Apache Tomcat(CVE-2020-1938)漏洞验证脚本. Contribute to With-fate/CVE-2020-1938 development by creating an account on GitHub.

CVE-2026-5281 (Chrome Dawn WebGPU UAF) analysis, lab validation tools, and reproducible environment for vulnerable vs patched builds. - TheMalwareGuardian/CVE-2026-5281

为不支持自定义 Header 的应用提供 Webhook 接入能力，自动注入鉴权 Header 转发至 OpeniLink，支持多目标与失败重试 - eldicn/openilink-webhook-adapter

The script is an advanced Python-based tool that can be used to test a website for various vulnerabilities such as SQL injection, cross-site scripting (XSS), cross-site request forgery (CSRF) and i...

A Burp Suite extension to sign OCI HTTP requests using all supported OCI authentication mechanisms including API keys, session tokens, instance principals, & resource principals - NetSPI/OCISigner

安全的多语言代码沙箱执行服务，支持 Docker 和 Kubernetes 双运行时后端. Contribute to goairix/sandbox development by creating an account on GitHub.

AI 简历定制工具 — 零捏造、修改溯源、Writer-Reviewer 闭环优化 | AI resume tailor — zero fabrication, edit tracing, Writer-Reviewer closed-loop optimization - bethzyy/tailorCV

Laravel Reverb 为 Laravel 应用提供实时 WebSocket 通信后端。在 1.6.3 及更早版本中，Reverb 将来自 Redis 通道的数据直接传递给 PHP 的 unserialize() 函数，且未对可实例化的类进行限制，导致用户面临远程代码执行风险。 - rockmelodies/CVE-2026-23524

Network Fundamentals for BlueTeam. Contribute to kubra-turkoglu/CyberSecurity-Network-Handbook development by creating an account on GitHub.

LLM-KG-FineTuner是一个先进的端到端系统，专门用于将非结构化文档（PDF/HTML）转换为结构化知识图谱。该系统结合了大型语言模型的强大能力与知识图谱的结构化优势，能够从复杂的技术文档、威胁情报报告、研究论文等文本资源中自动提取实体、关系和属性，并构建出语义丰富的知识网络。 - hz1012/LLM-KG-FineTuner

SOC-style investigation of a compromised Windows system (TryHackMe lab), identifying credential dumping (Mimikatz), attacker tooling, and post-exploitation activity. - Friendlyfoldman/soc-investiga...

src资产管理漏洞扫描平台，子域名爆破，端口扫描，站点发现，目录扫描，爬虫，漏洞扫描. Contribute to owl234/ARL_GO development by creating an account on GitHub.

An OpenEnv RL environment where an AI attacker attempts prompt injection attacks to bypass an AI WAF defender. 3 tasks: direct injection, multi-turn, and jailbreak chain. Built for OpenEnv Hackatho...

A hands-on ethical hacking lab series focused on real-world offensive security techniques, including exploitation, privilege escalation, and attack simulation. This project documents my journey to ...

Run a terminal at home, control it from anywhere — multi-device web shell with multi-target SSH and on-demand public access via a relay server. - siqi2000/ShellPort

Technical analysis of the 2019 Capital One AWS breach, including SSRF exploitation, IAM misconfiguration, and cloud security lessons learned. - brick5k/Capital-One-Breach-2019-Case-Study

Hands-on network traffic analysis using HTTP and DNS to detect malware and C2 communication (TryHackMe lab) - toyin-soc-analyst/network-traffic-analysis-lab

Comprehensive mapping of Active Directory (AD) attacks to the MITRE ATT&CK® framework. Covers TTPs for credential dumping, lateral movement, persistence, and privilege escalation with detec...

Contribute to vasu-17/CSRF development by creating an account on GitHub.

CVE-2026-2699. Contribute to 0xBlackash/CVE-2026-2699 development by creating an account on GitHub.

Demonstrate black-box adversarial attacks on LLM tool-calling to bypass safety and execute remote code using CMA-ES optimization. - Consequential-stateswoman97/OpenClaw-PwnKit