GitHub 红队武器库🚨
13.1K subscribers
22 photos
5 videos
20.6K links
📦 GitHub 全球红队渗透资源中转站。
​旨在收录那些“好用却难找”的安全项目。
🔗 定时推送:GitHub Trending (Security)
🛠 必备清单:后渗透、远控、免杀、提权工具集
📅 更新频率:每日精选,绝不灌水。
⚠️ 本频道仅供安全研究与授权测试使用。
Download Telegram
🚨 GitHub 监控消息提醒

🚨 发现关键词: #XSS #Reflected

📦 项目名称: web-vuln-scanner
👤 项目作者: Vicsar71
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-02 17:57:09

📝 项目描述:
Async web vulnerability scanner — detects SQL injection, reflected XSS and LFI/path traversal by auto-crawling forms and links. Ships with a deliberately vulnerable Flask app for local demos.

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #XSS #Stored

📦 项目名称: cr-vdp-xss
👤 项目作者: AmrMohammed07
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-02 17:24:00

📝 项目描述:
authorized VDP stored-xss test

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Burp #Extension

📦 项目名称: burp-poc
👤 项目作者: jpg2368-RIT
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-02 17:55:32

📝 项目描述:
A proof-of-concept extension for Burp Suite to get the hang of how to write one.

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #YARA #rules

📦 项目名称: Dr.octopus
👤 项目作者: asphynx-research
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-02 17:57:30

📝 项目描述:
Multi-vector DevOps attack surface analysis — 18 CVEs across 12 tools mapped into a 9-layer kill chain. Includes deep-dive docs, attack chain simulations, and 56 detection rules (YARA, Sigma, Snort). NGINX → Argo CD → Grafana → Docker → Jenkins → Kubernetes → Prometheus → Ansible → Linux → GitHub

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #XSS #Stored

📦 项目名称: SCRIPTFANG
👤 项目作者: Talyx66
🛠 开发语言: Python
Star数量: 2 | 🍴 Fork数量: 1
📅 更新时间: 2026-07-02 18:50:44

📝 项目描述:
ScriptFang is a weaponized payload generation and fuzzing toolkit I built for Red Teamers, Bug Bounty hunters, and offensive security professionals. ScriptFang crafts advanced XSS payloads, tests reflections, and fuzzes endpoints for weaknesses.

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: iot-sentinel
👤 项目作者: Rajveersoni9
🛠 开发语言: C
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-02 18:48:24

📝 项目描述:
ESP32-based iot vulnerability scanner

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #CVE-2026 #POC #Exploit #RCE

📦 项目名称: CVE-2026-38751-OpenSTAManager-Arbitrary-File-Upload-PoC
👤 项目作者: Mkps
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-02 19:47:25

📝 项目描述:
This repository contains a proof-of-concept (PoC) exploit for CVE-2026-38751, affecting OpenSTAManager ≤ 2.10. The vulnerability allows an authenticated attacker to upload a malicious module via the module update functionality, leading to arbitrary file upload and remote code execution (RCE).

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #RCE #CVE #POC #Remote Code Execution

📦 项目名称: CVE-2025-57819
👤 项目作者: K3ysTr0K3R
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-02 19:20:31

📝 项目描述:
CVE-2025-57819 - FreePBX Unauthenticated Remote Code Execution (RCE)

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #RCE #Remote Code Execution

📦 项目名称: BLOODFANG
👤 项目作者: Talyx66
🛠 开发语言: Python
Star数量: 1 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-02 18:38:04

📝 项目描述:
BLOODFANG is my second cutting-edge red team offensive toolkit, crafted for rapid reconnaissance, exploitation, and post-exploitation operations. Packed with advanced modules like password spraying, brute forcing, and API endpoint discovery, it empowers penetration testers to own engagements with unmatched precision and speed.

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #YARA #rules

📦 项目名称: yara-studio
👤 项目作者: platinum2high
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-02 19:40:22

📝 项目描述:
Offline desktop studio for writing, testing and managing YARA rules — Tauri 2 + YARA-X, 100% local

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #YARA #malware

📦 项目名称: hacksguard
👤 项目作者: Rhacknarok
🛠 开发语言: YARA
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-02 19:24:49

📝 项目描述:
A blazingly fast, multi-threaded TUI malware analysis tool built in Rust. Features deep PE parsing, YARA scanning, and heuristic risk scoring.

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #RCE #CVE

📦 项目名称: CVE-2026-13768
👤 项目作者: MichaelAdamGroberman
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-02 20:50:18

📝 项目描述:
CVE-2026-13768: Privileged iothubowner IoT Hub credential — fleet enumeration, device RCE, home-network pivot — Gardyn (ICSA-26-183-03)

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #XSS #Stored #Reflected

📦 项目名称: web-app-security-lab
👤 项目作者: sarjanpatel22
🛠 开发语言: PHP
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-02 20:45:10

📝 项目描述:
Deliberately-vulnerable PHP web app: 5 attacks (SQLi, stored/reflected XSS, brute force, directory traversal) each with a hardened fix. Educational/portfolio lab.

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #Vulnerability Scanner

📦 项目名称: Vulnerability-Scanner
👤 项目作者: AZA738
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-02 21:05:31

📝 项目描述:
A Python based vulnerability scanner that automatically identifies security weaknesses, misconfigurations, and potential attack vectors in systems, networks, and web applications.

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #YARA #rule #malware

📦 项目名称: VT-Desktop-Scanner
👤 项目作者: VijayShanbhag
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-02 21:06:50

📝 项目描述:
Desktop malware scanner built with Python that combines VirusTotal API, YARA rule scanning, encrypted API key storage, SHA-256 hashing, caching, and exportable scan reports.

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #XSS #CVE

📦 项目名称: CVE-2026-54477
👤 项目作者: MichaelAdamGroberman
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-02 22:00:01

📝 项目描述:
CVE-2026-54477: Admin Panel Missing Security Headers (clickjacking/XSS) - Gardyn (ICSA-26-183-03)

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #XSS #CVE #Reflected

📦 项目名称: SCPN-SCANNER
👤 项目作者: T3rmx
🛠 开发语言: Python
Star数量: 2 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-02 21:46:27

📝 项目描述:
SCPN Vulnerability Scanner is a comprehensive scanning tool designed to detect vulnerabilities in websites, applications, and router devices. The tool scans and analyzes targets using various tools and techniques like Nmap, SQLMap, and XSS testing. Additionally, the tool supports Artificial Intelligence to enhance the scanning and analysis process.

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #CVE-2026 #Exploit #RCE

📦 项目名称: CVE-2026-54424
👤 项目作者: tomadimitrie
🛠 开发语言: C++
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-02 22:17:37

📝 项目描述:
Exploiting Parsec for Windows to gain SYSTEM privileges

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #YARA #malware

📦 项目名称: malscan
👤 项目作者: SatchelKill
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-02 22:58:26

📝 项目描述:
Static malware triage tool

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #CVE-2026 #POC #Exploit

📦 项目名称: CVE-2026-56782
👤 项目作者: thecodeb0ss
🛠 开发语言: Unknown
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-02 23:14:38

📝 项目描述:
Gorse < 0.5.10 contains an authentication bypass caused by empty admin_api_key in /api/dump and /api/restore endpoints, letting unauthenticated remote attackers access and modify protected data, exploit requires default empty admin_api_key configuration.

🔗 点击访问项目地址
🚨 GitHub 监控消息提醒

🚨 发现关键词: #YARA #malware

📦 项目名称: malscan
👤 项目作者: mason-rosenberger
🛠 开发语言: Python
Star数量: 0 | 🍴 Fork数量: 0
📅 更新时间: 2026-07-02 22:58:26

📝 项目描述:
Static malware triage tool

🔗 点击访问项目地址