KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

Public open-source code of malware Stuxnet (aka MyRTUs).

Nginx 18.1 04/09/22 zero-day repo

Curating Falco rules with MITRE ATT&CK Matrix

Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis

CVE-2025-31200 is a zero-day, zero-click RCE in iOS CoreAudio’s AudioConverterService, triggered by a malicious audio file via iMessage/SMS. Exploitation bypassed Blastdoor, enabled kernel escalation (CVE-2025-31201), and allowed token theft until patched in iOS 18.4.1 (Apr 16, 2025).

Latest ios RCE Vulnerability disclosed by Google Security Researcher

Discord client zero-click RCE

Red-team tool to hook libc read syscall with a buffer overflow vulnerability.

CVE-2024-52940 - A zero-day vulnerability in AnyDesk's "Allow Direct Connections" feature, discovered and registered by Ebrahim Shafiei (EbraSha), exposing public and private IP addresses. For details, visit the NVD, Tenable, or MITRE pages.

C++ malware specifically built to extract Discord authentication tokens and personally identifying information.

How to develop your own zero day vulnerabilities for iOS

Advanced WinRAR Path Traversal Exploit Tool for CVE-2025-8088

Log4Shell Zero-Day Exploit Proof of Concept

"Otax", a popularized shitty discord zero-day exploit. A bullshit writeup on it was released by a larper called HellSec.

A python based exploit to test out rapid reset attack (CVE-2023-44487)

Apache HugeGraph Server Unauthenticated RCE - CVE-2024-27348 Proof of concept Exploit

Detection for CVE-2025-61882

📜 This script uses steganography and a Discord client vulnerability in order to run javascript on all computers viewing a certain image within Discord.

This tool will help you to find CVEs, exploits, or possible 0-Days for a specific technology.