Free web vulnerability scanner for non-technical users. Finds security flaws, generates scored reports, and suggests fixes. Built with Flask, HTML5, SQLite. FYP 2026 - Advanced Web + Endpoint Vulne...

A complete proof-of-concept for CVE-2026-0023 demonstrating Android Update Ownership warning bypass through PackageInstaller permission validation flaws. - QM4RS/CVE-2026-0023-Update-Ownership-PoC

Schema & Structured Data for WP & AMP < 1.60 - Unauthenticated Arbitrary Media Upload [POC & Xploit] - Polosss/By-Poloss..-..CVE-2026-9067

MCP server for authoring YARA rules from binary samples: distinctive feature extraction, candidate ranking, rule emissio - Heretek-RE/re-yara-author

MCP server wrapping the YARA pattern-matching engine for binary triage: compile user-supplied rule directories and scan - Heretek-RE/re-yara

MCP Server for Cobalt Strike interaction. Contribute to Cobalt-Strike/cobaltstrike-mcp-server development by creating an account on GitHub.

Agent-space monorepo orchestrating the Heretek-RE per-MCP reverse-engineering toolchain - Heretek-RE/RE-AI

A versatile tool for working with shellcodes. Contribute to psycore8/shencode development by creating an account on GitHub.

MirageShell —— 如海市蜃楼般变幻无形、驻留无痕的 Shellcode 加载工具集。或许可以在OSEP中利用。 - RasAlGhul-1/MirageShell

Create machine images containing the Nessus vulnerability scanner - cisagov/nessus-packer

Lab de SSRF com Docker - aplicação Flask vulnerável, serviços internos, mock de metadata AWS. Material de apoio: https://renansj.dev/ssrf - renansj/ssrf-lab

A personal collection of penetration testing writeups, custom exploits, and offensive security tools documented for educational purposes in controlled lab environments. - TryzubR4g3/ofensive-playbook

A lightweight, automated reflected cross-site scripting (XSS) vulnerability scanner. Tests web applications by injecting common XSS payloads into multiple endpoints and parameters, then detects if ...

Automated OWASP Top 10 vulnerability scanner and AI chatbot detector with Postman API support. - Darkshell809/vuln-scanner-pro

This will be the repo for the BTHb. Contribute to DonMVB/BlueTeam-Handbook development by creating an account on GitHub.

YARA rules for malware pattern matching — suspicious strings, high entropy, and UPX packing detection - DevSecLawrence/yara-rules-collection

HTTP.sys RCE. Contribute to ManagerEmpty/CVE-2026-47291-httpsys development by creating an account on GitHub.

Unified CLI security tooling suite for the Insula stack - nuclei, httpx, katana, ffuf, subfinder, naabu, dnsx, gau, gitleaks, notify - 0x923041-dotcom/Cybersec

Nmap, brute force attack using Hydra on SSH, and successfully exploited vsftpd 2.3.4 backdoor via Metasploit to gain Meterpreter access. Tools: Nmap, Hydra, Metasploit - Hasnain1675/SYSTEM-HACKING-...

🛡️ Self-hosted bug bounty & penetration testing toolkit — 11 security tools (WHOIS/DNS/SSL/JWT/…), 14 interactive hacking labs (XSS/SQLi/IDOR/SSRF/…), findings tracker. No login, no cloud. ...

Lab + writeup for CVE-2026-28699: Gitea OAuth2 scope enforcement bypass via HTTP Basic auth - Alardiians/gitea-CVE-2026-28699