《Hello 算法》：动画图解、一键运行的数据结构与算法教程。支持简中、繁中、English、日本語，提供 Python, Java, C++, C, C#, JS, Go, Swift, Rust, Ruby, Kotlin, TS, Dart 等代码实现

Dex to Java decompiler

😱 从源码层面，剖析挖掘互联网行业主流技术的底层实现原理，为广大开发者 “提升技术深度” 提供便利。目前开放 Spring 全家桶，Mybatis、Netty、Dubbo 框架，及 Redis、Tomcat 中间件等

Ip2region is an offline IP address manager framework and locator with both IPv4 and IPv6 supported, supporting billions of data segments, ten microsecond searching performance, xdb search client fo…

A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)

新一代爬虫平台，以图形化方式定义爬虫流程，不写代码即可完成爬虫。

Continuous Inspection

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

The modern Java bytecode editor

Runtime code generation for the Java virtual machine.

SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

BTrace - a safe, dynamic tracing tool for the Java platform

An Open Source Java Decompiler Gui for Procyon

Java bytecode engineering toolkit

HaE - Highlighter and Extractor, Empower ethical hacker for efficient operations.

🌿 基于springboot的快速学习示例,整合自己遇到的开源框架,如：rabbitmq(延迟队列)、Kafka、jpa、redies、oauth2、swagger、jsp、docker、k3s、k3d、k8s、mybatis加解密插件、异常处理、日志输出、多模块开发、多环境打包、缓存cache、爬虫、jwt、GraphQL、dubbo、zookeeper和Async等等📌

Java web common vulnerabilities and security code which is base on springboot and spring security

A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities and enables running traffic-based analysis of any type.

一款支持自定义的 Java 内存马生成工具｜A customizable Java in-memory webshell generation tool.

Jar Analyzer - 一个 JAR 包 GUI 分析工具，方法调用关系搜索，方法调用链 DFS 算法分析，模拟 JVM 的污点分析验证 DFS 结果，字符串搜索，Java Web 组件入口分析，CFG 程序分析，JVM 栈帧分析，自定义表达式搜索，紧跟 AI 技术发展，支持 MCP 调用，支持 n8n 工作流，文档：https://docs.qq.com/doc/DV3pKbG9GS…

A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅

captcha-killer的修改版，支持关键词识别base64编码的图片，添加免费ocr库，用于验证码爆破，适配新版Burpsuite

Burp extension to evade TLS fingerprinting. Bypass WAF, spoof any browser.

Use Log4Shell vulnerability to vaccinate a victim server against Log4Shell

Open Adversarial Exposure Validation Platform

WebSocket 内存马/Webshell，一种新型内存马/WebShell技术

Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势

月光宝盒：无侵入的流量录制与回放平台 A server-side traffic capture and replay platform with noninvasive

A helpful Java Deserialization exploit framework.

一款基于BurpSuite的被动式FastJson检测插件