Skip to content

@ZeroPathAI ZeroPath

Change the repository type filter

All

    Repositories list

    39 repositories

    • spinnaker-poc

      Public
      POCs for CVE-2026-32604 and CVE-2026-32613 which allow post-auth RCE and credential theft in Spinnaker
      Python
      0000Updated Apr 21, 2026Apr 21, 2026

    • juice-shop

      Public
      OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
      TypeScript
      MIT License
      18k000Updated Apr 21, 2026Apr 21, 2026

    • scademorepo

      Public
      Python
      1000Updated Apr 9, 2026Apr 9, 2026

    • ragflow-poc

      Public
      POC for Unpatched Post-Auth RCE in Ragflow 0.24.0
      Python
      0000Updated Apr 9, 2026Apr 9, 2026

    • opus-benchmark

      Public
      Code for our opus 4.6 vulnerability detection benchmark
      Python
      1200Updated Apr 6, 2026Apr 6, 2026

    • payroll-demo-2

      Public
      Python
      7002Updated Apr 4, 2026Apr 4, 2026

    • secDevLabs

      Public
      A laboratory for learning secure web and mobile development in a practical manner.
      PHP
      BSD 3-Clause "New" or "Revised" License
      4610011Updated Mar 29, 2026Mar 29, 2026

    • zeropath-mcp-server

      Public
      Open-source MCP server for querying ZeroPath security issues, patches, and scans using Claude, Cursor, Windsurf, or any AI assistant.
      securityappsecsecurity-automation
      securityappsecsecurity-automationdevsecopsmcp-server
      Python
      MIT License
      5912Updated Mar 24, 2026Mar 24, 2026

    • Piwigo-PR-scan-clone

      Public
      Manage your photos with Piwigo, a full featured open source photo gallery application for the web. Star us on Github! More than 200 plugins and themes available…
      PHP
      GNU General Public License v2.0
      482002Updated Mar 23, 2026Mar 23, 2026

    • public-pocs

      Public
      Public POCs, primarily for ZeroPath-discovered vulnerabilities
      Python
      MIT License
      0100Updated Mar 18, 2026Mar 18, 2026

    • validation-benchmarks

      Public
      XBOW Validation Benchmarks -- Forked by ZeroPath
      PHP
      Apache License 2.0
      1741201Updated Mar 16, 2026Mar 16, 2026

    • damn-vulnerable-nginx-hard

      Public
      Nginx with some special extra functionality
      C
      BSD 2-Clause "Simplified" License
      0000Updated Mar 16, 2026Mar 16, 2026

    • OpenErrata

      Public
      Crowdsourced, inline LLM investigations of the things you're reading.
      TypeScript
      GNU Affero General Public License v3.0
      14010Updated Mar 6, 2026Mar 6, 2026

    • zeropath-ctf

      Public
      Learn to build exploits against real world CVEs
      C
      Apache License 2.0
      12900Updated Mar 3, 2026Mar 3, 2026

    • zeropath-cli

      Public
      ZeroPath CLI Releases
      securityvulnerabilitiesappsec
      securityvulnerabilitiesappsecsecurity-toolszeropath
      2600Updated Feb 20, 2026Feb 20, 2026

    • demorepo-dev

      Public
      Python
      14005Updated Feb 20, 2026Feb 20, 2026

    • InvenTree

      Public
      Open Source Inventory Management System
      Python
      MIT License
      1.3k002Updated Feb 12, 2026Feb 12, 2026

    • clawdbot-stealer-poc

      Public
      POC: Malicious website for stealing session tokens by abusing clawdbot
      HTML
      MIT License
      1400Updated Feb 2, 2026Feb 2, 2026

    • demorepo1-php

      Public
      PHP
      1005Updated Feb 2, 2026Feb 2, 2026

    • backstage-plugin

      Public
      TypeScript
      Apache License 2.0
      0000Updated Dec 17, 2025Dec 17, 2025

    • backstage-soundcheck

      Public
      ZeroPath fact collector for Backstage Soundcheck.
      TypeScript
      0000Updated Dec 17, 2025Dec 17, 2025

    • broker

      Public
      ZeroPath Broker
      Shell
      0000Updated Dec 12, 2025Dec 12, 2025

    • zeropath-vscode-plugin

      Public
      TypeScript
      MIT License
      0000Updated Oct 7, 2025Oct 7, 2025

    • juice-shop-demo

      Public
      OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
      TypeScript
      MIT License
      18k001.6kUpdated Aug 14, 2025Aug 14, 2025

    • prompt_injection_demo

      Public
      Python
      0000Updated Jul 17, 2025Jul 17, 2025

    • secDevLabs-demo

      Public
      A laboratory for learning secure web and mobile development in a practical manner.
      PHP
      BSD 3-Clause "New" or "Revised" License
      461008Updated Jul 7, 2025Jul 7, 2025

    • juice-shop-forked

      Public
      OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
      TypeScript
      MIT License
      18k000Updated Feb 2, 2025Feb 2, 2025

    • secDevLabs1

      Public
      A laboratory for learning secure web and mobile development in a practical manner.
      PHP
      BSD 3-Clause "New" or "Revised" License
      461003Updated Feb 1, 2025Feb 1, 2025

    • HelloShiftLeft-Scala

      Public
      Scala
      41001Updated Dec 23, 2024Dec 23, 2024

    • Simple-Web-Server-cpp

      Public
      A very simple, fast, multithreaded, platform independent HTTP and HTTPS server and client library implemented using C++11 and Boost.Asio. Created to be an easy …
      C++
      MIT License
      767000Updated Dec 23, 2024Dec 23, 2024
    ProTip! When viewing an organization's repositories, you can use the props. filter to filter by custom property.