Ashwesker/Blackash-CVE-2025-14847: CVE-2025-14847
CVE-2025-14847 . Contribute to Ashwesker/Blackash-CVE-2025-14847 development by creating an account on GitHub.
CVE
GitHub监控消息提醒!!!

更新了:RCE
描述:Repo containing pyarrow 14.0.0, vulnerable to RCE - CVE-2023-47248
URL:https://github.com/Prodigysec/pyarrow-CVE-2023-47248

标签:#RCE
GitHub
GitHub - Prodigysec/pyarrow-CVE-2023-47248: Repo containing pyarrow 14.0.0, vulnerable to RCE - CVE-2023-47248
Repo containing pyarrow 14.0.0, vulnerable to RCE - CVE-2023-47248 - Prodigysec/pyarrow-CVE-2023-47248
RCE
GitHub监控消息提醒!!!

更新了:护网
描述:Node.js+Playwright服务器,通过模拟 OpenAI API 的方式来访问 Google AI Studio 网页版,服务器无缝交互转发gemini模型对话。这使得兼容 OpenAI API 的客户端(如 Open WebUI, NextChat 等)可以使用 AI Studio 的无限额度及能力。经测试因无法绕过自动化检测故暂不支持无头模式启动实例-自用项目随缘维护
URL:https://github.com/linlinya520/termux-zh

标签:#护网
GitHub
GitHub - linlinya520/termux-zh: (中文版指令)作用与功能: 为 Termux 用户提供一个中文命令层,让常用命令可以用中文输入 支持文件操作、系统管理、网络操作、Python/Node/Git 包管理、文本处理、进程管理等…
GitHub - linlinya520/termux-zh: (中文版指令)作用与功能: 为 Termux 用户提供一个中文命令层,让常用命令可以用中文输入 支持文件操作、系统管理、网络操作、Python/Node/Git 包管理、文本处理、进程管理等…
(中文版指令)作用与功能: 为 Termux 用户提供一个中文命令层,让常用命令可以用中文输入 支持文件操作、系统管理、网络操作、Python/Node/Git 包管理、文本处理、进程管理等 中文命令全局可用,用户态安装,不覆盖系统命令 提供安装/卸载脚本和自动生成中英对照表功能 使用建议: 仅用于探索和实验,不适合生产环境 任何问题或损坏均由用户自行承担 - linliny...
护网
GitHub监控消息提醒!!!

更新了:RCE
描述:CVE-2023-5360 PoC: Unauthenticated arbitrary file upload leading to RCE in Royal Elementor Addons (≤ 1.3.78), written in pure Python.
URL:https://github.com/LaviruDilshan/CVE-2023-5360-exploit-with-native-libraries

标签:#RCE
GitHub
GitHub - LaviruDilshan/CVE-2023-5360-exploit-with-native-libraries: CVE-2023-5360 PoC: Unauthenticated arbitrary file upload leading…
GitHub - LaviruDilshan/CVE-2023-5360-exploit-with-native-libraries: CVE-2023-5360 PoC: Unauthenticated arbitrary file upload leading…
CVE-2023-5360 PoC: Unauthenticated arbitrary file upload leading to RCE in Royal Elementor Addons (≤ 1.3.78), written in pure Python. - LaviruDilshan/CVE-2023-5360-exploit-with-native-libraries
RCE
Before
After
Back to Top