Exploit on HackyFeed

A-Red-Teamer-diaries

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: A-Red-Teamer-diaries is a collaborative repository containing publicly accessible notes and resources for penetration testing and red teaming activities, focusing on various tools and techniques employed during security assessments. Key features include a cheatsheet for quick command reference, detailed methodologies for effective exploitation, and practical scripts for network scanning and enumeration, enhancing both learning and efficiency in cybersecurity engagements. This tool serves as a practical guide for professionals aiming to improve their pentesting methodologies in controlled environments.

Active-Directory-Exploitation-Cheat-Sheet

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Active Directory Exploitation Cheat Sheet serves as a comprehensive resource for cybersecurity professionals, detailing methodologies and commands for navigating the Active Directory environment. Its primary use case involves facilitating reconnaissance, privilege escalation, and lateral movement within a network through structured commands using Powershell and .Net. Notable features include a systematic approach to various stages of the exploitation process, including domain enumeration, persistence techniques, and monitoring account vulnerabilities.

Active-Directory-Exploitation-Cheat-Sheet

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Active Directory Exploitation Cheat Sheet serves as a comprehensive resource for security professionals, detailing various enumeration and attack techniques within Windows Active Directory environments. It encompasses methods for domain enumeration, local privilege escalation, lateral movement, and domain persistence, while providing actionable insights and references to essential tools such as PowerView, Mimikatz, and BloodHound. This tool is particularly notable for its structured approach to various exploitation vectors, facilitating an efficient and systematic exploitation process.

adbwebkit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ADB WebKit is a browser-based tool designed for managing Android devices via ADB (Android Debug Bridge) with an intuitive user interface. Its primary use case includes functionalities like application management (installing, uninstalling, granting permissions), shell access, screen capture, and device control commands, making it a comprehensive solution for developers and testers. Notable features include support for live application management, real-time screen interactions, and various device control options, all accessible through a USB connection or IP address.

afrog

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Afrog is a security tool designed for bug bounty programs, penetration testing, and red teaming efforts. It facilitates the creation and execution of Proofs of Concept (PoCs) to help security professionals identify vulnerabilities in systems. Notable features include a streamlined PoC writing guide, multi-language support, and a community-driven approach to contribute new exploit techniques.

README

A Security Tool for Bug Bounty, Pentest and Red Teaming

English • 中文

ambiguous-png-packer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Ambiguous PNG Packer is a tool designed to create PNG files that display differently when viewed in Apple software versus non-Apple software. Its primary use case is to demonstrate the manipulation of image rendering based on the viewer’s platform, showcasing unique features such as the ability to produce different images through refreshes, highlighting potential vulnerabilities in Apple’s image handling mechanisms.

README

Ambiguous PNG Packer

Craft PNG files that appear completely different in Apple software

Android-Exploits

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Android-Exploits is a repository that consolidates various Android exploits and provides a comprehensive guide for conducting Android exploitation. Its primary use case is to facilitate the testing and assessment of Android application security vulnerabilities through categorized exploits such as Denial of Service, local, remote, and web application exploits. Notable features include detailed instructions for utilizing the exploits alongside third-party tools like ExploitPack, along with references to common mobile hacking tools and resources related to Android security risks.

Android-Security-Exploits-YouTube-Curriculum

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Android Security & Reverse Engineering YouTube Curriculum is a comprehensive educational resource focused on various aspects of Android security, including exploits, reverse engineering, and vulnerabilities in mobile applications. It features a curated collection of talks and demonstrations from prominent security conferences, addressing topics like heap exploitation, mobile permissions, and countermeasures against mobile threats. Notably, it educates on advanced concepts such as Bluetooth security, malware analysis, and attack vectors affecting the Android ecosystem, making it essential for cybersecurity practitioners and researchers.

AndroRAT

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: AndroRAT is a remote access tool for Android devices that allows users to control and retrieve information from the device. Its primary use case includes monitoring and managing Android systems covertly, featuring capabilities such as persistent backdoor access, audio and video recording, and obtaining device location and SIM details. Notably, AndroRAT consists of a client/server architecture implemented in Java for Android and Python for the server side, enabling it to run on a wide range of Android versions from 4.1 to 9.0, with additional functionalities on Android 10.

AndroRAT

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: AndroRAT is a Remote Administration Tool designed for Android devices, enabling the remote control and data retrieval from the Android system. Key functionalities include accessing contacts, call logs, messages, GPS location, and multimedia capabilities like capturing photos and streaming audio and video. The tool operates as a background service triggered by SMS or calls, providing a comprehensive suite for remote monitoring and management.

README

AndroRAT

Remote Administration Tool for Android

AntiCheat-Testing-Framework

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The AntiCheat-Testing-Framework is a comprehensive tool designed for testing and analyzing various anti-cheat mechanisms in the gaming industry. It provides a modular architecture with several integrated modules, allowing users to customize their setup for specific testing purposes. This framework aims to democratize knowledge in the field of anti-cheat research, facilitating both learning and practical application.

README

AntiCheat-Testing-Framework

Framework to test any Anti-Cheat on the market. This can be used as Template or Code Base to test any Anti-Cheat and learn along the way. The entry level to reverse AntiCheats and Cheats is quite high, therefore, I’m realeasing all the code I developed during my research. The main idea is to help people and motive them to get into this topic which is really interesting and there is a lot to research about it.

apple-knowledge

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “hack-different/apple-knowledge” repository hosts a compilation of reverse-engineered Apple data formats and protocols, primarily serving as a resource for jailbreak developers and hobbyists. Notable features include the availability of YAML files for machine-readable data, a collection of binary analysis and modification tools, and a Homebrew tap for easy installation of jailbreak-related utilities. The project emphasizes adherence to copyright laws while encouraging community contributions.

README

Apple Data Formats and Knowledge

A collection of reverse engineered Apple formats, protocols, or other interesting bits.

APT_REPORT

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: APT_REPORT is a comprehensive collection of threat intelligence, samples, and reports on advanced persistent threat (APT) groups, particularly those linked to specific countries. It focuses on detailed analyses of various APT campaigns, enabling users to understand tactics and recent developments in cyber threat landscapes. Notable features include references to extensive case studies and operational details of prominent threat actor groups, enhancing situational awareness for cybersecurity professionals.

README

APT_REPORT collected by @blackorbird https://x.com/blackorbird

Interesting apt report & sample & malware & technology & intellegence collection

archerysec

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ArcherySec is an open-source vulnerability assessment and management tool designed to integrate with CI/CD pipelines, allowing for automated security testing based on scan results. It utilizes popular open-source scanning tools to perform comprehensive web and network vulnerability assessments, while also providing features for vulnerability prioritization, management, and collaboration of scan data. Key functionalities include integration with REST APIs for developers, authenticated web scanning, and support for various third-party tools like OpenVAS and OWASP ZAP.

Artemis

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Artemis is a modular vulnerability scanner designed for assessing website security, primarily used by CERT PL for scanning activities. Its notable features include the ability to automatically generate user-friendly reports detailing specific vulnerabilities, such as exposed version control system data and outdated software versions, which aids organizations in mitigating security risks.

README

Artemis is a modular vulnerability scanner. It’s the tool that powers CERT PL scanning activities by checking various aspects of website security and building easy-to-read messages ready to be sent to the scanned organizations.

AutoPentestX

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: AutoPentestX is an automated penetration testing toolkit designed for streamlined security assessments. Its primary use case is to facilitate vulnerability scanning and testing in Linux environments, offering features that simplify the process of identifying and exploiting security weaknesses. The toolkit supports Python 3.8 and above, underscoring its compatibility with modern scripting standards and enhancing its applicability in cybersecurity workflows.

README

AutoPentestX - Automated Penetration Testing Toolkit

AutoPWN-Suite

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: AutoPWN Suite is a comprehensive tool designed for automatic vulnerability scanning and exploitation of systems, leveraging advanced scanning techniques such as nmap TCP-SYN scans to identify software versions and associated vulnerabilities. Key features include automatic vulnerability detection, web application testing for various exploits (LFI, XSS, SQLI), configurable scanning options, noise and evasion modes, along with easy result sharing via webhooks or email, and compatibility across multiple operating systems.

AutoSploit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: AutoSploit is a tool designed to automate the exploitation of remote hosts by leveraging data from services like Shodan, Censys, and Zoomeye for target acquisition. It facilitates the execution of Metasploit modules aimed at achieving Remote Code Execution and establishing reverse connections or Meterpreter sessions. Notable features include the ability to specify custom targets, set proxy configurations, and manage operational security through options like using a VPS for operation.

awesome-aws-security

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Awesome AWS Security is a curated repository that aggregates a wide range of resources related to AWS security practices, including whitepapers, books, videos, tutorials, and security tools. It serves as a comprehensive educational tool for professionals and enthusiasts seeking to enhance their knowledge of AWS security, featuring a well-structured table of contents and links to valuable references and training materials. Notable features include categorized resources for various learning preferences, from free content to paid courses, as well as a focus on contemporary security issues and best practices.

awesome-hacker-search-engines

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Awesome Hacker Search Engines is a curated repository of search engines specifically designed for penetration testing, vulnerability assessments, and red/blue team operations. It categorizes various resources including general search engines, servers, vulnerabilities, exploits, and more, providing tools for effective reconnaissance and threat intelligence gathering. Notable features include links to specialized engines like Shodan and the NIST NVD, enabling streamlined access to critical information for security professionals.

README

Awesome Hacker Search Engines

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

Awesome-Hacking-Resources

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Awesome Hacking Resources is a comprehensive collection of materials designed for individuals looking to enhance their skills in hacking and penetration testing. The repository includes various categories such as learning resources, online courses, forums, and tools crucial for topics like malware analysis and network scanning, promoting community contribution and knowledge sharing within the cybersecurity field. Notably, it features a dedicated list of tools and links to educational content, making it a valuable resource for both beginners and advanced practitioners.

awesome-list

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “Awesome Cybersecurity List” repository aggregates a personal collection of insightful blog posts, research papers, and write-ups pertaining to various aspects of cybersecurity. It serves as a resource for both enthusiasts and professionals looking for in-depth analysis on contemporary cybersecurity topics and advancements. Notable features include a chronological outline of topics and a dedicated section for cybersecurity tools, ensuring users can easily navigate through valuable content.

README

Awesome Cybersecurity List

My personal collection of awesome blog posts, write-ups, and papers focusing on cybersecurity.

awesome-list-of-secrets-in-environment-variables

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “Awesome List of Secrets in Environment Variables” repository provides a comprehensive compilation of sensitive information, such as secrets, API keys, and tokens commonly stored in environment variables across various platforms. Its primary use case is to educate and inform developers about potential vulnerabilities associated with storing secrets in environment variables and to suggest better security practices to avoid data leaks. Notable features include categorized listings of secrets from different services, security recommendations, and links to relevant documentation for each entry.

Awesome-RCE-techniques

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “Awesome RCE Techniques” repository is an open-source knowledge database that compiles various methods for achieving Remote Code Execution (RCE) across different applications. It features a collection of 24 RCE techniques categorized by platform type, including Content Management Systems and frameworks, each accompanied by Docker images for practical training and testing. This resource facilitates learning and experimentation for security professionals and developers interested in RCE dynamics.

README

Awesome RCE techniques

Awesome list of techniques to achieve Remote Code Execution (RCE) on various apps!

Awesome-Redteam

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Awesome-Redteam is a comprehensive knowledge base designed for red teaming and offensive security research, providing users with a curated collection of tools, scripts, and tips. It features organized sections covering various aspects such as cybersecurity cheat sheets, cryptographic methods, cyberspace search tools, and open-source intelligence resources, all intended for educational purposes. The repository emphasizes legal usage and warns against employing its content for unauthorized activities.

README

Awesome-Redteam

❗【免责声明】本项目所涉及的技术、思路和工具仅供学习，任何人不得将其用于非法用途和盈利，不得将其用于非授权渗透测试，否则后果自行承担，与本项目无关。使用本项目前请先阅读法律法规。

awesome-web-hacking

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “awesome-web-hacking” repository serves as a comprehensive resource for individuals seeking to enhance their knowledge of web application security. It includes categorized lists of books, documentation, tools, cheat sheets, and educational courses, making it a valuable starting point for learning about penetration testing and various security vulnerabilities. Notable features include contributions from the community through pull requests and a diverse array of resources for both beginners and experienced security professionals.

Bashark

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Bashark 2.0 is a post-exploitation toolkit designed for penetration testers and security researchers to facilitate operations during the post-exploitation phase of security audits. It offers a simple command-line interface, where users can source the bashark.sh script to access various functions and commands, streamlining the process of managing compromised hosts. Key features include ease of use through a help menu and support for Bash scripting, making it a practical tool for enhancing post-exploitation activities.

BinAbsInspector

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: BinAbsInspector is a static analysis tool designed for automated reverse engineering and vulnerability scanning of binary files, utilizing abstract interpretation and integrating with Ghidra. It supports multiple architectures including x86, x64, armv7, and aarch64, and can operate in headless mode, GUI mode, or within a Docker environment. Notable features include customizable analysis parameters, Z3 integration for constraint solving, and the ability to output results in JSON format.

README

What is BinAbsInspector?

BinAbsInspector (Binary Abstract Inspector) is a static analyzer for automated reverse engineering and scanning vulnerabilities in binaries, which is a long-term research project incubated at Keenlab. It is based on abstract interpretation with the support from Ghidra. It works on Ghidra’s Pcode instead of assembly. Currently it supports binaries on x86,x64, armv7 and aarch64.

BlackFriday-GPTs-Prompts

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: AnyClaw is an Android application that integrates OpenClaw and Codex, enabling two AI coding agents to perform tasks without requiring root access or Termux. Its primary use case is to facilitate coding assistance and prompt generation across various domains, including programming and marketing. Notable features include a user-friendly interface and the ability to handle multiple types of prompts, making it versatile for different user needs.

README

AnyClaw — OpenClaw + Codex running natively on Android

Two AI coding agents in one APK. No root. No Termux.

BlackWidow

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: BlackWidow is a Python-based web application spider designed for gathering critical information from target websites, including subdomains, URLs, dynamic parameters, email addresses, and phone numbers. It features an integrated fuzzer, Inject-X, which scans dynamic URLs for common OWASP vulnerabilities, and automatically saves collected data into organized text files. Notable functionalities include deep crawling with customizable levels, verbose logging, and support for fuzzing unique parameters for enhanced security testing.

BlueTeam-Tools

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: BlueTeam-Tools is a comprehensive repository comprising over 65 tools and resources tailored for blue teaming activities, encompassing tasks such as network discovery, vulnerability management, and security monitoring. Notable features include a variety of specialized scanners like Nmap and OpenVAS, as well as systems for data visualization and malicious traffic detection, aimed at enhancing defensive cybersecurity measures. This collection serves as an essential toolkit for security professionals focusing on threat detection and incident response.

brakeman

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Brakeman is a static analysis tool designed to identify security vulnerabilities in Ruby on Rails applications. It supports a wide range of output formats, includes features for ignoring specific checks, and allows for comparing current scans with previous results. Built to be compatible with various Rails versions, it can be run locally or via Docker, providing extensive configuration options for detailed security assessments.

README

Bug-Bounty-Methodology

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Bug-Bounty-Methodology is a collection of checklists designed for systematic bug bounty hunting. It covers various security testing scenarios, including 2FA testing, CAPTCHA bypass, CSRF protection, and OAuth misconfiguration, providing comprehensive guidelines for identifying vulnerabilities in web applications. Notable features include a structured compilation of methodologies tailored for different attack vectors and documentation that serves as a practical resource for penetration testers.

README

Bug-Bounty-Methodology

These are my checklists which I use during my bug bounty hunting.

Burp-Suite-Certified-Practitioner-Exam-Study

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Burp Suite Certified Practitioner Exam Study repository contains comprehensive study notes and practical labs designed to aid candidates in preparing for the Burp Suite Certified Practitioner (BSCP) Exam. It includes over 110 labs covering essential topics such as scanning, footholds, privilege escalation, and data exfiltration, alongside practical techniques and scripts tailored for effective web application security testing. Notable features include a structured approach to vulnerability assessment and recommendations for additional training materials and resources to enhance exam readiness.

BurpBounty

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Burp Bounty is a Burp Suite extension designed to enhance both active and passive scanning capabilities by allowing users to create personalized scanning rules through an intuitive graphical interface. The tool offers advanced pattern search and payload improvement features to build custom issue profiles, catering to automated and manual penetration testing workflows. A notable aspect is the availability of profiles shared by the community, which further augments its functionality.

ByePg

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ByePg is a kernel-level tool that circumvents Windows PatchGuard and HVCI by leveraging an early-bugcheck hook through the hijacking of the HalPrivateDispatchTable. Its primary use case is to facilitate the implementation of exception-based hooks, allowing for the registration of high-level system-wide exception handlers and offering capabilities for kernel manipulation previously restricted by PatchGuard. Notably, the tool includes a base library and various examples that demonstrate syscall hooking and SEH handling, showcasing its potential for creating new attack surfaces.

CDK

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CDK is a zero dependency container penetration toolkit designed for security testing, enabling stable exploitation across slimmed containers. Its primary use case revolves around container escaping, persistence, and lateral movement within Kubernetes clusters, featuring modules for evaluating container weaknesses, executing various exploits, and providing essential network tools. Notable capabilities include information gathering, direct interaction with the container’s environment, and the ability to initiate and manage attacks seamlessly.

README

CDK - Zero Dependency Container Penetration Toolkit

English | 简体中文

claude-bug-bounty

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Claude Bug Bounty is an AI-powered agent harness tailored for professional bug bounty hunting, enabling users to streamline their testing processes. It intelligently orchestrates over 25 tools, remembers past findings across targets, validates vulnerabilities to reduce false positives, and generates ready-to-submit reports in under a minute. Notable features include Burp MCP integration for live traffic monitoring and an autonomous hunting mode that simplifies the testing workflow.

README

Claude Bug Bounty

The AI-Powered Agent Harness for Professional Bug Bounty Hunting

Your AI copilot that sees live traffic, remembers past hunts, and hunts autonomously.

commix

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Commix is an open-source penetration testing tool designed for automating the detection and exploitation of command injection vulnerabilities in web applications. It supports multiple Python versions and includes extensive documentation with usage examples, facilitating ease of deployment and operation for security professionals. Notable features include comprehensive exploitation capabilities and a user-friendly interface for navigating various commands and options.

README

Commix (short for [comm]and [i]njection e[x]ploiter) is an open source penetration testing tool, written by Anastasios Stasinopoulos (@ancst), that automates the detection and exploitation of command injection vulnerabilities.

copacetic

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Copa is a CLI tool designed to directly patch container images for vulnerabilities without requiring a full rebuild, thereby enhancing DevSecOps workflows. Leveraging vulnerability scan results from tools like Trivy, Copa reduces the operational downtime associated with patching, minimizes storage needs by creating only additional patch layers, and allows any user to perform patches, irrespective of image ownership. Its extensible architecture supports multiple package managers and vulnerability report formats, making it adaptable to various container ecosystems.

Corsy

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Corsy is a lightweight CORS misconfiguration scanner designed to identify vulnerabilities in web applications’ Cross-Origin Resource Sharing implementations. It features a versatile command-line interface that supports scanning URLs directly or from files, utilizes customizable HTTP headers, and provides options for threading, request delays, and exporting results to JSON. Notably, it implements a comprehensive suite of tests to uncover various CORS-related bypass opportunities.

README

Corsy

CORS Misconfiguration Scanner

crawlergo

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: crawlergo is a robust web vulnerability scanner that utilizes a headless Chrome browser to collect URLs and interact with web pages, capable of intelligent form submission and JavaScript event triggering. Its key features include automatic URL de-duplication, support for different browser environments, request proxying, and the ability to push results to passive vulnerability scanners, making it an essential tool for comprehensive web application security assessments.

README

crawlergo

crlfuzz

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CRLFuzz is a specialized tool for detecting CRLF injection vulnerabilities in web applications, developed in Go for high performance. It offers flexible scanning options, including targeting individual URLs or multiple URLs from a list, and provides various command line flags to customize request methods, output results to files, and adjust concurrency levels. Notable features include support for custom headers, proxy usage, and integration capabilities with other security tools through standard input.

CTF

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Crypto-Cat/CTF repository serves as a comprehensive resource for Capture The Flag (CTF) challenges, offering write-ups, scripts, and files aligned with video walkthroughs. Its primary use case is to aid users in learning and solving various CTF challenges through curated links to additional resources, including pentesting and reverse engineering tools. Notable features include an extensive directory of CTF platforms, resources for blue team activities, and a collection of cybersecurity educational content.

ctf-skills

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The ctf-skills repository provides an extensive collection of agent skills designed to facilitate the solving of Capture The Flag (CTF) challenges across various domains, including web exploitation, binary pwn, reverse engineering, and more. Notable features include support for multiple installation methods, a comprehensive tool installer script, and detailed skill documentation for on-demand use, allowing users to efficiently integrate the necessary tools as challenges arise. It is compatible with any tool adhering to the Agent Skills specification, enhancing its versatility in competitive cybersecurity contexts.

CTFs

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CTFs is a repository containing write-ups and resources for various Cyber Capture The Flag (CTF) challenges. It offers a comprehensive cheat sheet detailing strategies and techniques across diverse categories, including forensics, binary exploitation, web challenges, and cryptography. Notable features include curated educational resources, practice sites, and a web mirror for easy access.

README

CTFs

Writeups / Files for some of the Cyber CTFs that I’ve done

I’ve also included a list of CTF resources as well as a comprehensive cheat sheet covering tons of common CTF challenges

cve

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The CVE PoC tool aggregates nearly every publicly available Proof-of-Concept (PoC) for Common Vulnerabilities and Exposures (CVEs), providing a comprehensive database of exploits for security professionals. It employs automated workflows to scrape and validate CVE details from various sources, including GitHub and HackerOne reports, while also allowing users to browse, search, and monitor PoCs for specific vulnerabilities. Noteworthy features include real-time updates, easy-to-read markdown documentation, and the ability to generate GitHub badges for affected software versions.

CVE-2020-0796

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CVE-2020-0796 is a Windows SMBv3 local privilege escalation exploit that targets a vulnerability in the SMB protocol, enabling unauthorized users to elevate their permissions. The tool includes proof of concept (PoC) and analysis references for users seeking to understand and replicate the exploit. Notable features include detailed documentation and references to further resources for in-depth exploitation and analysis of the vulnerability.

README

CVE-2020-0796

Windows SMBv3 LPE Exploit

CVE-2021-44228-PoC-log4j-bypass-words

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The CVE-2021-44228-PoC-log4j-bypass-words tool demonstrates various methods to exploit the Apache Log4j vulnerability, specifically focusing on bypassing WAF protections and patched versions. It provides multiple techniques, including the use of system environment variables, case manipulation, and invalid Unicode to obfuscate the exploit strings. Notable features include dynamic manipulation of Java naming lookups and the ability to use non-existent lookups for stealthy exploitation attempts.

README

🤝 Show your support - give a ⭐️ if you liked the content | SHARE on Twitter | Follow me on

🐱‍💻 ✂️ 🤬 LOG4J Java exploit - WAF and patches bypass tricks

📝 Description

CVE-2021-44228 works on:

CVE-2023-38831-winrar-exploit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The CVE-2023-38831 winrar exploit generator is a tool designed to create proof-of-concept (PoC) exploits for a recently discovered vulnerability in WinRAR versions up to 6.22. It allows users to customize bait files, such as images or documents, along with malicious script files to generate a malicious RAR archive. Notable features include an easy-to-use command-line interface for generating exploits and the ability to customize payloads according to user specifications.

CVE-2024-1086

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CVE-2024-1086 is a universal local privilege escalation exploit targeting Linux kernels from v5.14 to v6.6, with a notable success rate of 99.4% in KernelCTF environments. It allows users to gain root access under specific conditions related to user namespaces and kernel configurations, while also showcasing a deliberate kernel panic after execution to deter malicious exploitation. The tool includes both source code for building as well as a compiled binary for ease of use.

cve-bin-tool

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: CVE-bin-tool is a static analysis tool designed to identify vulnerable dependencies in binary artifacts by comparing them against known Common Vulnerabilities and Exposures (CVEs). Its primary use case is to streamline the security assessment process in software projects, enabling developers to detect and remediate vulnerabilities efficiently. Notable features include support for various package formats, a comprehensive vulnerability database, and integration capabilities with CI/CD pipelines for automated security checks.

DDOS-RootSec

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The RootSec Archive is a comprehensive collection of tools and resources designed for conducting Distributed Denial-of-Service (DDoS) attacks, vulnerability scanning, and botnet management. Notable features include a variety of botnet variants (such as Mirai and QBot), password cracking tools, real-time statistics through DStat, and C2 sources for effective botnet control. This archive serves both as a point of reference and a toolkit for security testing and exploitation practices.

DeauthDetector

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: DeauthDetector is an open-source tool designed to monitor and detect Wi-Fi deauthentication attacks using an ESP8266 microcontroller. Its primary use case involves real-time identification of malicious deauth frames, indicated by an LED activation, making it an effective low-cost solution for network security monitoring. Notable features include customizable scanning options, support for multiple channels, and easy installation via precompiled binaries or Arduino integration.

README

DeauthDetector

Detect deauthentication frames using an ESP8266

DedSec

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The DedSec Project is an educational toolkit designed for Android using Termux, integrating various scripts, utilities, and local web interfaces to facilitate learning about cybersecurity tools and workflows. It aims to enhance users’ understanding of defensive awareness through practical exercises and organized scripts, while supporting both English and Greek interfaces. Notable features include a comprehensive installation guide, diverse categories of tools, and a focus on educational usage, including personal information capture and simulated environments.

deepce

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: DeepCE is a lightweight tool designed for Docker container enumeration, privilege escalation, and container escapes, written in pure shell script to maximize compatibility. It performs a variety of enumerations, including container-specific data collection and host system scanning, and offers multiple exploits such as Docker group privilege escalation and command execution in privileged mode. Notably, DeepCE minimizes disk writes during enumeration, making it suitable for stealthy assessments in containerized environments.

DefaultCreds-cheat-sheet

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Default Credentials Cheat Sheet is a tool designed for penetration testers and blue teamers, providing a comprehensive repository of default login credentials for various products to aid in security assessments. Notable features include a searchable database of over 3,700 default credentials, the ability to export results for use in brute force attacks, and automated updates to maintain current data. The tool is easily installable via pip and supports operations across multiple operating systems.

DeimosC2

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: DeimosC2 is a deprecated post-exploitation Command & Control (C2) tool designed to facilitate control over compromised machines across multiple operating systems including Windows, macOS, and Linux. Its notable features include dynamic agent generation, diverse communication methods (TCP, HTTPS, DoH, and QUIC), a graphical interface for managing listeners and agents, and robust security measures such as multi-user support and two-factor authentication. However, it is important to note that the tool has a known XSS vulnerability and is no longer maintained.

dep-scan

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OWASP dep-scan is an advanced security audit tool designed for analyzing project dependencies against known vulnerabilities, advisories, and license issues, applicable to both local repositories and container images. Its primary use case is to facilitate integration within Application Security Posture Management (ASPM) and Vulnerability Management (VM) platforms, especially in Continuous Integration (CI) environments. Notable features include advanced reachability analysis, fast local vulnerability scanning without a server, generation of Software Bills of Materials (SBOM), and clear insights for prioritization of vulnerabilities.

device-activity-tracker

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Device Activity Tracker is a proof-of-concept tool designed for the analysis of WhatsApp and Signal user activity through Round-Trip Time (RTT) measurement of message delivery receipts. Its primary use case is to uncover privacy vulnerabilities in these messaging apps by detecting user activity levels, device state, and potential location changes, all while presenting real-time data through an accessible web interface. Notable features include an easy setup via Docker, a client-server architecture, and a CLI option for direct tracking of WhatsApp users.

diodb

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Diodb is a community-driven, vendor-agnostic database designed to catalog Vulnerability Disclosure Programs (VDPs) and Bug Bounty Programs (BBPs), including essential details such as contact information, policy locations, and reward structures. It facilitates streamlined engagement between security researchers and organizations, promoting best practices like Safe Harbor for ethical hacking. Notable features include a searchable front-end interface, options to download raw data in JSON format, and tools for generating VDPs easily.

dockle

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Dockle is a container image linter designed to enhance the security and compliance of Docker images by identifying vulnerabilities and recommending adherence to best practices, including CIS Benchmarks. It offers a simple command-line interface for scanning images, supports integration with CI/CD pipelines, and provides detailed checkpoint reports regarding security issues and Dockerfile practices. Notable features include vulnerability detection and the ability to customize scan parameters for fine-tuning results.

DogeRat

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: DogeRat is an advanced Android remote administration tool (RAT) that enables real-time control over Android devices through a Telegram-based interface without the need for port forwarding. Notable features include the ability to send and receive messages, capture multimedia, access location data, manage contacts, and utilize keylogger functionality, with additional capabilities available in its paid version, such as encryption and undetectable injections. The tool is intended solely for educational purposes and boasts a comprehensive set of functionalities for thorough device management.

EggShell

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: EggShell is a post-exploitation surveillance tool developed in Python, designed for establishing command line sessions on target machines with extended functionalities. Notable features include file uploading/downloading, tab completion, command execution, photo capturing, and device location tracking, with enhanced security through SSL and support for Linux and iOS in version 3.0.0. This tool serves as a proof of concept for penetration testing on devices that users own.

README

EggShell

About

EggShell is a post exploitation surveillance tool written in Python. It gives you a command line session with extra functionality between you and a target machine. EggShell gives you the power and convenience of uploading/downloading files, tab completion, taking pictures, location tracking, shell command execution, persistence, escalating privileges, password retrieval, and much more. This is project is a proof of concept, intended for use on machines you own.

EvilOSX

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: EvilOSX is a Remote Administration Tool (RAT) designed for macOS that enables stealthy monitoring and control of compromised systems. It boasts features such as terminal emulation, module extensibility, and the ability to retrieve sensitive user data like passwords and iCloud tokens, all while remaining undetected by antivirus solutions through encrypted payloads. Additionally, it includes functionalities for taking screenshots, recording audio, and executing local privilege escalation attempts, making it a potent tool for unauthorized system access and data exfiltration.

exphub

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Exphub is a vulnerability exploitation script repository containing various Proof of Concept (PoC) and exploit scripts for commonly exploited vulnerabilities across platforms like Weblogic, Struts2, Tomcat, and Drupal. It includes detailed usage documentation for a wide range of scripts, such as remote command execution (RCE) and Webshell uploader scripts, all of which have been tested for effectiveness. The tool aims to streamline the process of vulnerability scanning and exploitation by consolidating multiple scripts for easy access and execution.

exploitnotes

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Exploit Notes is a comprehensive resource platform designed for security research, focusing on hacking techniques and tools applicable to penetration testing, bug bounty programs, and Capture The Flag (CTF) challenges. It encompasses a wide array of topics including reconnaissance, various operating systems, web applications, databases, networks, and emerging technologies such as AI and blockchain. Users can leverage this repository for educational purposes, with the option to run it locally via a straightforward setup process.

faraday

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Faraday is an open-source vulnerability management tool designed to facilitate the organization, aggregation, and visualization of security data in a multiuser environment. Its primary use case is to streamline vulnerability discovery and management by integrating various community tools while providing insightful visualizations for both managers and analysts. Notable features include its command-line interface for direct terminal access, support for multiple installation methods (including Docker and PyPi), and the ability to automate scanning tools within CI/CD pipelines.

featherduster

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: FeatherDuster is a cryptographic analysis tool designed to facilitate the identification and exploitation of weaknesses in cryptosystems, leveraging its underlying library, Cryptanalib. It offers capabilities for automatic encoding detection and decoding, interaction with multiple ciphertext formats, and supports various cryptographic analysis functions, making it suitable for both researchers and practitioners in the field of cryptography. The tool aims to simplify the process of analyzing flawed cryptographic implementations, while Cryptanalib serves as a flexible engine for developing custom crypto attack methods.

Forensia

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Forensia is an anti-forensics tool designed for red teamers to eliminate traces during the post-exploitation phase. Its primary use case is to enhance evasion by supporting various functionalities such as unloading Sysmon drivers, employing the Gutmann method for file shredding, and disabling multiple logging mechanisms. Notable features include log erasure, file melting capabilities, and the ability to clear recent user activity and cache, thereby reducing the likelihood of detection by incident response teams.

Frida-Labs

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Frida-Labs is a repository designed to facilitate learning Frida for Android through a series of structured challenges, ranging from basic setup to intermediate-level tasks. The primary use case is to help users grasp the fundamentals of using Frida by engaging with practical scenarios that involve hooking methods, changing variable values, and native function invocation. Notable features include a variety of challenges, organized solutions, and an emphasis on understanding Frida scripts, making it an ideal starting point for beginners.

fscan

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Fscan is a comprehensive internal network scanning tool designed for automated vulnerability assessment and information gathering. Its primary use case encompasses host discovery, port scanning, credential brute-forcing across various protocols, system vulnerability detection, and web application scanning, including comprehensive support for various databases and frameworks. Notable features include the ability to exploit vulnerabilities such as MS17-010, SSH remote command execution, and the storage of scan results for further analysis.

fsociety

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Fsociety is a comprehensive penetration testing framework designed to provide a wide array of hacking tools utilized in the Mr. Robot series. It features modules for information gathering, password attacks, wireless testing, exploitation, web hacking, and post-exploitation, all implemented in Python 2, with detailed installation instructions for various platforms, including Docker support. Notable tools included are Nmap, sqlmap, WPScan, and several others tailored for diverse security testing scenarios.

fuxploider

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Fuxploider is an open-source penetration testing tool designed to automate the detection and exploitation of vulnerabilities in file upload forms. Its primary use case is to identify permissible file types and effectively upload web shells or malicious files to targeted web servers using optimized techniques. Notable features include support for Python 3.6 and the ability to utilize Docker for installation, providing flexibility across different environments.

README

fuxploider

fuzzforge_ai

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: FuzzForge AI is an open-source orchestration platform that leverages AI agents to automate security research workflows via the Model Context Protocol (MCP). It enables seamless interaction with containerized security tools, allowing AI agents to discover, chain, and execute tasks for vulnerability assessment and analysis autonomously. Notable features include a hub architecture for tool discovery, support for AI-native workflows, and the capability to create automated pipelines tailored for specific use cases such as firmware vulnerability research or Rust fuzzing.

Galaxy-Bugbounty-Checklist

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Galaxy Bugbounty Checklist is a comprehensive tool designed to aid bug bounty hunters by providing an organized and detailed checklist of security assessment techniques. It includes specific references for various testing methodologies such as Account Takeover, CSRF Bypass, and OSINT, making it an essential resource for systematic vulnerability evaluation. Notable features include its structured format and accessibility for users to seek assistance directly through the provided contact.

README

Notes

Try to make best Bug Bounty Checklist.
All checklists come with references.
Feel free to contact me maximus0xday [at] gmail if you have any question.

To do list:

Garud

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Garud is an automation tool designed for reconnaissance, specifically targeting sub-domain enumeration and vulnerability scanning for injection points such as XSS, SSRF, and SSTI. It integrates multiple popular bug bounty tools, including Assetfinder, Subfinder, and Nuclei, to streamline the scanning process, outputting results systematically while notifying the user upon completion. Notable features include the ability to filter and identify low-hanging vulnerabilities, along with systematic data collection and reporting functionalities.

GDA-android-reversing-Tool

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GDA (GJoy Dex Analyzer) is a powerful Dalvik bytecode decompiler designed for fast analysis of APK, DEX, ODEX, OAT, JAR, CLASS, and AAR files, with minimal memory and disk consumption. It features advanced capabilities including malicious behavior detection, vulnerability scanning, path solving, and deobfuscation, as well as various utilities for interactive operation and assisted analysis. GDA operates natively without requiring a Java VM, making it suitable for use on various Windows systems and virtual machines.

Ghost

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Ghost Framework is an Android post-exploitation framework that leverages the Android Debug Bridge to enable remote access to Android devices. Its primary use case is for penetration testing and security assessments of Android applications and devices. Notable features include ease of installation via pip and a focus on facilitating comprehensive exploitation scenarios.

README

Ghost Framework

Ghost Framework is an Android post-exploitation framework that
exploits the Android Debug Bridge to remotely access an Android device.

Installation

pip3 install git+https://github.com/EntySec/Ghost

go-shellcode

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The go-shellcode tool enables users to execute shellcode directly from memory as a standalone process, aiming to circumvent antivirus detection. Its primary use case involves running custom shellcode for penetration testing or exploitation purposes, leveraging features like shellcode size handling via batch scripts and a recommendation for binary obfuscation using the garble tool. The tool requires manual architecture specification and supports 64-bit shellcode execution while providing instructions for building and compressing the resulting binary.

Goby

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Goby is a network security assessment tool designed for efficient vulnerability scanning and comprehensive attack surface analysis of target enterprises. It features over 100,000 rule recognition engines and 200 protocol recognition engines, facilitating identification of various network and software vulnerabilities, along with access to preset account information for more than 1,000 devices. Additionally, Goby supports cross-platform functionality on Windows, MacOS, and Linux, and employs a user-friendly interface built with Electron and Vue.

GobyVuls

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GobyVuls is a collection of exploitation scripts specifically designed for vulnerabilities identified by the Goby scanning tool. The primary use case is to facilitate the exploitation of detected vulnerabilities, allowing users to perform actions such as command execution or establishing reverse shells. Notable features include a user-friendly interface for scanning and verification, as well as a collaborative framework for contributing new vulnerabilities and enhancing existing exploitation methods.

README

GobyVuls

Vulnerabilities of Goby supported with exploitation.

GTFOBins.github.io

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: GTFOBins is a curated repository that catalogs Unix-like executables capable of circumventing local security restrictions in improperly configured systems. Its primary use case is to aid security professionals and penetration testers in identifying and exploiting misconfigurations. Notable features include a comprehensive database of binaries and detailed usage instructions for different scenarios.

README

GTFOBins

GTFOBins is a curated list of Unix-like executables that can be used to bypass local security restrictions in misconfigured systems.

h-encore

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: h-encore is a jailbreak tool for the PS Vita that enables kernel and user-mode modifications on firmware versions 3.65, 3.67, and 3.68. Its primary use case is to allow users to install plugins, run homebrew applications, and customize their device’s performance. Notable features include the ability to auto-exit the bootstrap menu, personalize savedata to remove trophy warnings, and a streamlined kernel ROP chain for enhanced stability and compatibility.

hack-tools

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “hack-tools” repository offers a comprehensive collection of cybersecurity tools including DOS, information gathering utilities, malware creation kits, and remote administration tools, catering to a wide audience from enthusiasts to professionals. Key features include multi-platform support for Windows and Linux, compatibility with several programming languages, and the availability of free tools; however, users are cautioned about the legal implications and varying development statuses of the tools provided.

README

hacking-resources

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Lifka/hacking-resources repository is a curated collection of hacking utilities and cheat sheets, aimed at assisting cybersecurity professionals and enthusiasts in their studies. It includes a variety of resources such as tools, OS distributions, tutorials, and specific cheat sheets for cloud, web, network, and system hacking. Notable features involve a comprehensive index and contributions from the community, facilitating an ongoing accumulation of valuable cybersecurity knowledge.

README

Hacking resources and cheat sheets

Hacking-Tools

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Hacking-Tools is a curated collection of penetration testing and ethical hacking utilities, including essential tools from Kali Linux. It is organized into categories such as information gathering, vulnerability analysis, and exploitation tools, facilitating easy navigation and use. Notable features include a featured tool, BugBoard, designed to automate vulnerability detection for bug bounty hunters and security researchers.

README

Hacking-Tools

A curated list of penetration testing and ethical hacking tools, organized by category. This collection includes Kali Linux tools and other notable utilities.

HackVault

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: HackVault is a container repository designed for both defensive and offensive hacking tools. Its primary use case is to centralize and share various hacking utilities, which are intended to be continuously updated with new content over time. Notable features include a structured Wiki section for detailed information and ongoing additions to its arsenal of tools.

README

HackVault

This is a container repository for my defensive/offensive hacks. Go check the Wiki section for more information! Ideally, it’d be continually updated with new interesting stuff over time!

heap-viewer

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: HeapViewer is an IDA Pro plugin designed for analyzing heap memory, particularly for exploit development focusing on the glibc malloc implementation (ptmalloc2). Notable features include heap tracing for memory allocation functions, detection of overlaps and double-frees, visualization tools, chunk and arena information, and various utilities for manipulating and understanding heap structures. This tool aids in the identification of vulnerabilities related to memory management in software applications.

README

HeapViewer

Heroinn

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Heroinn is a cross-platform command-and-control (C2) and post-exploitation framework developed in Rust, designed primarily for research and educational purposes. Notable features include a graphical user interface (GUI), an interactive PTY shell, system information collection, file management with support for large files and resuming broken transfers, and compatibility with multiple operating systems including Windows, Linux, BSD, and macOS, leveraging various communication protocols such as TCP, HTTP, and reliable UDP.

herpaderping

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Herpaderping is a process obfuscation tool that manipulates the content of a file on disk after it has been mapped for execution, thereby misleading security products and the operating system about the actual process being run. Its primary use case is to facilitate stealthy execution of binaries by exploiting the timing of process creation callbacks and on-write scanning mechanisms, allowing an actor to modify the file after mapping but before the process starts. Notable features include the ability to remain undetected during file inspections and the execution of a binary while obscuring its original content through a specific workflow of creating, mapping, modifying, and executing targets.

hexstrike-ai

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: HexStrike AI is an advanced penetration testing platform that integrates over 150 security tools and more than 12 autonomous AI agents for automated cybersecurity assessment. Its primary use case focuses on cybersecurity automation, employing intelligent decision-making and vulnerability intelligence to optimize attack strategies and resource management. Notable features include real-time dashboards, progress visualization, and a multi-agent architecture that facilitates comprehensive penetration testing and threat analysis.

README

HexStrike AI MCP Agents v6.0

AI-Powered MCP Cybersecurity Automation Platform

htshells

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: HTSHELLS is a toolkit that facilitates the deployment of self-contained web shells and various web-based attack vectors by utilizing .htaccess files. Its primary use case is for penetration testing and exploitation, allowing users to execute commands remotely and conduct denial-of-service, information disclosure, directory traversal, and other attacks through a structured directory of attack modules. Notable features include the ability to generate custom .htaccess files for specific attack types and execute commands via query parameters, enhancing flexibility for security assessments.

Information_Collection_Handbook

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Information Collection Handbook is a comprehensive resource designed for penetration testers, focusing on effective information gathering techniques essential for vulnerability exploitation. It consolidates various methods and tools for domain and subdomain information collection, including online services, browser plugins, and advanced querying techniques, thereby enabling security professionals to uncover assets and vulnerabilities that may otherwise remain hidden. Notable features include detailed sections on Whois queries, DNS historical analysis, and strategies for bypassing content delivery networks (CDNs) to uncover real IP addresses.

Infosec_Reference

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The InfoSec Reference project serves as a comprehensive resource for individuals seeking to enhance their understanding of Information Security, offering a curated list of techniques, tools, and tactics. Its primary use case revolves around providing a “Yellow Pages” style reference for users to browse and learn about various aspects of infosec, helping them build skills and recall pertinent information. Notably, it encourages community contributions and maintains regular updates, while emphasizing a commitment to ethical practices in cybersecurity.

inql

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: InQL is an open-source Burp Suite extension tailored for advanced GraphQL testing, enabling security professionals to effectively identify vulnerabilities within GraphQL APIs. It features a user-friendly interface, robust query manipulation capabilities, and integration with Burp’s existing tools, significantly enhancing the testing process for GraphQL applications.

README

InQL v6.1.2 - Burp Extension for Advanced GraphQL Testing

jexboss

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: JexBoss is a tool designed to test and exploit Java deserialization vulnerabilities primarily in JBoss Application Server and other Java platforms. It supports versions 3 to 6 of JBoss and is effective against a variety of frameworks and applications, utilizing exploitation vectors such as admin and JMX consoles, servlet deserialization, and specific vulnerabilities like CVE-2017-5638. Notable features include easy installation, support for multiple target applications, and demonstration videos for practical use cases.

JNDI-Injection-Exploit-Plus

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: JNDI-Injection-Exploit-Plus is a comprehensive tool designed for generating operational JNDI links, facilitating background services with RMI, LDAP, and HTTP servers to test vulnerabilities effectively. It enhances the functionality of standard JNDI exploit tools by offering additional remote and local reference gadgets, support for multiple JDK versions, and the capability to create base64 and hex payloads, making it a robust resource for security testing. With over 75 deserialization gadgets included, it provides a diverse set of options for vulnerability assessments.

jok3r

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Jok3r is a Python CLI application designed to assist penetration testers in executing automated network infrastructure and web security assessments. With over 50 integrated open-source tools, it streamlines vulnerability identification through context-aware checks, CVE lookups, and brute force attacks, all packaged within a Docker image for ease of use and customization. Notable features include automatic service fingerprinting, a comprehensive library of security checks for various network services, and automated post-authentication testing.

joomscan

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OWASP JoomScan is an open-source vulnerability scanning tool designed specifically for Joomla CMS deployments, enabling automated detection of vulnerabilities and misconfigurations that could be exploited by attackers. Developed in Perl, it features a lightweight, modular architecture and provides a user-friendly interface with comprehensive reporting capabilities in both text and HTML formats. Notable features include component enumeration, version checks, firewall detection, and the ability to compile detailed reports to assist administrators in maintaining system security.

K8tools

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: K8tools is a collection of security research and penetration testing tools designed for use in various environments, including remote command execution and web shells. Notably, these tools are modified to enhance compatibility and stability, catering to security professionals who require reliable functionalities. The repository serves as a hub for downloading tools, accessing documentation, and submitting feedback for continuous improvement.

README

K8tools

声明: 工具仅供安全研究或授权渗透，非法用途后果自负。
下载: https://github.com/k8gege/K8tools
文档: http://k8gege.org/p/72f1fea6.html

kernel-exploits

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The bcoles/kernel-exploits repository provides various updated local root exploit implementations targeting vulnerabilities in the Linux kernel, specifically those identified by their CVEs. Each exploit enables privilege escalation through vulnerabilities such as improper memory handling or mismanaged user namespaces, allowing attackers to gain root access under certain conditions. Notable features include detailed exploit descriptions and references to original sources for further investigation.

README

Kernel Exploits

Various kernel exploits

CVE-2021-22555

Linux local root exploit.

kernel-exploits

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The xairy/kernel-exploits repository contains a collection of Linux kernel exploit code samples for various vulnerabilities, primarily focusing on local privilege escalation (LPE) and information leak scenarios. Each entry is associated with specific Common Vulnerabilities and Exposures (CVEs), detailing the exploit’s impact and vector, enhancing understanding and mitigation strategies for kernel security vulnerabilities. Notable features include the absence of licensing, making the code freely available for educational and research purposes.

kernelpwn

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The kernelpwn repository serves as a comprehensive resource for Capture The Flag (CTF) challenges focused on kernel exploitation, providing both challenge write-ups and educational material for beginners in the field. It features a collection of solved kernel-pwn challenges with detailed write-ups, covering various complex exploitation techniques such as SMEP, SMAP, KPTI, and KASLR bypasses. Notable features include a focus on both kernel and non-userland vulnerabilities, as well as an invitation for community contributions to enhance the repository’s challenge offerings.

Keylogger

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Keylogger is a lightweight, open-source tool developed in Visual C++ for educational purposes, designed to monitor system activity by capturing keystrokes, mouse clicks, and periodic screenshots in stealth mode. Its notable features include FTP integration for automatic log uploads, the ability to run unnoticed in the background, and persistence through auto-start and auto-copy mechanisms. The tool emphasizes ethical use, warning against unauthorized application.

README

Keylogger

Please don’t forget to give us a ⭐ if you find this project useful!

kics

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: KICS (Keeping Infrastructure as Code Secure) is an open-source tool designed to identify security vulnerabilities, compliance issues, and infrastructure misconfigurations in infrastructure-as-code early in the development cycle. It supports various platforms and offers a comprehensive set of queries for thorough analysis, making it essential for maintaining security in cloud-native projects. Notable features include its integration capabilities and extensive documentation for ease of use, enhancing security throughout the software development lifecycle.

killshot

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: KillShot is a comprehensive penetration testing framework designed for information gathering and website vulnerability scanning. Its primary use case involves automating data collection through integrated tools such as WhatWeb and Nmap, while offering features like a CMS Exploit Scanner and web application vulnerability assessments, including XSS and SQL injection detection. The framework also facilitates backdoor generation and includes a fuzzer, making it a versatile tool for security professionals.

KubeHound

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: KubeHound is a Kubernetes attack graph tool designed to automatically calculate attack paths between assets within a cluster. It enables users to query and analyze security vulnerabilities through a graph-based representation of their Kubernetes environment, utilizing the Gremlin query language for advanced data exploration. Notable features include compatibility with Docker and Docker Compose, deployment as a service (KHaaS), and integration with graph query UIs, including a Jupyter notebook for user-friendly interaction with the attack graph data.

labs

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The nixawk/labs repository serves as a catalog of documented vulnerabilities, specifically Common Vulnerabilities and Exposures (CVEs), across various software systems, tools, and devices. The primary use case is to provide security professionals with a reference for known vulnerabilities and their implications, enhancing awareness and response strategies regarding potential exploits. Notable features include detailed entries for each CVE, outlining affected systems and specific attack vectors for exploitation.

README

Name	Description
CVE-2015-5531	Directory traversal vulnerability in Elasticsearch before 1.6.1 allows remote attackers to read arbitrary files via unspecified vectors related to snapshot API calls.
CVE-2016-1909	Fortinet FortiAnalyzer before 5.0.12 and 5.2.x before 5.2.5; FortiSwitch 3.3.x before 3.3.3; FortiCache 3.0.x before 3.0.8; and FortiOS 4.1.x before 4.1.11, 4.2.x before 4.2.16, 4.3.x before 4.3.17 and 5.0.x before 5.0.8 have a hardcoded passphrase for the Fortimanager_Access account, which allows remote attackers to obtain administrative access via an SSH session.
CVE-2016-10225	The sunxi-debug driver in Allwinner 3.4 legacy kernel for H3, A83T and H8 devices allows local users to gain root privileges by sending “rootmydevice” to /proc/sunxi_debug/sunxi_debug.
CVE-2016-3087	Apache Struts 2.3.20.x before 2.3.20.3, 2.3.24.x before 2.3.24.3, and 2.3.28.x before 2.3.28.1, when Dynamic Method Invocation is enabled, allow remote attackers to execute arbitrary code via vectors related to an ! (exclamation mark) operator to the REST Plugin.
CVE-2016-4338	The mysql user parameter configuration script (userparameter_mysql.conf) in the agent in Zabbix before 2.0.18, 2.2.x before 2.2.13, and 3.0.x before 3.0.3, when used with a shell other than bash, allows context-dependent attackers to execute arbitrary code or SQL commands via the mysql.size parameter.
CVE-2016-5195	Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka “Dirty COW.”
CVE-2016-6277	NETGEAR R6250 before 1.0.4.6.Beta, R6400 before 1.0.1.18.Beta, R6700 before 1.0.1.14.Beta, R6900, R7000 before 1.0.7.6.Beta, R7100LG before 1.0.0.28.Beta, R7300DST before 1.0.0.46.Beta, R7900 before 1.0.1.8.Beta, R8000 before 1.0.3.26.Beta, D6220, D6400, D7000, and possibly other routers allow remote attackers to execute arbitrary commands via shell metacharacters in the path info to cgi-bin/.
CVE-2016-6415	The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request, aka Bug IDs CSCvb29204 and CSCvb36055 or BENIGNCERTAIN.
CVE-2016-7124	ext/standard/var_unserializer.c in PHP before 5.6.25 and 7.x before 7.0.10 mishandles certain invalid objects, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted serialized data that leads to a (1) __destruct call or (2) magic method call.
CVE-2017-0199	Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka “Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API.”
CVE-2017-1000353	Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an unauthenticated remote code execution. An unauthenticated remote code execution vulnerability allowed attackers to transfer a serialized Java `SignedObject` object to the Jenkins CLI, that would be deserialized using a new `ObjectInputStream`, bypassing the existing blacklist-based protection mechanism. We’re fixing this issue by adding `SignedObject` to the blacklist. We’re also backporting the new HTTP CLI protocol from Jenkins 2.54 to LTS 2.46.2, and deprecating the remoting-based (i.e. Java serialization) CLI protocol, disabling it by default.
CVE-2017-12615	When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
CVE-2017-17411	This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Linksys WVBR0 WVBR0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web management portal. The issue lies in the lack of proper validation of user data before executing a system call. An attacker could leverage this vulnerability to execute code with root privileges. Was ZDI-CAN-4892.
CVE-2017-5135	Certain Technicolor devices have an SNMP access-control bypass, possibly involving an ISP customization in some cases. The Technicolor (formerly Cisco) DPC3928SL with firmware D3928SL-P15-13-A386-c3420r55105-160127a could be reached by any SNMP community string from the Internet; also, you can write in the MIB because it provides write properties, aka Stringbleed. NOTE: the string-bleed/StringBleed-CVE-2017-5135 GitHub repository is not a valid reference as of 2017-04-27; it contains Trojan horse code purported to exploit this vulnerability.
CVE-2017-5638	The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.
CVE-2017-5689	An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT).
CVE-2017-7494	Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it.
CVE-2017-8464	Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows local users or remote attackers to execute arbitrary code via a crafted .LNK file, which is not properly handled during icon display in Windows Explorer or any other application that parses the icon of the shortcut. aka “LNK Remote Code Execution Vulnerability.”
CVE-2017-9791	The Struts 1 plugin in Apache Struts 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.
CVE-2018-4407	Apple iOS 11 and earlier, Apple macOS High Sierra, up to and including 10.13.6, Apple macOS Sierra, up to and including 10.12.6, Apple OS X El Capitan and earlier. A heap buffer overflow is allowed in Apple’s XNU operating system kernel.
CVE-2018-7600	Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
CVE-2018-10562	An issue was discovered on Dasan GPON home routers. Command Injection can occur via the dest_host parameter in a diag_action=ping request to a GponForm/diag_Form URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it’s quite simple to execute commands and retrieve their output.
MS17_010	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2017/ms17-010
NETCORE_NETDIS_UDP-53413-BACKDOOR	http://blog.trendmicro.com/trendlabs-security-intelligence/netis-routers-leave-wide-open-backdoor/

libc-database

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: libc-database is a tool for building and querying a database of libc offsets, primarily used for security research and exploitation analysis. It offers features such as identifying libraries via hashes, downloading and extracting libc libraries, and a web interface for user interaction. Users can also add custom libc versions and retrieve relevant offsets for specific symbols, enhancing their ability to work with different environments in cybersecurity applications.

README

Web interface

libc-database now has a web service and frontend. Visit https://libc.rip/ to try it out! Read https://github.com/niklasb/libc-database/tree/master/searchengine if you are interested in the API.

ligolo-ng

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Ligolo-ng is an advanced tunneling tool that establishes connections through a TUN interface, enabling penetration testers to create reverse TCP/TLS tunnels without the need for SOCKS proxies. Notable features include a user-friendly web interface, automatic configuration for certificates, support for multiple platforms, and resilience to network issues with automatic tunnel recovery. Its design facilitates streamlined network management and the ability to run tools directly over these tunnels.

README

Ligolo-ng : Tunneling like a VPN

like-dbg

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: LIKE-DBG is a tool designed to simplify the setup of a Linux kernel debugging environment by automating essential steps such as kernel building, root file system creation, and kernel launching within Docker containers. It offers a highly customizable configuration approach and supports multiple architectures, enabling researchers in kernel exploitation to focus on their work rather than the complexities of environment setup. Notable features include a dedicated Docker setup for each phase, support for various compilation methods, and integrated code quality measures.

linux-exploit-suggester

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Linux Exploit Suggester (LES) is a tool for auditing Linux systems to identify potential privilege escalation vulnerabilities, assessing the system’s exposure to known exploits by utilizing heuristic methods. It calculates the likelihood of exploitation for each vulnerability and verifies kernel hardening configurations, offering a comprehensive analysis of both compile-time and run-time security settings. Notable features include detailed exploit documentation, exposure assessment ratings, and integration with kernel hardening verification, making it a valuable resource for security assessments on Linux-based environments.

linux-kernel-exploitation

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Linux Kernel Exploitation repository serves as a curated collection of resources pertaining to Linux kernel security and exploitation techniques. It provides extensive links to books, methodologies, tools for fuzzing, and training exercises, making it a comprehensive reference for security researchers and practitioners interested in kernel vulnerabilities and exploitation strategies. Notable features include regular updates, categorized content on various exploitation techniques, and a community-driven approach encouraging contributions via pull requests.

linux-kernel-exploits

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The linux-kernel-exploits repository provides a catalog of various known vulnerabilities within the Linux kernel, detailing specific CVEs along with their descriptions and affected kernel versions. Its primary use case is to aid security researchers and penetration testers in identifying and exploiting kernel vulnerabilities for testing and mitigation purposes. Notable features include a comprehensive list of CVEs organized by year, along with linked folders containing additional exploit details.

README

linux-kernel-exploits

简介

linux-kernel-exploits

linWinPwn

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: linWinPwn is a comprehensive bash script designed for Active Directory penetration testing on Linux, integrating various tools for enumeration, vulnerability checks, modifications, and password dumping. It features both an interactive mode for manual checks and an automated mode for streamlined enumeration, allowing users to perform a wide array of security assessments including LDAP, Kerberos, and MSSQL interactions. Notably, it supports a range of authentication methods and can execute critical checks for known vulnerabilities such as NoPac and ZeroLogon, making it an essential tool for security professionals.

lisa.py

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: lisa.py is a Model-Context Protocol (MCP) integration for LLDB, enabling AI assistants like Claude to interact with debugging sessions through a structured interface. It consists of a server component to handle communication and a plugin for LLDB that exposes debugging functionalities via JSON-RPC, allowing users to execute commands verbally and enhance the debugging experience with natural language processing. Notable features include the capability to create targets, manage breakpoints, control process execution, and evaluate expressions directly from the AI assistant.

lonkero

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Lonkero is a professional-grade web security scanner engineered for advanced penetration testing, boasting over 125 sophisticated scanning modules written in Rust. Its notable features include an intelligent mode for context-aware scanning, machine learning capabilities to minimize false positives to 5%, and unique proof-based XSS detection that eliminates reliance on browsers, significantly increasing scan speed and accuracy. By leveraging a robust architecture that focuses on real vulnerabilities, Lonkero delivers efficient and precise security assessments for modern web technologies.

lunasec

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: LunaTrace is an open-source supply chain security and auditing tool that monitors software dependencies for vulnerabilities, integrating seamlessly with GitHub to notify users of new CVEs before deployment. It offers both a free SaaS option and self-hosted deployment capabilities, making it a versatile alternative to commercial tools like GitHub Dependabot and Snyk. Notable features include automatic monitoring, GitHub Pull Request integration, and active development support.

README

lynis

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Lynis is a security auditing and hardening tool designed for UNIX-based systems, including Linux, macOS, and BSD. It conducts comprehensive security scans to evaluate system defenses, identify vulnerabilities, and suggest improvements for hardening systems against potential threats. Notable features include automated compliance testing, vulnerability detection, configuration management assistance, and adaptability for use by system administrators, auditors, and penetration testers.

README

Documentation

Do you like this software? Star the project and become a stargazer.

malwoverview

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Malwoverview is a versatile malware analysis tool designed for cybersecurity professionals to visualize and understand malware architecture without submitting samples to external endpoints, thereby ensuring compliance with Non-Disclosure Agreements. Its primary use case involves generating detailed reports on malware characteristics, and it offers a variety of analysis features, including dynamic and static analysis capabilities, and an intuitive user interface for enhanced usability. The tool is free and open-source, allowing users to modify and redistribute it under the GNU General Public License.

mantis

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Mantis is a command-line framework that automates the processes of asset discovery, reconnaissance, and scanning for vulnerabilities. It efficiently identifies subdomains, certificates, and active assets, culminating in comprehensive scans for misconfigurations and secrets using a combination of open-source and custom tools. Notable features include distributed scanning capabilities, customizable scans, a dashboard for vulnerability management, and integration with various DNS services.

README

Features • Modules • Installation • Command Line Options • Documentation • Contributors • Join Discord

Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Massive Web Application Penetration Testing Bug Bounty Notes repository provides a comprehensive guide tailored for both novice and advanced penetration testers, emphasizing methodologies for web application security assessments. It covers essential topics such as setting up testing environments, identifying and exploiting the OWASP Top 10 vulnerabilities, and practical resources like video tutorials for enhanced learning. Notable features include a structured approach to various testing phases, from foundational concepts to specific attack vectors related to session management, authentication, and business logic vulnerabilities.

metarget

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Metarget is a framework designed to automatically deploy vulnerable cloud-native infrastructures for security research purposes. It allows users to swiftly instantiate environments with known vulnerabilities (e.g., Docker and Kubernetes exploits) using simple command-line instructions, thus minimizing setup time for ethical hacking and testing scenarios. Notable features include the ability to “install” vulnerabilities like software packages, enabling researchers to quickly create multilayer vulnerable scenes for comprehensive testing and learning.

mimipenguin

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: MimiPenguin is a Linux tool designed to extract cleartext login passwords from the currently logged-in desktop user by dumping process memory. It utilizes a probability-based method to identify possible passwords by cross-referencing hashes from the /etc/shadow file and performing regex searches. Notably, version 2.0 features a C implementation aimed at enhancing speed and portability, while it maintains support for various desktop environments and authentication types including Gnome Keyring and LightDM.

moonwalk

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Moonwalk is a lightweight tool designed for penetration testing on Unix systems, enabling users to erase their traces during exploitation by restoring system logs and filesystem timestamps to their previous state. Key features include a fast execution time of under 5 milliseconds, the ability to save and revert user shell history, and a world-writable path for session logging, ensuring that no evidence of the testing remains.

README

`moonwalk`

Cover your tracks during Linux Exploitation / Penetration Testing by leaving zero traces on system logs and filesystem timestamps.

mssqlproxy

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: mssqlproxy is a lateral movement tool designed to facilitate access through a compromised Microsoft SQL Server by utilizing socket reuse. It operates with sysadmin privileges and comprises a CLR assembly, a core DLL, and a client, allowing users to install and manage proxy services for connecting to external systems. Notable features include remote DLL management, commands for file transfer, and options for configuring local listening ports, although it currently supports only IPv4 connections.

Nettacker

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OWASP Nettacker is an automated penetration testing and information-gathering framework designed for cybersecurity professionals to conduct reconnaissance, vulnerability assessments, and network security audits. Key features include a modular architecture for customizable task execution, support for multi-protocol and multithreaded scanning, comprehensive output formats, and a user-friendly interface for managing scans, all of which enhance its efficacy in identifying weaknesses across diverse systems and applications.

README

OWASP Nettacker

Nginx-Lua-Anti-DDoS

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Nginx-Lua-Anti-DDoS is a protective tool designed for Nginx web servers, leveraging Lua scripting to mitigate DDoS attacks through a JavaScript-based authentication puzzle inspired by Cloudflare’s “I’m Under Attack” mode. The tool features automatic detection and activation of protection mechanisms against various attack types, extensive IP and User-Agent filtering options, as well as capabilities to inspect and block malicious HTTP requests. With no limitation on attack size and built-in logging for monitoring, it offers customizable error responses and caching optimizations to enhance web server performance during attacks.

nocom-explanation

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: No Comment is a tool designed for analyzing and visualizing gameplay data, specifically focusing on tracking player movements and in-game events within the Minecraft server 2b2t. Its primary use case is to create detailed heatmaps and monitor activity trends, enabling users to comprehend the dynamics of player interactions and exploit occurrences. Notable features include high-resolution visual outputs of player activities and integration with community resources for enhanced data representation.

NoSQLMap

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: NoSQLMap is a Python tool designed for auditing and automating injection attacks on NoSQL databases, primarily targeting MongoDB and CouchDB, while also preparing for support of others like Redis and Cassandra. It helps identify and exploit default configuration vulnerabilities to disclose or replicate database data through a user-friendly menu-based interface. Key features include options for NoSQL DB access attacks, web application attacks, and scanning for anonymous MongoDB access.

npq

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: npq is a tool designed to audit npm packages prior to installation, enhancing security during the package management process. It performs multiple checks, including vulnerability assessments using the Snyk database, package age, popularity metrics, and the presence of essential documentation files. Notable features include an auto-continue mode after warnings and customizable settings for strict security reviews.

README

npq allows you to audit npm packages before you install them

nuclei-wordfence-cve

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Nuclei + Wordfence CVE project provides a comprehensive set of 71,889 Nuclei templates specifically designed for assessing security vulnerabilities in WordPress, including core, plugins, and themes. Notably, the templates are regularly updated to reflect the latest threats identified by Wordfence, offering users a robust tool for proactive site protection and vulnerability identification. This open-source solution allows for customization, giving users the flexibility to adapt templates to meet specific security needs.

one_gadget

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OneGadget is a Ruby gem designed for locating one-gadget RCE exploits within libc binaries, simplifying the process for participants in Capture The Flag (CTF) challenges. It leverages symbolic execution to efficiently identify gadgets that result in the execution of /bin/sh, supports multiple architectures (i386, amd64, aarch64), and offers a command-line interface for user-friendly interaction with customizable output options.

README

OneGadget

When playing ctf pwn challenges we usually need the one-gadget RCE (remote code execution), which leads to call execve('/bin/sh', NULL, NULL).

Open-Source-Security-Guide

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Open Source Security Guide serves as a comprehensive resource for enhancing the security of systems and networks by providing tutorials, standards, and tools relevant to open-source security practices. It includes sections on security certifications, threat models, and various security frameworks, along with a curated list of tools and resources to improve security operations. Notably, it aims to foster a collaborative environment for sharing best practices and advancing security through community initiatives.

opencve

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OpenCVE is a Vulnerability Intelligence Platform designed to efficiently monitor and manage Common Vulnerabilities and Exposures (CVEs). It provides features such as aggregation from multiple sources, customizable filtering, alert subscriptions, and collaboration tools for tracking CVE progress within teams. Notable functionalities include AI-driven enrichment, customizable dashboards, and detailed reporting capabilities to streamline vulnerability management processes.

README

What is OpenCVE?

OpenCVE is a Vulnerability Intelligence Platform that helps you monitor and manage CVEs efficiently.

OSCP

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The OSCP repository contains a collection of scripts and tools designed to assist in penetration testing and privilege escalation, particularly for the OSCP exam. Notable features include custom scripts for Linux privilege checks, port knocking, cron job analysis, and a comprehensive Windows privilege escalation check, along with a SQL injection cheatsheet for manual exploitation techniques. This repository is aimed at providing streamlined and efficient tools for security practitioners during their testing processes.

ossa

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Ossa is an open-source security architecture tool designed to assist small to medium-sized enterprises in implementing security measures through accessible tools and resources. Its primary use case is to guide users in the installation and practical application of various security tools to address common vulnerabilities and improve overall security posture. Notable features include a focus on application security fundamentals, intrusion detection, and detailed documentation on tool usage, aimed at enhancing security for organizations lacking dedicated security personnel.

osv-scanner

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: OSV-Scanner is a tool designed to identify vulnerabilities in project dependencies by leveraging the OSV database through a user-friendly CLI interface. It supports a diverse range of programming languages, package managers, and includes features such as vulnerability detection in container images and guided remediation recommendations based on various criteria. The tool’s extensibility and comprehensive data sourcing improve the accuracy and effectiveness of vulnerability notifications for developers.

README

osv.dev

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The OSV.dev tool provides a platform for scanning software dependencies against a comprehensive database of known vulnerabilities. It features a Go-based scanner capable of analyzing various types of lockfiles, Docker containers, SBOMs, and git repositories, while enabling users to access a web UI and APIs for data integration and management. Notably, it includes tools for vulnerability data publishing, bisection, impact analysis, and leverages Google Cloud Platform for deployment and scalability.

OWASP-Web-Checklist

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The OWASP Web Application Security Testing Checklist tool provides a comprehensive framework for evaluating the security posture of web applications through a series of structured assessments. Designed for security professionals, it covers multiple areas including information gathering, authentication, session management, and secure transmission, ensuring that all critical aspects of web application security are systematically addressed. Notable features include a user-friendly format available in both PDF and Docx, as well as a Trello board for effective task management and tracking.

Penetration_Testing_POC

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Penetration_Testing_POC is a comprehensive collection of proof of concepts (POCs), scripts, tools, and articles related to penetration testing, intended to serve as a reference resource. It systematically categorizes vulnerabilities across various domains such as IoT, mobile devices, web applications, and privilege escalation methods, providing users with essential insights and practical exploitation techniques. Notable features include organized documentation and links to external resources, ensuring that users can easily navigate and leverage the provided information for security assessments.

penetration-testing-cheat-sheet

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Penetration Testing Cheat Sheet is a comprehensive checklist designed to assist cybersecurity professionals in performing penetration testing tasks. It aggregates various tools and techniques for phases such as reconnaissance, scanning, and vulnerability exploitation, while emphasizing the importance of complementarity among tools for better results. Noteworthy features include automation of certain tasks and links to crucial resources for penetration testing methodologies.

README

Penetration Testing Cheat Sheet

This is more of a checklist for myself. May contain useful tips and tricks.

Penetration-Testing-Tools

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Penetration Testing Tools repository is a comprehensive collection of over 160 scripts, utilities, and cheatsheets designed for Penetration Testing and IT security audits. It encompasses a wide range of categories including cloud assessments, network protocols, web security, and red teaming, enabling practitioners to increase efficiency and improve technical assurance in their engagements. Notable features include modular organization by function, a focus on real-world applicability, and the absence of sensitive client-specific information.

PentestTools

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Pentest Tools is a comprehensive catalog of penetration testing resources, referencing tools primarily from Kali Linux, and featuring both open-source and readily accessible software. It includes a wide array of categories such as information gathering, vulnerability analysis, and exploitation tools, aimed at facilitating various aspects of security assessments. Notable features include a curated list of essential tools, categorized functionalities, and a long-term commitment to updates and supplementary resources.

PhoneSploit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PhoneSploit is a Python3 tool designed for remote exploitation through ADB (Android Debug Bridge), enabling users to perform a variety of actions on victim devices. Its notable features include the ability to access the device shell, capture screenshots and screen recordings, uninstall applications, and obtain system information in real time, along with file management capabilities such as pulling folders and sending files. The framework serves primarily as a penetration testing tool for assessing the security of Android devices, but it contains mandatory ethical usage disclaimers.

PhoneSploit-Pro

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PhoneSploit Pro is an advanced Python-based tool designed for penetration testing and exploiting Android devices remotely through the Android Debug Bridge (ADB) and Metasploit Framework integration. It automates the process of creating, installing, and launching payloads to gain a Meterpreter session in a single click, along with extensive ADB functionalities for managing connected devices, such as file transfers, device control, and data extraction. Notable features include remote screen recording, SMS management, and capabilities for controlling device operations, making it a comprehensive toolkit for security assessments on Android platforms.

PHP-Antimalware-Scanner

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PHP Antimalware Scanner is a PHP-based tool designed to scan projects for malicious code embedded within PHP files. Its primary use case is to detect potential malware through an interactive console interface or in a reporting mode that generates results in HTML or text. Notable features include customizable scanning options for file paths, action prompts upon detection of malware, and compatibility with various PHP configurations.

README

PHP Antimalware Scanner

phpsploit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PhpSploit is a full-featured Command and Control (C2) framework that maintains a persistent presence on web servers using a polymorphic PHP one-liner. Its primary use case is for penetration testing and exploitation, enabling users to execute commands, manage files remotely, interact with a SQL console, and escalate privileges through over 20 available plugins. Notable features include obfuscated communication via HTTP headers and seamless file upload/download capabilities, facilitating robust interactions with target systems while bypassing standard PHP security measures.

PoC

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Proofs-of-concept

Proofs-of-concept

POC-T

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: POC-T (Pentest Over Concurrent Toolkit) is a versatile framework designed for penetration testing that facilitates concurrent tasks such as data collection, web crawling, brute-force attacks, and bulk PoC management. Its notable features include support for both multithreading and Gevent concurrency modes, simplified script writing without extensive documentation, built-in script extensions, and integration with popular search engine APIs like ZoomEye, Shodan, and Google.

README

POC-T: Pentest Over Concurrent Toolkit

PocOrExp_in_Github

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PocOrExp in Github is a tool designed for aggregating proof of concepts (PoCs) and exploitation scripts (Exp) associated with Common Vulnerabilities and Exposures (CVE) directly from GitHub. Its primary use case is to assist cybersecurity professionals in quickly locating relevant PoCs by year and monitoring updates for existing vulnerabilities. Notable features include year-specific data retrieval, initialization options to avoid processing handled CVEs, and the ability to track changes to PoCs over time.

pocsuite3

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: pocsuite3 is an open-source framework designed for remote vulnerability testing and proof-of-concept (PoC) development, focused on empowering penetration testers and security researchers. Notable features include a versatile PoC engine supporting multiple execution modes, dynamic loading of PoC scripts and targets from various sources, as well as comprehensive integration with tools like Seebug, Shodan, and ZoomEye. The tool also offers robust capabilities such as plugin support, multi-target loading, and HTTP/SOCKS proxy configuration, making it a powerful asset in the security testing arsenal.

Pompem

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Find exploit tool

Find exploit tool

PowerHub

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PowerHub is a post-exploitation tool designed for PowerShell, facilitating the transfer of potentially flagged data during penetration testing engagements. Its notable features include being fileless and stateless, utilizing cert pinning and RC4 encryption for string obfuscation, allowing seamless execution of C# programs in memory, and offering multiple methods to bypass AMSI. The tool simplifies processes such as running scripts and transferring sensitive information like Kerberos tickets or passwords, either through command line or a web interface, enhancing collaboration for testing teams.

PrivEsc

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: PrivEsc is a collection of privilege escalation scripts and exploits designed for Windows, Linux, and MySQL environments. Its primary use case is to help security professionals identify and exploit privilege escalation vulnerabilities in various systems. Notable features include compatibility with multiple operating systems and exploitation capabilities tailored for common service vulnerabilities.

README

PrivEsc by 1N3@CrowdShield

http://crowdshield.com

ABOUT:

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

pwn_jenkins

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Pwn_jenkins is a tool designed for exploiting various remote code execution vulnerabilities within Jenkins instances, specifically targeting misconfigurations and outdated versions. It enables authenticated and unauthenticated access to sensitive files, allows for arbitrary command execution via deserialization exploits, and identifies authentication bypass issues through crafted requests. Notable features include support for multiple CVEs, including CVE-2014-23897 and CVE-2019-1003002, making it a comprehensive toolkit for assessing the security of Jenkins environments.

pwndbg

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Pwndbg is a Python module designed as a plugin for GDB and LLDB, enhancing the debugging experience for developers working on low-level software, reverse engineering, and exploit development. Its primary use case is to streamline common debugging tasks by providing user-friendly features and a suite of utilities that address the shortcomings of vanilla GDB and LLDB. Notable features include an improved hexdump command, a clean interface for quick navigation, and a range of custom tools to facilitate debugging across different platforms and architectures.

pwninit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: pwninit is a tool designed to automate the setup for binary exploitation challenges by preparing the necessary executables and library files. Key features include the ability to set the challenge binary as executable, download an appropriate linker and debug symbols, patch the binary using patchelf, and generate a customizable pwntools solve script. This streamlines the initial configuration process for security professionals and students engaging in binary exploitation tasks.

pythem

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: pythem is a versatile penetration testing framework written in Python, designed for use by security researchers and professionals to conduct various security assessments within legal boundaries. Notable features include support for attacks such as ARP spoofing, DNS manipulation, brute force attacks on SSH and web forms, as well as tools for exploit development and packet filtering. The framework can be installed on Debian-based Linux distributions, or run as a Docker container, facilitating accessibility and ease of deployment.

Raccoon

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Raccoon is an offensive security tool designed for reconnaissance and information gathering, offering a wide range of features like DNS enumeration, WHOIS lookup, TLS data analysis, port scanning, and directory fuzzing. With support for asynchronous scanning via Python’s asyncio and anonymity through Tor/proxies, it provides efficient and robust scanning capabilities while organizing outputs by target and scan type. Additionally, it leverages default wordlists from SecLists for various reconnaissance tasks, enhancing its operational effectiveness.

randar-explanation

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Randar is a Minecraft exploit targeting versions Beta 1.8 to 1.12.2 that uses LLL lattice reduction to manipulate the game’s random number generator, java.util.Random, allowing attackers to derive the precise coordinates of other players’ locations based on item drop positions from mined blocks. The exploit hinges on a vulnerability in the game’s code, where improper reuse of RNG instances can be exploited to track players across vast distances, making it particularly significant on anarchic servers like 2b2t, where player anonymity and location security are critical. Notable features include the ability to reverse-engineer the RNG state to pinpoint player coordinates efficiently and the reliance on advanced mathematical techniques to achieve this.

rapidscan

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: RapidScan is a multifaceted web vulnerability scanner that automates the execution of various security scanning tools to efficiently uncover and assess vulnerabilities in web applications. Notable features include its one-step installation, support for multiple tools like nmap and nikto, the ability to correlate results to reduce false positives, and the provision of detailed vulnerability definitions and remediation strategies. The tool is designed to streamline the penetration testing process, saving valuable time while offering comprehensive reporting and future plans for AI-driven tool deployment based on detected issues.

reconmap

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Reconmap is an open-source penetration testing management and automation platform that aids security professionals throughout the engagement lifecycle by efficiently planning, executing, and reporting on security assessments. Its notable features include real-time execution and scheduling of security commands, automated output capture, vulnerability tracking, and the generation of professional reports in multiple formats, all aimed at streamlining workflows and enhancing collaboration among InfoSec teams.

README

Reconmap

redamon

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: RedAmon is an autonomous AI framework designed for seamless cybersecurity operations that integrate reconnaissance, exploitation, and post-exploitation processes into a streamlined pipeline. It stands out by automatically triaging findings, applying code fixes, and generating pull requests in repositories, ensuring human oversight at critical junctures. Its notable features include support for over 38 security tools, integration with major vulnerability scanners, and configurable autonomy to adapt to various security assessment needs.

reentrancy-attacks

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “reentrancy-attacks” repository provides a comprehensive historical collection of reentrancy attack incidents on smart contracts. It categorizes various types of attacks, including single-function and cross-chain reentrancy, and includes detailed timelines, victim contracts, and exploit transactions for notable cases. This tool serves as a reference for understanding and analyzing reentrancy vulnerabilities in blockchain applications.

README

⚔️ A Historical Collection of Reentrancy Attacks

📌 Definition of a Reentrancy Attack

remote-method-guesser

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The remote-method-guesser (rmg) is a Java RMI vulnerability scanner designed to identify and verify common security vulnerabilities on Java RMI endpoints. It features practical examples, including servers that facilitate testing for standard RMI services, SSRF attacks, and Spring Remoting integration, making it a valuable tool for penetration testers and security researchers. The tool’s compatibility with Docker allows for efficient setup and execution of security assessments in isolated environments.

reverse-shell

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: reverse-shell is a tool that facilitates setting up reverse shells on Unix-like systems, primarily intended for penetration testing and educational purposes. It automatically detects the target’s available software to execute the appropriate payload, enabling users to bypass firewalls and gain remote shell access effortlessly. Notable features include ease of use with commands for listening and executing reverse shells, options for reconnecting after disconnection, and the ability to run in the background to avoid detection.

ronin

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Ronin is an open-source Ruby toolkit designed for security research and development, featuring a comprehensive suite of CLI commands and libraries tailored for various security tasks such as data encoding/decoding, vulnerability scanning, fuzzing, and reconnaissance. Notable features include a fully-loaded Ruby REPL, a lightweight web UI for database interaction, and the ability to install and run third-party exploits or payloads. This tool is primarily used by security researchers, bug bounty hunters, and developers for efficient data processing and rapid script prototyping.

RootMyTV.github.io

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: RootMyTV is an exploit tool designed for rooting or jailbreaking LG webOS smart TVs, primarily facilitating the installation of the webOS Homebrew Channel with elevated privileges. Notable features include its user-friendly interface and detailed instructions for exploiting unpatched webOS versions, enabling users to run third-party applications on their TVs. However, due to LG’s security updates, the tool is unlikely to work on models with firmware released after mid-2022.

ROPgadget

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ROPgadget is a tool designed to facilitate Return-Oriented Programming (ROP) exploitation by allowing users to search for gadgets within binary files. It supports multiple file formats (ELF, PE, Mach-O, Raw) and architectures (x86, x64, ARM, ARM64, MIPS, PowerPC, Sparc, RISC-V 64) and employs the Capstone disassembler for efficient gadget identification. Notable features include customizable search parameters, ROP chain generation, and support for various opcode and string searching capabilities.

scan4all

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: scan4all is a versatile cybersecurity tool designed for automated web scanning and vulnerability detection, integrating various tools such as vscan, nuclei, and subfinder. It supports a wide range of protocols for password blasting and includes built-in detection capabilities for over 15,000 proof-of-concept (PoC) exploits. Built on Golang, it is cross-platform, lightweight, customizable, and features intelligent scanning mechanisms that optimize performance while ensuring comprehensive coverage of vulnerabilities.

README

💬

Scanners-Box

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Scanners Box is a comprehensive hacker toolkit that consolidates over 335 open-source scanners across various categories, such as subdomain enumeration, SQL injection vulnerability detection, and malware detection. The tool is designed for modular vulnerability assessment and does not include well-known scanning tools like Nmap or Metasploit, focusing instead on specialized scanning capabilities. Notable features include AI-powered autonomous scanners, dynamic and static code analysis, and comprehensive scanning for web applications and IoT devices.

ScopeSentry

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Scope Sentry is a versatile cybersecurity tool that provides functionalities such as asset mapping, subdomain enumeration, vulnerability scanning, and information leakage detection. Its primary use case is to facilitate comprehensive security assessments of web assets through a distributed scanning approach, allowing users to configure multiple scanning nodes. Notably, it features a plugin system for extensibility, supports multi-node scanning, and includes components for web monitoring and sensitive data leakage detection.

SecretScanner

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Deepfence SecretScanner is a standalone tool designed to identify unprotected secrets, such as API keys and passwords, within container images and file systems. It matches content against a comprehensive database of approximately 140 secret types, outputting detailed findings in JSON format. Furthermore, SecretScanner can be integrated into the ThreatMapper platform, allowing for holistic vulnerability scanning and risk assessment in cloud-native applications.

README

SecretScanner

Deepfence SecretScanner can find unprotected secrets in container images or file systems.

sectemplates

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SecTemplates is a resource repository designed for infosec professionals and engineering teams lacking dedicated security personnel, providing templates for various security programs such as bug bounties, incident response, and vulnerability management. The tool offers structured starting points including checklists, runbooks, and document templates, facilitating the establishment and scaling of security initiatives while maintaining neutrality towards specific vendors. Content is freely available for personal and commercial use, barring resale in other products.

Selenium-Driverless

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Selenium-Driverless is a Python package that enables web automation using Selenium without the need for a chromedriver, allowing for interactions with sites that commonly employ anti-bot mechanisms like Cloudflare. Its notable features include support for multiple tabs and incognito contexts, proxy authentication, and network interception, making it suitable for use cases that require more advanced browser automation scenarios while maintaining anonymity. The tool is designed primarily for non-commercial use and provides integration with asyncio for asynchronous operations.

shad0w

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SHAD0W is a modular command and control (C2) framework designed for advanced threat operations within mature environments, leveraging techniques to evade endpoint detection and antivirus systems. Built with Python and C, it enables the execution of payloads including .NET assemblies and scripts entirely in memory, while offering features such as HTTPS communication, dynamic process injection, and extensive modularity for tasking beacons. Notable components include built-in privilege escalation exploits, a live web proxy feature, and a robust command-line interface, facilitating customization and effective covert operations.

shannon

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Shannon is an autonomous AI penetration testing tool designed for web applications and APIs, capable of performing white-box security assessments through source code analysis and real exploit execution. It identifies potential vulnerabilities such as injection attacks and authentication bypasses, generating reports that include only verified exploits with reproducible proof-of-concept evidence. Key features include fully automated operation, OWASP vulnerability coverage, and integrated security tooling, making it suitable for continuous security testing throughout the software development lifecycle.

shellen

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Shellen is an interactive shellcoding environment designed for writing and utilizing shellcodes, supporting both assembly and disassembly operations. Leveraging the keystone and capstone engines, Shellen allows users to seamlessly switch between different modes, search syscall tables, and run shellcodes within a subprocess, while providing a user-friendly prompt that displays the current status and architecture. This tool caters primarily to developers and security researchers working with low-level code, making shellcode manipulation intuitive and efficient.

shortscan

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Shortscan is an IIS short filename enumeration tool that rapidly identifies files with short filenames on an IIS web server and attempts to discover their corresponding full filenames using a unique checksum matching method. Its notable features include support for custom headers, concurrency settings, and vulnerability checks without full file enumeration, as well as the ability to utilize custom wordlists and generate rainbow tables through an accompanying utility named shortutil.

sicat

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SICAT is a comprehensive vulnerability and exploit finder that streamlines the reconnaissance process by aggregating data from multiple reputable databases based on user-defined keywords, Nmap scan results, or detected web technologies. Notable features include a modern web interface with real-time feedback, detailed HTML reporting with interactive elements, and intelligent keyword generation for enhanced search accuracy, all while supporting multithreaded scanning for optimized performance. This tool significantly aids security professionals in identifying vulnerabilities across various platforms and frameworks.

SILENTTRINITY

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SILENTTRINITY is a modern, asynchronous, multiplayer command and control (C2) and post-exploitation framework designed for flexibility and stealth, utilizing Python 3 and the .NET Dynamic Language Runtime. It offers features such as real-time updates via Websockets, ECDHE encrypted communications, and a fully modular architecture allowing operators to customize their C2 channels and modules. The framework leverages embedded third-party .NET scripting languages for dynamic task evaluation, enhancing usability and providing capabilities akin to PowerShell without its direct use.

Silver

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Silver is a mass vulnerability scanner that integrates with masscan and nmap to provide rapid, comprehensive TCP port scanning and vulnerability assessment. Notable features include resumable scanning, multi-core utilization, caching of vulnerability data, and integration with Shodan, allowing for efficient parallel processing and streamlined notifications through Slack. Its support for various input formats and customizable scanning options enhances its usability for security assessments across different environments.

README

Silver

Mass Vulnerability Scanner

spectre-attack

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Spectre Attack Example repository demonstrates an exploit based on the Spectre vulnerability (CVE-2017-5753 and CVE-2017-5715), which allows attackers to read sensitive information from memory by exploiting speculative execution. The tool constructs a scenario where out-of-bounds memory reads can leak data via cache timing attacks, highlighting how seemingly safe coding practices can inadvertently increase vulnerability. Notable features include the ability to test system vulnerability, read specified memory addresses, and compile with both GCC and Visual Studio.

sqlmap

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: sqlmap is an open-source penetration testing tool designed for automating the detection and exploitation of SQL injection vulnerabilities in web applications. It features a robust detection engine with capabilities such as database fingerprinting, data extraction, file system access, and command execution through out-of-band connections, making it a comprehensive tool for security professionals. The tool is compatible with Python 2.7 and 3.x, ensuring broad platform support.

README

sqlmap

stunner

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Stunner is a specialized tool designed for testing and exploiting STUN and TURN servers, particularly in the context of videoconferencing and audio chat applications utilizing the TURN protocol. Its primary use case involves identifying misconfigurations in TURN servers, enabling users to establish a SOCKS proxy that routes traffic through these servers into internal networks. Notable features include the ability to enumerate accessible IP addresses, perform detailed server information queries, and set up a local SOCKS server for traffic relaying.

SUDO_KILLER

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: SUDO_KILLER is a cybersecurity tool designed for professionals such as pentesters and security auditors, focusing on privilege escalation vulnerabilities in Linux systems related to SUDO configuration and usage. It manually identifies issues such as misconfigurations, risky binaries, and version-based vulnerabilities (CVEs), enabling users to exploit these weaknesses for gaining root-level privileges. The tool provides a detailed checklist of potential local exploits and requires users to perform the exploitation process manually, ensuring a controlled approach to privilege escalation testing.

TegraRcmGUI

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: TegraRcmGUI is a Windows-based graphical user interface that facilitates the injection of payloads into Nintendo Switch consoles utilizing the Fusée Gelée exploit for RCM mode. Key features include the ability to manage favorites, run Linux on the Switch, mount the device as USB mass storage, and dump BIS keys for eMMC content decryption. The tool also offers conveniences such as auto-injection options, minimizing to the system tray, and automatic startup with Windows.

Terrapin-Scanner

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Terrapin Vulnerability Scanner is a Go-based utility designed to assess the vulnerability of SSH clients and servers against the Terrapin Attack. It utilizes a single connection to retrieve supported algorithms without initiating a full SSH key exchange, allowing it to identify potential vulnerabilities and support for known countermeasures like strict key exchange. Notable features include JSON output for results, support for various operating systems via pre-compiled binaries and Docker, and ease of building from source.

THC-Archive

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: THC-Archive is a repository that consolidates all releases from The Hacker’s Choice, a prominent security research group. This collection serves as a backup for their work, ensuring that projects are preserved despite the lack of a full web server. Notable active projects include THC-Hydra, THC-IPv6, and utilities aimed at various hacking and security tasks.

README

THC-Archive

All releases of the security research group (a.k.a. hackers) The Hacker’s Choice

TIDoS-Framework

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: TIDoS is an advanced offensive web application penetration testing framework designed to facilitate comprehensive security assessments by automating tasks across multiple phases, including reconnaissance, scanning, and vulnerability analysis. With over 100 modules and features such as multiprocessing for performance enhancement, a Metasploit-like console interface, and a graphical user interface, TIDoS streamlines the penetration testing process, enabling users to conduct efficient and thorough web application security assessments with minimal configuration. Additional capabilities like Tor integration further enhance anonymity during testing efforts.

TOP

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: TOP is a vulnerability cataloging tool designed for bug bounty hunters and penetration testers, focusing on proof-of-concept (PoC) exploits for various Common Vulnerabilities and Exposures (CVEs) from recent years. It compiles a list of notable CVEs along with their respective exploits and corresponding GitHub repositories, thereby facilitating ease of access and research for security professionals. Key features include organized yearly summaries of significant vulnerabilities, making it an essential resource for monitoring and exploiting security weaknesses.

top25-parameter

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The “top25-parameter” repository provides a curated list of the 25 most commonly vulnerable parameters associated with various web security vulnerabilities, including Cross-Site Scripting (XSS), SQL Injection (SQLi), and Server-Side Request Forgery (SSRF). It is intended for use in both manual reconnaissance and automation tools, supported by data sourced from OSINT and articles in the cybersecurity community. Notable features include organized parameters for different vulnerabilities, aiding security researchers and practitioners in identifying and mitigating risks effectively.

traitor

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Traitor is a privilege escalation tool designed to automatically exploit local vulnerabilities and misconfigurations in Unix-like systems to achieve a root shell. It incorporates various methods from GTFOBins and specific CVEs, allowing users to discover potential exploits with options to directly attempt them if necessary. Notable features include the ability to analyze sudo permissions, the option to exploit specific vulnerabilities, and support for various privilege escalation vectors.

README

Traitor

Automatically exploit low-hanging fruit to pop a root shell. Linux privilege escalation made easy!

trivy-operator

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The Trivy Operator is a Kubernetes-native security toolkit that utilizes Trivy to perform continuous security scans of Kubernetes clusters. It automatically generates and updates comprehensive security reports, including vulnerability assessments, configuration audits, and compliance checks, which are accessible through the Kubernetes API. Notable features include automated scans for workloads, RBAC assessments, secret exposure detection, and generation of Software Bill of Materials (SBOM) for workloads, aiding in the identification and mitigation of potential security risks in real-time.

V3n0M-Scanner

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: V3n0M-Scanner is an offensive security framework designed for vulnerability scanning and penetration testing, offering a Python-based toolkit that operates across both Linux and Windows platforms. Notable features include advanced scanning capabilities for SQL injection, local file inclusion to remote code execution, and a Cloudflare resolver, along with extensive target lists and efficient scanning of potentially millions of IPs for known vulnerabilities. The tool is open-source and aims to provide transparency and ease of use for security professionals.

Vegile

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Vegile is a post-exploitation tool designed for maintaining stealthy backdoor/rootkit access on Linux systems. Its primary use case involves establishing persistent access to compromised hosts while enabling features such as process hiding and session unlimited capabilities in Metasploit. Notable functionalities include the ability to automatically restart hidden processes, ensuring persistent access even after termination, and support for various backdoor implementations, including those created with msfvenom.

README

Vegile - Ghost In The Shell

venom

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: VENOM is a metasploit shellcode generator and compiler that enables users to create and inject shellcode payloads in various formats such as C#, Python, Ruby, and executable formats like ELF and APK. Its primary use case lies in Red Team operations, where it assists in payload delivery through a web server and leverages automation to handle dependencies and remote connections seamlessly. Notable features include support for multiple scripting languages, integration with compilers for building executables, and functionalities similar to other popular evasion tools.

Viper

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: VIPER is an advanced red team platform designed for adversary simulation and cybersecurity assessments, providing users with essential tools and functionalities for efficient red teaming operations. Notable features include a user-friendly interface, multi-platform support across Windows, Linux, and macOS, integration of over 100 post-exploitation modules aligned with the MITRE ATT&CK framework, and a built-in LLM agent for enhanced automation and intelligent decision-making. The platform also allows for custom module development, ensuring flexibility to meet diverse operational needs.

VMkatz

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: VMkatz is a cybersecurity tool designed to extract Windows credentials and secrets directly from virtual machine memory snapshots and disk images without the need for full exfiltration. It supports various input formats, including VMware snapshots and VirtualBox saved states, allowing efficient retrieval of sensitive data such as NTLM hashes, DPAPI master keys, and Kerberos tickets directly from the hypervisor or NAS. Notably, VMkatz operates as a single static binary, requiring minimal setup and enabling rapid credential access in red team engagements.

vulhunt

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: VulHunt is a vulnerability hunting framework aimed at assisting security researchers in identifying vulnerabilities within software binaries and UEFI firmware. Built on Binarly’s BIAS, it supports large-scale vulnerability management and integrates community-developed rulepacks while offering scanning capabilities for various binary formats, including BA2 and Binary Ninja databases. Additionally, it features an MCP server for integration with AI assistants, facilitating real-time vulnerability analysis and reporting.

README

VulHunt Community Edition

VulHunt is a vulnerability hunting framework developed by Binarly’s Research team. It is designed to help security researchers and practitioners identify vulnerabilities in software binaries and UEFI firmware. VulHunt is built on top of Binarly’s Binary Analysis and Inspection System (BIAS), which provides a powerful and flexible environment for analysing and understanding binaries. VulHunt integrates with the capabilities of the Binarly Transparency Platform (BTP) to enable large-scale vulnerability management, hunting, and triage capabilities.

vulnx

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: VulnX is an intelligent bot designed for automatic shell injection that identifies vulnerabilities across various content management systems (CMS). Key features include multi-threaded vulnerability scanning, target information gathering, subdomain enumeration, and the ability to search for exploits using dorks, which streamline the injection process as opposed to manual methods. The tool supports multiple CMS platforms, enhancing its usability for security assessments and penetration testing.

README

VulnX

Vulnx 🕷️ is An Intelligent Bot Auto Shell Injector that detects vulnerabilities in multiple types of Cms

vulscan

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Vulscan is a powerful Nmap module that transforms the commonly used network scanning tool into an effective vulnerability scanner by leveraging version detection to identify potential flaws in services. It utilizes various pre-defined vulnerability databases such as VulDB and CVE, with the capability of supporting custom databases for enhanced flexibility. Notable features include automatic updates for vulnerability databases and configurable settings to optimize match priority and version detection.

w13scan

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: W13Scan is an open-source web vulnerability scanner written in Python3, capable of both active and passive scanning modes across Windows, Linux, and Mac platforms. It features a comprehensive suite of detection plugins, including XSS, SQL injection, and file leakage checks, along with customizable modules for specialized environments, ensuring high accuracy and adaptability for security professionals.

README

W13Scan

W13scan 是基于Python3的一款开源的Web漏洞发现工具,它支持主动扫描模式和被动扫描模式，能运行在Windows、Linux、Mac上。

html模板源码:w13scan-report

声明

使用W13Scan前请遵守当地法律,W13Scan仅提供给教育行为使用。

WADComs.github.io

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: WADComs is an interactive cheat sheet designed for offensive security professionals, offering a curated list of tools and their commands specifically for targeting Windows and Active Directory environments. Its primary use case is to aid security experts in executing effective penetration testing by providing quick access to essential commands. Notable features include its comprehensive tool listings and command syntaxes, all consolidated in a web-based format for ease of use.

wazuh

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Wazuh is an open-source security platform designed for threat prevention, detection, and response across various environments, including on-premises, virtualized, containerized, and cloud settings. It features an endpoint security agent that collects data for analysis by a centralized management server, fully integrated with the Elastic Stack for enhanced search and visualization of security alerts. Key capabilities include intrusion detection, log data analysis, file integrity monitoring, vulnerability detection, configuration assessment, and automated incident response, making it a comprehensive tool for maintaining security compliance and mitigating threats.

Web_Hacking

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Web Hacking is a comprehensive repository of notes focused on bug bounty hunting and penetration testing, collating various techniques for vulnerability discovery and exploitation. The tool features extensive reconnaissance and OSINT methods, a detailed list of common vulnerabilities, and bypass techniques, making it a valuable resource for security professionals seeking to enhance their skills and methodologies in web application security. Additionally, it encourages community contributions, fostering continuous improvement and updates of its content.

Web-Cache-Vulnerability-Scanner

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Web Cache Vulnerability Scanner (WCVS) is a command-line interface tool designed to identify and exploit web cache poisoning and deception vulnerabilities across various web applications. It supports multiple techniques for both attack types, features a crawler for discovering additional URLs, and can be integrated into CI/CD processes to streamline security practices. Notable functionalities include customizable request handling, JSON report generation, and the ability to route traffic through a proxy for enhanced testing versatility.

wesng

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Windows Exploit Suggester - Next Generation (WES-NG) is a vulnerability assessment tool for Windows operating systems from XP to 11, leveraging the output of the systeminfo utility to identify potential vulnerabilities and applicable exploits. The tool supports multiple methods for patch assessment and incorporates a database updated from various security sources, including the Microsoft Security Update API. Notable features include the ability to validate missing patches against Microsoft’s Update Catalog and a collector for maintaining an up-to-date vulnerability database.

windows-kernel-exploits

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: The windows-kernel-exploits repository provides a collection of exploit code snippets for various vulnerabilities in the Windows kernel, leveraging known CVEs to demonstrate potential elevation of privilege and remote code execution attacks. This tool primarily serves security researchers and penetration testers conducting vulnerability assessments on Windows operating systems. Notable features include comprehensive listings of CVEs, along with links to proof-of-concept exploits and detailed descriptions for a wide range of Windows versions.

WinPwn

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: WinPwn is a comprehensive PowerShell-based tool designed for internal penetration testing, emphasizing automation and proxy support for reconnaissance and exploitation tasks. Its notable features include modules for session management, credential dumping, local and domain reconnaissance, and privilege escalation checks, alongside the ability to operate offline and integrate well-known offensive security scripts. The tool streamlines the penetration testing process with an interactive menu for selecting various attack methods and extensive built-in reconnaissance capabilities.

WPForce

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: WPForce is a comprehensive suite of tools designed for attacking WordPress installations, primarily focusing on brute-forcing login credentials via the API. Its notable features include the ability to automatically upload interactive shells post-authentication, dump WordPress password hashes, and pivot to a meterpreter session, making it suitable for penetration testing and post-exploitation scenarios. The tool leverages multi-threading to optimize the brute-force attack process while providing options for verbose output and error debugging.

wpprobe

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: WPProbe is a rapid scanning tool designed to detect installed WordPress plugins and themes through REST API enumeration and HTML discovery, mapping them to known vulnerabilities. It supports multiple scanning modes, including stealthy, brute-force, and hybrid methods, allowing detection of over 5,000 plugins without brute-force and many more with it. The tool fetches an updated vulnerability database automatically, eliminating the need for an API key by default, while still allowing for custom configurations and output formats.

XAttacker

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: XAttacker is a comprehensive exploitation tool designed for scanning and auto-exploiting vulnerabilities in web applications, particularly those using popular Content Management Systems (CMS). It identifies the target website’s architecture, detects vulnerabilities, generates exploits, and provides the user with the relevant exploit link. Notable features include a vulnerability scanner, auto-exploiting capabilities, and support for multiple CMS platforms, along with dork search functionality across various search engines.

README

XAttacker V2.5 Tool FREE

XATTACKER A Massive Exploiting Tool capable of scanning and auto-exploiting vulnerabilities in web applications, By providing a target website to the tool, it auto detects its’ architecture if using a Content Management Service (CMS) and tries to find vulnerabilities based on the detected CMS, After finding the vulnerabilities the tool will generate an exploit for the website and send the user the link of the exploit.

xhunter

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: XHUNTER is an advanced Android Remote Access Tool (RAT) designed for penetration testing and ethical hacking purposes. It simplifies the connection process between the attacker and victim by eliminating the need for complex port forwarding, offering a user-friendly interface for controlling a victim’s Android device. Notable features include the capability to build and bind payloads to legitimate applications and an intuitive setup process for immediate usability.

README

xmir-patcher

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: XMiR-Patcher is a firmware patching tool specifically designed for Xiaomi routers, facilitating the modification of router firmware for enhanced functionality. It supports both Windows and Linux/Mac operating systems, requiring Python 3.8+ and OpenSSL for operation. Notable features include straightforward execution through batch and shell scripts, making it accessible for users across different platforms.

README

XMiR-Patcher

Firmware patcher for Xiaomi routers

Usage

Windows

Run run.bat

Linux / Mac OS

Install python 3.8+ and openssl
Run run.sh

Donations

xsser

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: XSSer is an automated framework designed for the detection, exploitation, and reporting of Cross-Site Scripting (XSS) vulnerabilities in web applications. It features over 1300 pre-installed XSS attack vectors, sophisticated techniques for bypassing various web application firewalls (WAFs) and browsers, and is capable of operating on multiple platforms with dependencies on Python and essential libraries such as Selenium and BeautifulSoup.

README

Web: https://xsser.03c8.net

Cross Site “Scripter” (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.

yakit

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: Yakit is an interactive application security testing platform that integrates the CyberSecurity Domain Specific Language (CDSL) for enhanced security operations. Its primary use case is to provide a comprehensive GUI for manipulating security testing capacities via a gRPC server, fully replacing tools like BurpSuite and offering unique features such as a visual web fuzzing tool and a plugin store for customizable security scripts. Additionally, Yakit allows non-coders to harness advanced security capabilities without programming knowledge, facilitating both local and remote deployment.

ysoserial

Mon, 30 Mar 2026 00:00:00 +0000

AI Summary: ysoserial is a proof-of-concept tool designed to generate payloads for exploiting vulnerabilities related to unsafe Java object deserialization. It includes a collection of property-oriented programming “gadget chains” for various Java libraries, allowing users to execute arbitrary commands on an application host when deserialization occurs under vulnerable conditions. Notable features include support for multiple payload types and compatibility with various Java libraries, making it a versatile tool for security researchers focusing on Java application vulnerabilities.