This is a Cross Site Scripting Vulnerability scanner script. - Tamim-Haider/XSS-Scanner

🔌 Manage multiple reverse shell connections easily with OnlyShell, the Go-based tool for efficient multi-shell handling and command execution. - blackx1123/OnlyShell

🎵 Inject music and ringtones directly into your iOS device, bypassing iTunes sync for seamless management of your media library. - miroslav1123/ByeTunes

Secure authentication and authorization system built with Node.js, Express, MongoDB, and React. Features JWT access & refresh tokens, bcrypt password hashing, role-based authorization, 2FA,...

Command Injection in grub-btrfs initramfs hook - CVE-2026-25828 - cardosource/CVE-2026-25828

Contribute to Jahia/jahia-csrf-guard development by creating an account on GitHub.

An enterprise adversary simulation lab using Sliver C2 and ELK SIEM to execute and detect MITRE ATT&CK-mapped attacks in a Purple Team environment. - Vivekkarna4/Adv-adversary-sim

Windows Server Active Directory IT automation cybersecurity PowerShell VBScript enterprise IT infrastructure scripting system administration identity management secure environments automation tools...

AI-powered penetration testing framework with hot-reloadable plugins, intelligent WAF bypass, and GitHub Copilot SDK integration. - Htunn/simple-exploit

Webshell Manager Tool/一句話木馬管理工具/Trojan/Backdoor/Pentest - iss4cf0ng/Alien

goauth provides JWT-based authentication with anonymous sessions, refresh token rotation, CSRF protection, and pluggable token storage — without leaking application logic into your handlers. Desig...

🔍 Discover and analyze historical URLs from the Wayback Machine in Burp Suite to enhance your bug bounty and penetration testing efforts. - pbarucco/Wayback-Recon

Contribute to stephaniesahnihi/CVE-2026-24300 development by creating an account on GitHub.

This repository aims to provide the implementers, detectors, and bypassers that are related to LRFP for Android devices, where the abbreviation "LRFP" stands for Low-level, Rootin...

Modified version of cujanovic's dns.py for DNS Rebinding attacks. - intrudir/DNS-Rebinder

Cobalt Strike Aggressor Script for identifying security products on Windows hosts — six enumeration methods rated by noise level, from silent in-process BOF to full PowerShell/WMI. - VirtualAlllocE...

# Defensive Security Hub A curated collection of essential resources, tools, and references for Security Operations Center (SOC) analysts. This repository aims to support your security efforts and...

Contribute to isshiki-dev/Exploit-Agent development by creating an account on GitHub.

🔍 Collect Active Directory data for BloodHound CE using Bash, generating compatible JSON files for streamlined analysis and insights. - harveyboy9696/BashHound-CE

A secure, zero-trust database management tool for WordPress. Fixes critical SSRF vulnerabilities (CVE-2021-21311) by enforcing local connections only. - Sudo-WP/sudowp-adminer

Herramienta todo-en-uno para automatizar pruebas de: CORS Misconfiguration XSS Reflejado SQL y NoSQL Injection Integrando herramientas de la comunidad y validaciones personalizadas con patrones...