Repository navigation
zero-day
- Website
- Wikipedia
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
Nginx 18.1 04/09/22 zero-day repo
Curating Falco rules with MITRE ATT&CK Matrix
Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis
Latest ios RCE Vulnerability disclosed by Google Security Researcher
Red-team tool to hook libc read syscall with a buffer overflow vulnerability.
CVE-2024-52940 - A zero-day vulnerability in AnyDesk's "Allow Direct Connections" feature, discovered and registered by Ebrahim Shafiei (EbraSha), exposing public and private IP addresses. For details, visit the NVD, Tenable, or MITRE pages.
C++ malware specifically built to extract Discord authentication tokens and personally identifying information.
How to develop your own zero day vulnerabilities for iOS
Advanced WinRAR Path Traversal Exploit Tool for CVE-2025-8088
"Otax", a popularized shitty discord zero-day exploit. A bullshit writeup on it was released by a larper called HellSec.
A python based exploit to test out rapid reset attack (CVE-2023-44487)
Apache HugeGraph Server Unauthenticated RCE - CVE-2024-27348 Proof of concept Exploit
📜 This script uses steganography and a Discord client vulnerability in order to run javascript on all computers viewing a certain image within Discord.
This tool will help you to find CVEs, exploits, or possible 0-Days for a specific technology.
CVE-2025-31200 is a zero-day, zero-click RCE in iOS CoreAudio’s AudioConverterService, triggered by a malicious audio file via iMessage/SMS. Exploitation bypassed Blastdoor, enabled kernel escalation (CVE-2025-31201), and allowed token theft until patched in iOS 18.4.1 (Apr 16, 2025).
Blocking smartscreen, security center, forensic processes and 3rd party security applications on Windows Operating Systems