This project is for defensive repository review, triage, and safe replay of already-public fixes.
- maintainer-grade code review
- static triage
- seeded canary verification
- replay of already-public advisories or fix commits
- exploit generation
- payload construction
- shellcode
- weaponization
- autonomous discovery or disclosure of unpublished vulnerabilities
Do not use this repository to disclose a new vulnerability.
If you discover a real issue in a target project, report it privately to that project using its published security reporting process.