Initial Access Intelligence
The "Initial Access Intelligence" module is a vital tool for cybersecurity, designed to scan GitHub repositories for the latest exploit and proof-of-concept codes for new vulnerabilities. It provides users with crucial updates on potential security threats, enabling proactive defense measures. This module helps close the gap between vulnerability discovery and patching, significantly enhancing system security.
-
Dec. 18, 2025, 2:22 p.m.
PoC & Write-up for CVE-2025-68434: Critical CSRF in OpenSourcePOS. Exploits a disabled filter configuration to allow unauthenticated attackers to silently create rogue Administrator accounts, leading to full system takeover. Validated on versions < 3.4.0.
Updated: 2 months, 3 weeks ago1 stars 1 fork 1 watcherBorn at : Dec. 17, 2025, 5:37 p.m. This repo has been linked 2 different CVEs too. -
Dec. 18, 2025, 3:52 p.m.
PoC repository for CVE-2025-68147: Stored Cross-Site Scripting (XSS) in OpenSourcePOS. Vulnerability allows privilege escalation via malicious JavaScript injection in the Store Config module. Includes payload details and patch verification (v3.4.0). Security Researcher: Aditya Singh (Nixon-H).
Updated: 2 months, 3 weeks ago1 stars 1 fork 1 watcherBorn at : Dec. 17, 2025, 5:30 p.m. This repo has been linked 1 different CVEs too. -
Dec. 17, 2025, 5:40 p.m.
CVE's
Updated: 2 months, 3 weeks ago0 stars 0 fork 0 watcherBorn at : Dec. 17, 2025, 5:15 p.m. This repo has been linked 8 different CVEs too. -
Feb. 3, 2026, 11:05 a.m.
An application to extract the vulnerabilities detected by a Sonatype Nexus IQ server.
geneva geneve nexus nexus-iq splunk
Java
Updated: 1 month, 1 week ago0 stars 0 fork 0 watcherBorn at : Dec. 17, 2025, 4:17 p.m. This repo has been linked 1 different CVEs too. -
Jan. 25, 2026, 1:32 p.m.
None
PHP HTML CSS PLpgSQL JavaScript Smarty Python Go Template Dockerfile Hack
Updated: 1 month, 2 weeks ago0 stars 0 fork 0 watcherBorn at : Dec. 17, 2025, 4:04 p.m. This repo has been linked 1 different CVEs too. -
Dec. 17, 2025, 3:56 p.m.
None
JavaScript TypeScript CSS
Updated: 2 months, 3 weeks ago0 stars 0 fork 0 watcherBorn at : Dec. 17, 2025, 3:55 p.m. This repo has been linked 2 different CVEs too. -
Dec. 17, 2025, 3:59 p.m.
proof-of-concept mass scanner targeting JetBrains TeamCity instances affected by CVE-2024-27198
Python
Updated: 2 months, 3 weeks ago0 stars 0 fork 0 watcherBorn at : Dec. 17, 2025, 3:54 p.m. This repo has been linked 2 different CVEs too. -
Dec. 20, 2025, 3:40 a.m.
PoC for CVE-2025-65945 (Improper Verification of Cryptographic Signature in node-jws)
auth0 bypass exploit jws jwt poc cve-2025-65945
JavaScript
Updated: 2 months, 2 weeks ago4 stars 1 fork 1 watcherBorn at : Dec. 17, 2025, 3:52 p.m. This repo has been linked 1 different CVEs too. -
Dec. 20, 2025, 10:59 a.m.
Xiongmai XM530 IP Camera ONVIF Complete Authentication Bypass
Updated: 2 months, 2 weeks ago0 stars 0 fork 0 watcherBorn at : Dec. 17, 2025, 3:41 p.m. This repo has been linked 5 different CVEs too. -
Dec. 20, 2025, 11:03 a.m.
Xiongmai XM530 IP Camera Hardcoded RTSP Credentials Exposure
Updated: 2 months, 2 weeks ago0 stars 0 fork 0 watcherBorn at : Dec. 17, 2025, 3:40 p.m. This repo has been linked 6 different CVEs too.
