ParamStriker

ParamStriker Offline JSON & Query Parameter Exploit Frame...

guided-pentest-infra

No d...

eCPPT-Penetration-Testing-Reports

eCPPT Penetration Testing Reports Penetration testing lab rep...

📄 MCPJam Inspector 1.4.2 Command Injection

This is an advanced Python proof of concept for CVE-2026-23744 demonstrating command injection through a vulnerable MCP API endpoint, leading to remote code execution and reverse shell access. The script supports multiple payload types, endpoint discovery, listener management, and several...

Exploit for Path Traversal in Grafana

CVE-2021-43798 - Grafana Arbitrary File Read Python toolkit f...

Exploit for Missing Authentication for Critical Function in Mcpjam Inspector

CVE-2026-23744 - MCPJam Inspector RCE PoC Proof of Concept ex...

network-pentest-metasploitable2

Network / System Penetration Test — Metasploitable 2 !Type...

web-enumerator

🔍 Web Enumeration & Attack Testing Tool A professional‑grade...

Malicious code in @redhat-cloud-services/frontend-components-testing (npm)

Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...

FortiClient EMS 7.4.6 Detection Scanner

FortiClient EMS CVE-2026-35616 Detection Scanner is a non-destructive security assessment module designed to identify whether Fortinet hotfix protections for CVE-2026-35616 are properly applied on FortiClient EMS servers. The scanner performs safe behavioral validation by comparing server respons...

MAL-2026-5128 Malicious code in @redhat-cloud-services/frontend-components-testing (npm)

Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...

Exploit for Improper Input Validation in Paloaltonetworks Pan-Os

CVE-2024-3400 This program was improved upon to include a safe...

Exploit for CVE-2025-66478

CVE-2025-66478-Research-Proof-of-Concept Overview This re...

Exploit for CVE-2026-22557

CVE-2026-22557 Vulnerability Assessment Tool Safely detect wh...

Exploit for CVE-2026-8832

EXPLOIT CVE-2026-8832 !Bannerhttps://img.shields.io/badge/...

EUVD-2026-32965

CodeWhale is a DeepSeek + MiMo coding agent in terminal. From 0.3.0 to 0.8.23, the runtests tool executes cargo test in the workspace with ApprovalRequirement::Auto, meaning it runs without any user approval prompt. cargo test compiles and executes arbitrary code: test binaries, build.rs build...

project_hydra

Project HYDRA Automated vulnerability discovery & exploitat...

SUSE CVE-2026-46088

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Validate buflen before strnlen in sndctleleminitenumnames sndctleleminitenumnames advances pointer p through the names buffer while decrementing buflen. If buflen reaches zero but items remain, the next iteration...

ModuScan

| / | | | /...

wingman

/|\ / | ...