This repository is a collection of JavaScript gadgets that can be used to bypass XSS mitigations such as Content Security Policy (CSP) and HTML sanitizers like DOMPurify. - kevin-mizu/GMSGadget

🛡️ Reproduce SQL Injection and XSS issues in RailsGoat, then implement secure patches and verification methods to enhance application security. - venom4044/Web-Vulnerability-Attack-Defense-and-Patc...

🛠️ Streamline your tasks with Danger-MultiTool: a versatile solution featuring IP grabber, stresser, doxxing, and proxy support for effective online management. - shaswatmondal/Danger-MultiTool

微信公众号安全漏洞文章链接聚合. Contribute to wy876/SecAlerts development by creating an account on GitHub.

A basic Remote Administration Tool (RAT) concept that uses blockchain technology as a decentralized command-and-control (C2) server. Simple, lightweight, and experimental. - nekzzer/MoonRat

🚀 Automate your tasks with Arsen Clicker & Macro v2.0.0, designed for smooth operation on Windows using Python and Qt. - jihncyro/Arsen

Nuclei Templates Collection 2026. Contribute to husnain-ce/nuclie-template-engine development by creating an account on GitHub.

PowerShell and VBScript tools for automating Active Directory workflows,securing system operations, and supporting forensic procedures. Designed for Windows Servers and workstations, these solution...

基于 Node.js 和 TypeScript 构建的智能聊天记录分析系统，专注于 QQ 聊天记录的全链路数据处理与 AI 总结功能，融合自然语言处理、向量模型、任务调度与 Web 前端展示，为用户提供从原始聊天记录导入、上下文理解、兴趣度分析到可视化摘要输出的一站式解决方案。 - g122622/synthos

Contribute to hugopicanzo/backstage-extension-ssrf development by creating an account on GitHub.

🔍 Curate security testing wordlists and payloads for 2025, emphasizing quality, de-duplication, and multilingual support for effective penetration testing. - manoelrichard29/SecLists-2025-advanced

🚀 Bypass detection systems with this toolkit for process injection and shellcode loading, designed for secure environments and lawful use only. - Icy-Senpal/bypass-all

An auto-updated summary of recently observed C2 infrastructure based on metadata from Internet Query Platforms. Updates daily. - joeavanzato/recent_c2_infrastructure

🛠️ Detect JavaScript URLs in real-time, scan for secrets with TruffleHog, and get instant notifications via Discord with this Burp Suite extension. - hushed1053/jshunter-burp

🔒 Encrypt raw shellcode effortlessly using AES-256-CBC, ensuring secure binary payloads with random keys and easy C integration. - NSSTORE1516/Shellcrypt

YARA rule and python script to detect potential exploits for the CVE-2026-21509 vulnerability in MS Office - decalage2/detect_CVE-2026-21509