AI Code Audit Agent 是一个基于多 Agent 协作架构实现 AI 自动化代码审计，融合规则引擎、污点分析与 LLM 长链推理能力，可自动完成漏洞发现、风险分析、修复建议生成与审计报告输出。 支持 Python / PHP / Java 多语言项目扫描，具备可扩展 AST 数据流分析、RAG 漏洞知识库与 DevSecOps 集成能力，可用于大规模代码仓库持续化安全审计与 ...

advance study stark bypasser. Contribute to urstark/bypasser development by creating an account on GitHub.

一个基于 Flask + MySQL 的完整博客系统后端，支持用户注册登录、文章发表与按用户查询、评论发表与按文章/用户双维度查询，采用 session 管理用户身份，所有写操作均从 session 获取 `user_id`，不信任前端传参，防止水平越权。项目分层设计（api / utils），接口统一返回 JSON 格式，适用于个人博客或学习 Web 后端认证与归属控制的参考实现。 - T...

CVE-2026-31431 Kernel Fix Script. Contribute to OmerAti/almalinux-fix-cve-2026-31431 development by creating an account on GitHub.

CVE-2026-31431 C语言复现的poc，可在目标环境没有py时进行利用. Contribute to Fulucky0-yuri/CVE-2026-31431-PocC development by creating an account on GitHub.

The School Management System is a PHP/MySQL app for digitizing school administration. It manages students, staff, classes, and CRUD operations. Security includes PDO, bcrypt, and CSRF tokens. Role-...

Attack Chain full compromise. LLMNR poisoning, Kerberoasting, IPv6 NTLM relay, pass-the-hash, and Golden Ticket persistence. No CVEs, no software vulnerabilities. - otto-youds/active-directory-pent...

Clean C version of Copy Fail (CVE-2026-31431) - Linux Local Privilege Escalation exploit using AF_ALG + authencesn + splice primitive. Overwrites the page cache of /usr/bin/su with a tiny setuid s...

CyberScan is a lightweight and user-friendly web vulnerability scanner built using Python and Streamlit. It helps identify common security issues in websites such as SQL Injection, XSS, missing sec...

Contribute to Callum-Cameron26/CVE_2026_31431-Testing-the-Copy-Fail-exploit development by creating an account on GitHub.

Capture the Flag platform for cyber security enthusiasts. Contains various challenges including: SQL injection, XSS, Command execution, Netcat reverse shells, Directory traversal attacks and Stegan...

Hawkeye Cloud (鹰眼云) —— 基于 Java 21 + Spring Cloud 的现代化分布式漏洞检测平台。采用微服务架构，支持 SaaS 多租户与私有化部署，具备高性能异步检测链路。目前正在开发。 - spojchil/hawkeye-cloud

OpenWrt-сборка приватного роутера: AmneziaWG VPN (DPI bypass), split-routing (podkop/sing-box), DoH DNS (Quad9), adblock (Hagezi ~200k), WPA3, kill switch, watchdog. Cudy TR3000 / GL.iNet Beryl AX ...

OWASP Juice Shop Security Assessment - SQL Injection & XSS Findings - azeen-ali/DevelopersHub-week1-JuiceShop

售前LTC + 售后服务 全链路AI解决方案 143个AI场景覆盖售前售后全流程 6大Agent体系 + 10项通用AI能力 企业级数据安全与权限管控 全流程AI场景透明化 供应链全链路透明化 售前售后数据一体化，多系统集成 - evanwusibin/AutoCRM-AI-LTC-AI-

cPanel/WHM Authentication Bypass PoC. Contribute to Christian93111/CVE-2026-41940 development by creating an account on GitHub.

Evolving IT portfolio consisting of hands on projects including, IT troubleshooting, network configuration, account management, security operations and analysis. - Bryce3005/IT-Portfolio

ai_pentest 是一款基于 FastMCP（Model Context Protocol）构建的自动化网络安全扫描 Agent，核心解决传统安全扫描流程繁琐、效率低下、操作门槛高的痛点。其采用“目标输入→爬虫取IP→端口扫描→Web指纹识别→漏洞POC扫描→结果展示”的全流程自动化逻辑，集成四大核心模块，具备插件化架构、异步并发、可视化界面、智能指纹识别等特性，可实现一键式安全评估，覆...

Lightweight DPI bypass engine — fragments TLS ClientHello to circumvent ISP-level SNI filtering. Single-file Python proxy with web dashboard. - digaxie/CleanNet

Real-browser XSS scanner with WAF bypass and AI payload generation - alisalive/XSSSlayer

MCP wrapper for Burp Suite that builds complete, well-formed HTTP requests from structured input + ingests dedup/JS exports for token-thrifty AI-assisted pentesting. Bundles a fixed Burp extension....