Lists (8)
Stars
ANTLR (ANother Tool for Language Recognition) is a powerful parser generator for reading, processing, executing, or translating structured text or binary files.
A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
Leading free and open-source face recognition system
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
HaE - Highlighter and Extractor, Empower ethical hacker for efficient operations.
SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)
Java安全相关的漏洞和技术demo,原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。
Java web common vulnerabilities and security code which is base on springboot and spring security
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
a rep for documenting my study, may be from 0 to 0.1
APIKit:Discovery, Scan and Audit APIs Toolkit All In One.
一款支持自定义的 Java 内存马生成工具|A customizable Java in-memory webshell generation tool.
domain_hunter的高级版本,SRC挖洞、HW打点之必备!自动化资产收集;快速Title获取;外部工具联动;等等
Share Things Related to Java - Java安全漫谈笔记相关内容
Shiro550/Shiro721 一键化利用工具,支持多种回显方式
A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅
项目是根据LandGrey/SpringBootVulExploit清单编写,目的hvv期间快速利用漏洞、降低漏洞利用门槛。
A simple FOFA client written in JavaFX. Made by WgpSec, Maintained by f1ashine.
BinAbsInspector: Vulnerability Scanner for Binaries
CaA - Collector and Analyzer, Insight into information, exploring with intelligence in a thousand ways.
PySonar2: a semantic indexer for Python with interprocedual type inference