Java 学习&面试指南（Go、Python 后端面试通用,计算机基础面试总结）。准备后端技术面试，首选 JavaGuide！

A standalone Java Decompiler GUI

Tools to work with android .dex and java .class files

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

『Java八股文』Java面试套路，Java进阶学习，打破内卷拿大厂Offer，升职加薪！

SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

BTrace - a safe, dynamic tracing tool for the Java platform

An xposed module that disables SSL certificate checking for the purposes of auditing an app with cert pinning

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

😉 Pretty nice Zookeeper GUI, Support Win / Mac / Linux Platform

Java安全相关的漏洞和技术demo，原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。

Java web common vulnerabilities and security code which is base on springboot and spring security

红蓝对抗以及护网相关工具和资料，内存shellcode（cs+msf）和内存马查杀工具

More than 2.7 million lines of code modification continuously iterated for 9 years to modernize java cms, easily supporting tens of millions of data, tens of millions of PV; Support static, server …

Jar Analyzer - 一个 JAR 包 GUI 分析工具，方法调用关系搜索，方法调用链 DFS 算法分析，模拟 JVM 的污点分析验证 DFS 结果，字符串搜索，Java Web 组件入口分析，CFG 程序分析，JVM 栈帧分析，自定义表达式搜索，支持 MCP 调用，文档：https://docs.qq.com/doc/DV3pKbG9GS0pJS0tk

captcha-killer的修改版，支持关键词识别base64编码的图片，添加免费ocr库，用于验证码爆破，适配新版Burpsuite

An easy-to-learn/use static analysis framework for Java

☕️ Java Security，安全编码和代码审计

BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件

A CAT called tabby ( Code Analysis Tool )

WebSocket 内存马/Webshell，一种新型内存马/WebShell技术

CNCF Sandbox project: A Cloud-Native Proxyless Service Mesh based on Java Bytecode Enhancement Technology

Web漏洞扫描工具XRAY的GUI启动器

Mirror of the IntelliJ SDK Docs Code Samples

A byte code analyzer for finding deserialization gadget chains in Java applications

IDEA静态代码安全审计及漏洞一键修复插件

关于学习java安全的一些知识,正在学习中ing,欢迎fork and star

OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST),…

A new version of Soot with a completely overhauled architecture