GitHub监控消息提醒!!!
更新了:横向移动
描述:Langflow 在对用户提交的“验证代码”做 AST 解析和编译时,在未做鉴权与沙箱限制的情况下调用了 Python 的 compile()/exec()(以及在编译阶段会评估函数默认参数与装饰器),攻击者可把恶意载荷放在参数默认值或装饰器里,借此在服务器上下文中执行任意语句(反弹 shell、下载器、横向移动等)
URL:https://github.com/999999999to1/ProfilePage
标签:#横向移动
更新了:横向移动
描述:Langflow 在对用户提交的“验证代码”做 AST 解析和编译时,在未做鉴权与沙箱限制的情况下调用了 Python 的 compile()/exec()(以及在编译阶段会评估函数默认参数与装饰器),攻击者可把恶意载荷放在参数默认值或装饰器里,借此在服务器上下文中执行任意语句(反弹 shell、下载器、横向移动等)
URL:https://github.com/999999999to1/ProfilePage
标签:#横向移动
GitHub
GitHub - 999999999to1/ProfilePage: SwiftUI & UIKit 混合实现的用户个人主页组件,支持横向分页、多图列表和可伸缩头部。 支持平滑的 Header 高度过渡、Tab 切换动画以及垂直滚动偏移管理。A user…
SwiftUI & UIKit 混合实现的用户个人主页组件,支持横向分页、多图列表和可伸缩头部。 支持平滑的 Header 高度过渡、Tab 切换动画以及垂直滚动偏移管理。A user profile page component implemented with a mix of SwiftUI and UIKit, supporting horizontal paging...
GitHub监控消息提醒!!!
更新了:信息收集
描述:智能信息收集系统 - 自动从多个可靠信息源收集、分析和汇总信息
URL:https://github.com/LostAbaddon/InfoCollector
标签:#信息收集
更新了:信息收集
描述:智能信息收集系统 - 自动从多个可靠信息源收集、分析和汇总信息
URL:https://github.com/LostAbaddon/InfoCollector
标签:#信息收集
GitHub
GitHub - LostAbaddon/InfoCollector: 智能信息收集系统 - 自动从多个可靠信息源收集、分析和汇总信息
智能信息收集系统 - 自动从多个可靠信息源收集、分析和汇总信息. Contribute to LostAbaddon/InfoCollector development by creating an account on GitHub.
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:🚨 Exploit the CVE-2025-49844 Redis Lua interpreter UAF vulnerability to execute arbitrary shellcode and gain persistent backdoor access.
URL:https://github.com/Zain3311/CVE-2025-49844
标签:#CVE-2025
更新了:CVE-2025
描述:🚨 Exploit the CVE-2025-49844 Redis Lua interpreter UAF vulnerability to execute arbitrary shellcode and gain persistent backdoor access.
URL:https://github.com/Zain3311/CVE-2025-49844
标签:#CVE-2025
GitHub
GitHub - Zain3311/CVE-2025-49844: 🚨 Exploit the CVE-2025-49844 Redis Lua interpreter UAF vulnerability to execute arbitrary shellcode…
🚨 Exploit the CVE-2025-49844 Redis Lua interpreter UAF vulnerability to execute arbitrary shellcode and gain persistent backdoor access. - Zain3311/CVE-2025-49844
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:Pixnapping Attack: Compromising private keys and seed phrases through vulnerability CVE-2025-48561 represents a new critical threat to the Bitcoin network and Android infrastructure
URL:https://github.com/demining/Pixnapping-Attack-on-Android
标签:#CVE-2025
更新了:CVE-2025
描述:Pixnapping Attack: Compromising private keys and seed phrases through vulnerability CVE-2025-48561 represents a new critical threat to the Bitcoin network and Android infrastructure
URL:https://github.com/demining/Pixnapping-Attack-on-Android
标签:#CVE-2025
GitHub
GitHub - demining/Pixnapping-Attack-on-Android: Pixnapping Attack: Compromising private keys and seed phrases through vulnerability…
Pixnapping Attack: Compromising private keys and seed phrases through vulnerability CVE-2025-48561 represents a new critical threat to the Bitcoin network and Android infrastructure - demining/Pixn...
GitHub监控消息提醒!!!
更新了:漏洞扫描
描述:针对 postmessage xss 的漏洞扫描器
URL:https://github.com/bitboy-sys/postmessage_xss_scanner
标签:#漏洞扫描
更新了:漏洞扫描
描述:针对 postmessage xss 的漏洞扫描器
URL:https://github.com/bitboy-sys/postmessage_xss_scanner
标签:#漏洞扫描
GitHub
GitHub - bitboy-sys/postmessage_xss_scanner: 针对 postmessage xss 的漏洞扫描器
针对 postmessage xss 的漏洞扫描器. Contribute to bitboy-sys/postmessage_xss_scanner development by creating an account on GitHub.
GitHub监控消息提醒!!!
更新了:RCE
描述:data stories RCE
URL:https://github.com/danielvflores/rce-java-vulnerability
标签:#RCE
更新了:RCE
描述:data stories RCE
URL:https://github.com/danielvflores/rce-java-vulnerability
标签:#RCE
GitHub
GitHub - danielvflores/rce-java-vulnerability: This repository contains a testing area in which a Minecraft plugin is created for…
This repository contains a testing area in which a Minecraft plugin is created for Java 8 (MC 1.13.0) with explicit RCE commands (eval, rce, and exec) to understand how RCE works, what its purpose ...
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:Pixnapping Attack: Compromising private keys and seed phrases through vulnerability CVE-2025-48561 represents a new critical threat to the Bitcoin network and Android infrastructure
URL:https://github.com/Lupovis/Honeypot-for-CVE-2025-59287-WSUS
标签:#CVE-2025
更新了:CVE-2025
描述:Pixnapping Attack: Compromising private keys and seed phrases through vulnerability CVE-2025-48561 represents a new critical threat to the Bitcoin network and Android infrastructure
URL:https://github.com/Lupovis/Honeypot-for-CVE-2025-59287-WSUS
标签:#CVE-2025
GitHub
GitHub - Lupovis/Honeypot-for-CVE-2025-59287-WSUS: Defensive PoC decoy for CVE-2025-59287 (WSUS) - emulates WSUS endpoints, captures…
Defensive PoC decoy for CVE-2025-59287 (WSUS) - emulates WSUS endpoints, captures request bodies and metadata, saves evidence for forensic analysis, and provides validation harness and detection ru...
GitHub监控消息提醒!!!
更新了:绕过
描述:用来绕过《苍蓝誓约》的版本更新和别的什么验证的服务器程序
URL:https://github.com/xys20071111/BlueOath-fake-server
标签:#绕过
更新了:绕过
描述:用来绕过《苍蓝誓约》的版本更新和别的什么验证的服务器程序
URL:https://github.com/xys20071111/BlueOath-fake-server
标签:#绕过
GitHub
GitHub - xys20071111/BlueOath-fake-server: 《苍蓝誓约》游戏服务器的第三方实现
《苍蓝誓约》游戏服务器的第三方实现. Contribute to xys20071111/BlueOath-fake-server development by creating an account on GitHub.
GitHub监控消息提醒!!!
更新了:绕过
描述:绕过谷歌服务证书校验 / Bypass Google Service License Verification
URL:https://github.com/JiGuroLGC/FuckGoogleLicense
标签:#绕过
更新了:绕过
描述:绕过谷歌服务证书校验 / Bypass Google Service License Verification
URL:https://github.com/JiGuroLGC/FuckGoogleLicense
标签:#绕过
GitHub
GitHub - JiGuroLGC/FuckGoogleLicense: 绕过谷歌服务证书校验 / Bypass Google Service License Verification
绕过谷歌服务证书校验 / Bypass Google Service License Verification - JiGuroLGC/FuckGoogleLicense
GitHub监控消息提醒!!!
更新了:RCE
描述:Cleanest, no RCE, xworm 6.5
URL:https://github.com/ledjonponari/Xworm6.5
标签:#RCE
更新了:RCE
描述:Cleanest, no RCE, xworm 6.5
URL:https://github.com/ledjonponari/Xworm6.5
标签:#RCE
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:Module PowerShell de réponse à l'incident CVE-2025-59287 — WSUS Remote Code Execution (RCE)
URL:https://github.com/RadzaRr/WSUSResponder
标签:#CVE-2025
更新了:CVE-2025
描述:Module PowerShell de réponse à l'incident CVE-2025-59287 — WSUS Remote Code Execution (RCE)
URL:https://github.com/RadzaRr/WSUSResponder
标签:#CVE-2025
GitHub
GitHub - RadzaRr/WSUSResponder: Module PowerShell de réponse à l'incident CVE-2025-59287 — WSUS Remote Code Execution (RCE)
Module PowerShell de réponse à l'incident CVE-2025-59287 — WSUS Remote Code Execution (RCE) - RadzaRr/WSUSResponder
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:CVE-2025-61882 — Critical Oracle EBS RCE: Analysis & Response
URL:https://github.com/AshrafZaryouh/CVE-2025-61882-Executive-Summary
标签:#CVE-2025
更新了:CVE-2025
描述:CVE-2025-61882 — Critical Oracle EBS RCE: Analysis & Response
URL:https://github.com/AshrafZaryouh/CVE-2025-61882-Executive-Summary
标签:#CVE-2025
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:🚨 CVE-2025-61884 — High-Risk Oracle EBS Configurator Info Disclosure
URL:https://github.com/AshrafZaryouh/CVE-2025-61884-At-a-Glance
标签:#CVE-2025
更新了:CVE-2025
描述:🚨 CVE-2025-61884 — High-Risk Oracle EBS Configurator Info Disclosure
URL:https://github.com/AshrafZaryouh/CVE-2025-61884-At-a-Glance
标签:#CVE-2025
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:Disclosure for CVE-2025-61156, an insecure access control, kernel-mode vulnerability found in ThreatFire System Monitor abused in the wild for BYOVD and EDR evasion.
URL:https://github.com/D7EAD/CVE-2025-61156
标签:#CVE-2025
更新了:CVE-2025
描述:Disclosure for CVE-2025-61156, an insecure access control, kernel-mode vulnerability found in ThreatFire System Monitor abused in the wild for BYOVD and EDR evasion.
URL:https://github.com/D7EAD/CVE-2025-61156
标签:#CVE-2025
GitHub
GitHub - D7EAD/CVE-2025-61156: Disclosure for CVE-2025-61156, an insecure access control, kernel-mode vulnerability found in ThreatFire…
Disclosure for CVE-2025-61156, an insecure access control, kernel-mode vulnerability found in ThreatFire System Monitor abused in the wild for BYOVD and EDR evasion. - D7EAD/CVE-2025-61156
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:Helps defenders find their WSUS configurations in the wake of CVE-2025-59287
URL:https://github.com/mubix/Find-WSUS
标签:#CVE-2025
更新了:CVE-2025
描述:Helps defenders find their WSUS configurations in the wake of CVE-2025-59287
URL:https://github.com/mubix/Find-WSUS
标签:#CVE-2025
GitHub
GitHub - mubix/Find-WSUS: Helps defenders find their WSUS configurations in the wake of CVE-2025-59287
Helps defenders find their WSUS configurations in the wake of CVE-2025-59287 - mubix/Find-WSUS
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:🚨 Exploit the CVE-2025-49844 Redis Lua interpreter UAF vulnerability to execute arbitrary shellcode and gain persistent backdoor access.
URL:https://github.com/yonatanasd232132/talkingBen
标签:#CVE-2025
更新了:CVE-2025
描述:🚨 Exploit the CVE-2025-49844 Redis Lua interpreter UAF vulnerability to execute arbitrary shellcode and gain persistent backdoor access.
URL:https://github.com/yonatanasd232132/talkingBen
标签:#CVE-2025
GitHub监控消息提醒!!!
更新了:RCE
描述:V8 Store-Store Elimination RCE without heap sandbox.
URL:https://github.com/ntLocalSystem/V8-Store-Store-Elimination-Exploit
标签:#RCE
更新了:RCE
描述:V8 Store-Store Elimination RCE without heap sandbox.
URL:https://github.com/ntLocalSystem/V8-Store-Store-Elimination-Exploit
标签:#RCE
GitHub
ntLocalSystem/V8-Store-Store-Elimination-Exploit
V8 Store-Store Elimination RCE without heap sandbox. - ntLocalSystem/V8-Store-Store-Elimination-Exploit
GitHub监控消息提醒!!!
更新了:RCE
描述:TOP All bugbounty pentesting CVE-2023- POC Exp RCE example payload Things
URL:https://github.com/LyticOnaope/Vulnerability-Assessment-Nessus-
标签:#RCE
更新了:RCE
描述:TOP All bugbounty pentesting CVE-2023- POC Exp RCE example payload Things
URL:https://github.com/LyticOnaope/Vulnerability-Assessment-Nessus-
标签:#RCE
GitHub
GitHub - LyticOnaope/Vulnerability-Assessment-Nessus-: Conducted a comprehensive vulnerability assessment of CyberTech Solutions’…
Conducted a comprehensive vulnerability assessment of CyberTech Solutions’ Linux and Nginx infrastructure using Nessus and Ansible. Identified and remediated critical DoS and RCE vulnerabilities, a...
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:🚨 Exploit the CVE-2025-49844 Redis Lua interpreter UAF vulnerability to execute arbitrary shellcode and gain persistent backdoor access.
URL:https://github.com/mrk336/Breaking-the-Update-Chain-Inside-CVE-2025-59287-and-the-WSUS-RCE-Threat
标签:#CVE-2025
更新了:CVE-2025
描述:🚨 Exploit the CVE-2025-49844 Redis Lua interpreter UAF vulnerability to execute arbitrary shellcode and gain persistent backdoor access.
URL:https://github.com/mrk336/Breaking-the-Update-Chain-Inside-CVE-2025-59287-and-the-WSUS-RCE-Threat
标签:#CVE-2025
GitHub
GitHub - mrk336/Breaking-the-Update-Chain-Inside-CVE-2025-59287-and-the-WSUS-RCE-Threat: CVE-2025-59287 is a critical RCE vulnerability…
CVE-2025-59287 is a critical RCE vulnerability in Windows Server Update Services (WSUS) caused by unsafe deserialization of untrusted data. It allows remote attackers to execute arbitrary code with...
GitHub监控消息提醒!!!
更新了:CVE-2025
描述:🚨 Exploit the CVE-2025-49844 Redis Lua interpreter UAF vulnerability to execute arbitrary shellcode and gain persistent backdoor access.
URL:https://github.com/AdityaBhatt3010/CVE-2025-59287-When-your-patch-server-becomes-the-attack-vector
标签:#CVE-2025
更新了:CVE-2025
描述:🚨 Exploit the CVE-2025-49844 Redis Lua interpreter UAF vulnerability to execute arbitrary shellcode and gain persistent backdoor access.
URL:https://github.com/AdityaBhatt3010/CVE-2025-59287-When-your-patch-server-becomes-the-attack-vector
标签:#CVE-2025
GitHub
GitHub - AdityaBhatt3010/CVE-2025-59287-When-your-patch-server-becomes-the-attack-vector: CVE-2025-59287 — Critical unauthenticated…
CVE-2025-59287 — Critical unauthenticated RCE in Windows Server Update Services (WSUS) via unsafe deserialization of an AuthorizationCookie, enabling SYSTEM-level compromise and active exploitation...