Copy Fail (CVE-2026-31431): 9-year-old Linux kernel LPE found by Theori's Xint Code

Subdomain takeover vulnerability checker

🦄 A curated list of the awesome resources about the Vulnerability Research

Open-source vulnerability disclosure and bug bounty program database

Historical Windows temporal memory-state research artifact for studying time-bound memory observations, validation limits, and defensive visibility.

Proof-of-Concept exploits for CVEs found by the team at Rhino Security Labs

HTTP Request Smuggling over HTTP/2 Cleartext (h2c)

Hacker, ready for more of our story ! 🚀

StackPrism是一款用于检测网页技术栈的浏览器插件。

Fuzz Introspector -- introspect, extend and optimise fuzzers

KeyForge3D is an app that turns a photo of a key into a 3D-printable STL file. Ideal for locksmiths and hobbyists, it analyzes the key's bitting pattern using image processing and generates an accurate 3D model for quick replication.

Cross-platform C port of the Copy Fail Linux LPE (CVE-2026-31431). Disclosed 2026-04-29 by Theori / Xint.

large hashcat rulesets generated from real-world compromised passwords

Open-source Claude Code skills, agents, and slash commands for AI-powered penetration testing, bug bounty hunting, and security research

Hardware hacker’s flying probe automation stack for agent-driven target discovery, microscope mapping, safety-monitored CNC motion, probe review, and controlled pin probing.

📡🐧 Linux kernel syscall implementation tracker

Collection of extracted Microsoft Defender data for security research purposes

tool designed for identifying vulnerabilities in open source codebases at scale. It can gather and filter on key repository metrics such as popularity and project size

Jaws is an invisible programming language! Inject invisible code into other languages and files! Created for security research -- see blog post

🌐🐧 Browsable Linux kernel syscall tables built with Systrack (https://github.com/mebeim/systrack)