GitHub监控消息提醒！！！

更新了：CVE-2026
描述：POC in python for CVE-2026-2461
URL：https://github.com/destiny-creates/CVE-2026-2461-poc

标签：#CVE-2026

GitHub

GitHub - destiny-creates/CVE-2026-2461-poc: POC in python for CVE-2026-2461

POC in python for CVE-2026-2461. Contribute to destiny-creates/CVE-2026-2461-poc development by creating an account on GitHub.

GitHub监控消息提醒！！！

更新了：应急响应
描述：深度学习目标检测算法YOLOV8如何训练无人机搜救人员数据集 如何应用与灾害应急响应、AI智能搜救、无人机自主识别人员检测 无人机航拍行人检测数据集
URL：https://github.com/QQ767172261/Deep-learning-target-detection-algorithm-YOLOV8-How-to-train-drone-search-and-rescue-personnel-datas

标签：#应急响应

GitHub

GitHub - QQ767172261/Deep-learning-target-detection-algorithm-YOLOV8-How-to-train-drone-search-and-rescue-personnel-datas: 深度学…

深度学习目标检测算法YOLOV8如何训练无人机搜救人员数据集 如何应用与灾害应急响应、AI智能搜救、无人机自主识别人员检测 无人机航拍行人检测数据集 - QQ767172261/Deep-learning-target-detection-algorithm-YOLOV8-How-to-train-drone-search-and-rescue-personnel-datas

GitHub监控消息提醒！！！

更新了：RCE
描述：Laravel < 8.4.2 RCE exploit
URL：https://github.com/crypt0lith/laravel-rce

标签：#RCE

GitHub

GitHub - crypt0lith/laravel-rce: Laravel < 8.4.2 RCE exploit

Laravel < 8.4.2 RCE exploit. Contribute to crypt0lith/laravel-rce development by creating an account on GitHub.

GitHub监控消息提醒！！！

更新了：Cobalt Strike
描述：Intrusion Analysis – HTTP-delivered archive leading to Cobalt Strike C2 and malspam Evidence
URL：https://github.com/ryan-har-plymouth/comp3010hk-set-exercise

标签：#Cobalt Strike

GitHub

GitHub - ryan-har-plymouth/comp3010hk-set-exercise: Intrusion Analysis – HTTP-delivered archive leading to Cobalt Strike C2 and…

Intrusion Analysis – HTTP-delivered archive leading to Cobalt Strike C2 and malspam Evidence - ryan-har-plymouth/comp3010hk-set-exercise

GitHub监控消息提醒！！！

更新了：CVE-2026
描述：🛠️ Exploit CVE-2026-21858 to demonstrate a full unauthenticated RCE chain in n8n, showcasing vulnerabilities and potential risks in affected versions.
URL：https://github.com/SimoesCTT/CTT-Refraction-Vortex-CVE-2026-7731-

标签：#CVE-2026

GitHub

GitHub - SimoesCTT/CTT-Refraction-Vortex-CVE-2026-7731-: Under CTT, we see it as a Temporal Synchronization Mismatch between the…

Under CTT, we see it as a Temporal Synchronization Mismatch between the Identity Provider and the Service Provider. By injecting a pulse at the \alpha=0.0302011 frequency, we don't bypass t...

GitHub监控消息提醒！！！

更新了：绕过
描述：用于自动续期 Katabump 服务器的自动化脚本。它利用 Playwright 和 CDP (Chrome DevTools Protocol) 技术来模拟用户操作，能够有效绕过 Cloudflare Turnstile 验证码
URL：https://github.com/XCQ0607/katabump

标签：#绕过

GitHub

GitHub - XCQ0607/katabump: 用于自动续期 Katabump 服务器的自动化脚本。它利用 Playwright 和 CDP (Chrome DevTools Protocol) 技术来模拟用户操作，能够有效绕过 Cloudflare…

用于自动续期 Katabump 服务器的自动化脚本。它利用 Playwright 和 CDP (Chrome DevTools Protocol) 技术来模拟用户操作，能够有效绕过 Cloudflare Turnstile 验证码 - XCQ0607/katabump

GitHub监控消息提醒！！！

更新了：CVE-2026
描述：CTT-Terrminus-Vortex (CVE-2026-2406)
URL：https://github.com/SimoesCTT/CTT-Sovereign-Vortex

标签：#CVE-2026

GitHub

GitHub - SimoesCTT/CTT-Sovereign-Vortex: CTT-Terrminus-Vortex (CVE-2026-2406)

CTT-Terrminus-Vortex (CVE-2026-2406). Contribute to SimoesCTT/CTT-Sovereign-Vortex development by creating an account on GitHub.

GitHub监控消息提醒！！！

更新了：CVE-2026
描述： AsyncIO Scanner & Exploitation Framework for CVE-2026-24061 (Telnet NEW_ENVIRON Auth Bypass). Features high-concurrency discovery, passive fingerprinting, and authorized root shell escalation
URL：https://github.com/ridpath/Terrminus-CVE-2026-2406

标签：#CVE-2026

GitHub

GitHub - ridpath/Terrminus-CVE-2026-2406

Contribute to ridpath/Terrminus-CVE-2026-2406 development by creating an account on GitHub.

GitHub监控消息提醒！！！

更新了：漏洞扫描
描述：该系统是一款面向安全开发流程的漏洞扫描器，用于自动识别软件中的安全漏洞。系统具备代码分析、漏洞匹配、风险评估等功能模块，采用深度学习技术，可高效识别和报告安全风险。支持多种编程语言和框架，辅助开发者提升软件安全性。
URL：https://github.com/3886370410/JtpUaUovFg

标签：#漏洞扫描

GitHub

GitHub - 3886370410/JtpUaUovFg: 该系统是一款面向安全开发流程的漏洞扫描器，用于自动识别软件中的安全漏洞。系统具备代码分析、漏洞匹配、风险评估等功能模块，采用深度学习技术，可高效识别和报告安全风险。支持多种编程语言和框架，辅助开发者提升软件安全性。

该系统是一款面向安全开发流程的漏洞扫描器，用于自动识别软件中的安全漏洞。系统具备代码分析、漏洞匹配、风险评估等功能模块，采用深度学习技术，可高效识别和报告安全风险。支持多种编程语言和框架，辅助开发者提升软件安全性。 - 3886370410/JtpUaUovFg

GitHub监控消息提醒！！！

更新了：CVE-2026
描述：CVE-2026-1457 is an authenticated buffer overflow vulnerability in the web API of TP-Link VIGI C385 V1. This vulnerability allows authenticated attackers to perform remote code execution (RCE).
URL：https://github.com/ii4gsp/CVE-2026-1457

标签：#CVE-2026

GitHub

GitHub - ii4gsp/CVE-2026-1457: CVE-2026-1457 is an authenticated buffer overflow vulnerability in the web API of TP-Link VIGI C385…

CVE-2026-1457 is an authenticated buffer overflow vulnerability in the web API of TP-Link VIGI C385 V1. This vulnerability allows authenticated attackers to perform remote code execution (RCE). - i...

GitHub监控消息提醒！！！

更新了：CVE-2026
描述：CVE-2026-24858 FortiCloud Single Sign On (SSO) a factory default enabled feature once you register any FortiGate/FortiManager/FortiAnalyzer contains a critical authentication bypass flaw.
URL：https://github.com/SimoesCTT/CTT-Kernel-Resonance-io_uring-Temporal-Phase-Transition

标签：#CVE-2026

GitHub

GitHub - SimoesCTT/CTT-Kernel-Resonance-io_uring-Temporal-Phase-Transition: CVE-2026-24102 is a Use-After-Free (UAF) vulnerability…

CVE-2026-24102 is a Use-After-Free (UAF) vulnerability within the Linux Kernel io_uring subsystem. While traditional exploits attempt to win a race condition through brute-force CPU pinning, Simoes...

GitHub监控消息提醒！！！

更新了：信息收集
描述：本仓库用于记录和分享本人 Hack The Box（HTB）靶场实战笔记， 围绕信息收集、漏洞利用、权限提升及攻击路径构建等环节， 系统化总结攻防思路与技术要点。
URL：https://github.com/joohnny157/HackTheBox-notes

标签：#信息收集

GitHub

joohnny157/HackTheBox-notes

本仓库用于记录和分享本人 Hack The Box（HTB）靶场实战笔记， 围绕信息收集、漏洞利用、权限提升及攻击路径构建等环节， 系统化总结攻防思路与技术要点。 - joohnny157/HackTheBox-notes

GitHub监控消息提醒！！！

更新了：RCE
描述：CVE-2026-1457 is an authenticated buffer overflow vulnerability in the web API of TP-Link VIGI C385 V1. This vulnerability allows authenticated attackers to perform remote code execution (RCE).
URL：https://github.com/ii4gsp/CVE-2026-1457-TP-Link-VIGI-C385-Authenticated-Remote-Code-Execution

标签：#RCE

GitHub

GitHub - ii4gsp/CVE-2026-1457-TP-Link-VIGI-C385-Authenticated-Remote-Code-Execution: CVE-2026-1457 is an authenticated buffer overflow…

CVE-2026-1457 is an authenticated buffer overflow vulnerability in the web API of TP-Link VIGI C385 V1. This vulnerability allows authenticated attackers to perform remote code execution (RCE). - i...

GitHub监控消息提醒！！！

更新了：CVE-2026
描述：CVE-2026-24858 FortiCloud Single Sign On (SSO) a factory default enabled feature once you register any FortiGate/FortiManager/FortiAnalyzer contains a critical authentication bypass flaw.
URL：https://github.com/absholi7ly/CVE-2026-24858-FortiCloud-SSO-Authentication-Bypass

标签：#CVE-2026

GitHub

GitHub - absholi7ly/CVE-2026-24858-FortiCloud-SSO-Authentication-Bypass: CVE-2026-24858 FortiCloud Single Sign On (SSO) a factory…

CVE-2026-24858 FortiCloud Single Sign On (SSO) a factory default enabled feature once you register any FortiGate/FortiManager/FortiAnalyzer contains a critical authentication bypass flaw. - absho...

GitHub监控消息提醒！！！

更新了：渗透测试
描述：一个基于 FastAPI + React 的企业级资产管理和关系图谱可视化平台 专为渗透测试团队、安全研究人员和红队打造
URL：https://github.com/bilisheep/ExternalHound

标签：#渗透测试

GitHub

GitHub - bilisheep/ExternalHound: 一个基于 FastAPI + React 的企业级资产管理和关系图谱可视化平台 专为渗透测试团队、安全研究人员和红队打造

一个基于 FastAPI + React 的企业级资产管理和关系图谱可视化平台 专为渗透测试团队、安全研究人员和红队打造 - bilisheep/ExternalHound

GitHub监控消息提醒！！！

更新了：RCE
描述：Heap technique that bypasses modern glibc protections via UAF-write and safe-unlinking to write libc addresses into tcache, enabling stdout FILE structure overlap for leak and RCE.
URL：https://github.com/4f3rg4n/House-of-Eggs

标签：#RCE

GitHub

GitHub - 4f3rg4n/House-of-Eggs: Heap technique that bypasses modern glibc protections via UAF-write and safe-unlinking to write…

Heap technique that bypasses modern glibc protections via UAF-write and safe-unlinking to write libc addresses into tcache, enabling stdout FILE structure overlap for leak and RCE. - 4f3rg4n/House-...

GitHub监控消息提醒！！！

更新了：钓鱼
描述：针对钓鱼攻击的实时检测需求，本文提出一种轻量级恶意URL检测框架。该方案采用XGBoost模型结合SHAP解释器，仅提取18维静态统计特征，即实现0.9995的AUC值，显著优于逻辑回归基准。在低配置云环境中，系统吞吐量超过42.8万TPS，平均延迟仅0.0024毫秒，同时通过特征归因分析保障决策可解释性，适用于边缘网关实时流量过滤。
URL：https://github.com/YanFei-L/L_URL-Detection

标签：#钓鱼

GitHub

GitHub - YanFei-L/L_URL-Detection: 针对钓鱼攻击的实时检测需求，本文提出一种轻量级恶意URL检测框架。该方案采用XGBoost模型结合SHAP解释器，仅提取18维静态统计特征，即实现0.9995的AUC值，显著优于逻辑…

针对钓鱼攻击的实时检测需求，本文提出一种轻量级恶意URL检测框架。该方案采用XGBoost模型结合SHAP解释器，仅提取18维静态统计特征，即实现0.9995的AUC值，显著优于逻辑回归基准。在低配置云环境中，系统吞吐量超过42.8万TPS，平均延迟仅0.0024毫秒，同时通过特征归因分析保障决策可解释性，适用于边缘网关实时流量过滤。 - YanFei-L/L_URL-Detection

GitHub监控消息提醒！！！

更新了：Red Team
描述：Go-based C2 server inspired by Cobalt Strike; seamless agent control, web UI, and Malleable Profile support. Fast, extensible, and secure for red-team ops. 🐙
URL：https://github.com/Darkelf2024/Darkelf-CLI-Tools

标签：#Red Team

GitHub

GitHub - Darkelf2024/Darkelf-CLI-Tools: Darkelf CLI is a post-quantum hardened OSINT Tool Kit and messaging platform for adversarial…

Darkelf CLI is a post-quantum hardened OSINT Tool Kit and messaging platform for adversarial or censorship-heavy environments. Designed for operatives, researchers, and red teamers, it provides pow...

GitHub监控消息提醒！！！

更新了：CVE-2026
描述：CVE-2026-24858: Authentication Bypass in Fortinet Products via FortiCloud SSO
URL：https://github.com/b1gchoi/CVE-2026-24858

标签：#CVE-2026

GitHub

GitHub - b1gchoi/CVE-2026-24858

Contribute to b1gchoi/CVE-2026-24858 development by creating an account on GitHub.

GitHub监控消息提醒！！！

更新了：内网横向
描述：本项目集成了全网优秀的攻防武器工具项目，包含自动化利用，子域名、目录扫描、端口扫描等信息收集工具，各大中间件、cms、OA漏洞利用工具，爆破工具、内网横向、免杀、社工钓鱼以及应急响应、甲方安全资料等其他安全攻防资料。
URL：https://github.com/wangbin777/data-collection-service

标签：#内网横向

GitHub

GitHub - wangbin777/data-collection-service: 面向物联网与工业数据采集场景的高性能采集服务，支持 Modbus / OPC UA / IEC104 / MQTT 等协议...基于 Spring Boot 3.x…

面向物联网与工业数据采集场景的高性能采集服务，支持 Modbus / OPC UA / IEC104 / MQTT 等协议...基于 Spring Boot 3.x + Java 17 构建，内置 配置下发、采集调度、数据处理、缓存、纵向转横向聚合、事件/告警、云平台上报以及监控观测 的完整链路。 本项目可直接用于 工业现场私有化部署，也可作为 工业物联网采集网关底座 进行二次开发。 目前...