📄 HTTP/2 Multi-Server HPACK Exhaustion

This code implements a multi-target HTTP/2 resource exhaustion framework designed to stress or overwhelm server implementations through protocol-level amplification techniques. It includes server-specific payload generation for multiple platforms, automated connection orchestration, stream scalin...

Data Agents under Attack: Vulnerabilities in LLM-Driven Analytical Systems

Data agents integrate LLM-driven reasoning with relational data access, executable analytical tools, and multi-step workflow orchestration, making them increasingly central to enterprise analytics. This integration introduces new security vulnerabilities across data resources, database execution,...

Exploit for CVE-2025-66478

CVE-2025-66478-Research-Proof-of-Concept Overview This re...

The Infinite Mutation Engine? Measuring Polymorphism in LLM-Generated Offensive Code

Malware authors have traditionally relied on polymorphic techniques to produce variants in the same malware family, complicating signature-based detection. Integrating generative AI into offensive toolchains enables attackers to synthesize structurally diverse payloads with identical behavior,...

Exploit for Deserialization of Untrusted Data in Facebook React

markdown Summary CVE-2025-55182 Scanner is a high-perfor...

lightweight-msf

Lightweight-MSF !License: MIThttps://img.shields.io/badge...

linux-security-tools

Linux Security Tools Linux security tools, scanners, crackers...

📄 Jinja 2 1.4.0 Tactical RMM SSTI Detection

This proof of concept script detects potential server-side template injection vulnerabilities in web applications using template engines such as Jinja. The script sends a dynamically generated mathematical expression within a template payload to a target URL parameter. If the server evaluates the...

flask_ssti_exploit

Tools for Exploiting SSTI Vulnerabilities under Flask Di...

metasploit-mcp

metasploit-mcp Metasploit Framework MCP server for exploit ex...

KOREX

⚡ KOREX FRAMEWORK ⚡ Advanced Security Operations Framework "Kore...

yandex_station_2_exploit

Загрузчик неподписанного кода для Yandex Station 2 Yandex Max...

Exploit for Deserialization of Untrusted Data in Fortra Goanywhere_Managed_File_Transfer

Structure du projet cve-2023-0669-simulation/ ├── docker-comp...

BloodFang

🩸 BloodFang !Versionhttps://img.shields.io/badge/version-1...

webVuln-scanner

WebVuln Scanner An advanced web vulnerability scanner with cu...

Exploit for CVE-2025-12907

Chrome DevTools RCE Exploit CVE-2025-12907 Overview This...

Exploit for Injection in Google Android

EXPLOITER: Automated Exploit for CVE-2024-0044 EXPLOITER...

pentest-automation-suite

Penetration Testing Automation Tools 🔴 Automated Penetratio...

AutoPayloadGen

AutoPayloadGen bash How to execute python3 launch.py...

sqlmap-ctt

sqlmap-CTT ========== sqlmap-CTT is an advanced SQL injection t...