A Burp Suite extension to sign OCI HTTP requests using all supported OCI authentication mechanisms including API keys, session tokens, instance principals, & resource principals - NetSPI/OCISigner

安全的多语言代码沙箱执行服务，支持 Docker 和 Kubernetes 双运行时后端. Contribute to goairix/sandbox development by creating an account on GitHub.

AI 简历定制工具 — 零捏造、修改溯源、Writer-Reviewer 闭环优化 | AI resume tailor — zero fabrication, edit tracing, Writer-Reviewer closed-loop optimization - bethzyy/tailorCV

Laravel Reverb 为 Laravel 应用提供实时 WebSocket 通信后端。在 1.6.3 及更早版本中，Reverb 将来自 Redis 通道的数据直接传递给 PHP 的 unserialize() 函数，且未对可实例化的类进行限制，导致用户面临远程代码执行风险。 - rockmelodies/CVE-2026-23524

Network Fundamentals for BlueTeam. Contribute to kubra-turkoglu/CyberSecurity-Network-Handbook development by creating an account on GitHub.

LLM-KG-FineTuner是一个先进的端到端系统，专门用于将非结构化文档（PDF/HTML）转换为结构化知识图谱。该系统结合了大型语言模型的强大能力与知识图谱的结构化优势，能够从复杂的技术文档、威胁情报报告、研究论文等文本资源中自动提取实体、关系和属性，并构建出语义丰富的知识网络。 - hz1012/LLM-KG-FineTuner

SOC-style investigation of a compromised Windows system (TryHackMe lab), identifying credential dumping (Mimikatz), attacker tooling, and post-exploitation activity. - Friendlyfoldman/soc-investiga...

src资产管理漏洞扫描平台，子域名爆破，端口扫描，站点发现，目录扫描，爬虫，漏洞扫描. Contribute to owl234/ARL_GO development by creating an account on GitHub.

An OpenEnv RL environment where an AI attacker attempts prompt injection attacks to bypass an AI WAF defender. 3 tasks: direct injection, multi-turn, and jailbreak chain. Built for OpenEnv Hackatho...

A hands-on ethical hacking lab series focused on real-world offensive security techniques, including exploitation, privilege escalation, and attack simulation. This project documents my journey to ...

Run a terminal at home, control it from anywhere — multi-device web shell with multi-target SSH and on-demand public access via a relay server. - siqi2000/ShellPort

Technical analysis of the 2019 Capital One AWS breach, including SSRF exploitation, IAM misconfiguration, and cloud security lessons learned. - brick5k/Capital-One-Breach-2019-Case-Study

Hands-on network traffic analysis using HTTP and DNS to detect malware and C2 communication (TryHackMe lab) - toyin-soc-analyst/network-traffic-analysis-lab

Comprehensive mapping of Active Directory (AD) attacks to the MITRE ATT&CK® framework. Covers TTPs for credential dumping, lateral movement, persistence, and privilege escalation with detec...

Contribute to vasu-17/CSRF development by creating an account on GitHub.

CVE-2026-2699. Contribute to 0xBlackash/CVE-2026-2699 development by creating an account on GitHub.

Demonstrate black-box adversarial attacks on LLM tool-calling to bypass safety and execute remote code using CMA-ES optimization. - Consequential-stateswoman97/OpenClaw-PwnKit

A full-stack blogging platform engineered with Defense-in-Depth principles, featuring RBAC, CSRF protection, and SQLi mitigation. - kalagam1/secure-blog-platform

CVE-2026-39324 PoC . Contribute to sm1ee/CVE-2026-39324 development by creating an account on GitHub.

Windows UAC bypass implementation using COM elevation monikers. Leverages ICMLuaUtil interface to execute processes with elevated privileges. - CHUMENII/COM-UACBypass-Privilege-Escalation

Self-hostable MCP wrapper for the Google Developer Knowledge API. Adds Bearer token auth, PII filtering, SSRF protection, and structured audit logging before forwarding queries to Google's ...