Skip to content
View laxa's full-sized avatar
150 followers · 50 following

Achievements

Achievement: Arctic Code Vault ContributorAchievement: Starstruckx2Achievement: Pull Sharkx2

Achievements

Achievement: Arctic Code Vault ContributorAchievement: Starstruckx2Achievement: Pull Sharkx2

Organizations

@DDRace

Block or report laxa

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Stars

32 stars written in Java
Clear filter

NationalSecurityAgency / ghidra

Ghidra is a software reverse engineering (SRE) framework

Java 67,158 7,390 Updated Apr 13, 2026

frohoff / ysoserial

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

Java 8,842 1,853 Updated Dec 4, 2025

google / tsunami-security-scanner

Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.

Java 8,561 917 Updated Apr 9, 2026

dependency-check / DependencyCheck

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

Java 7,494 1,399 Updated Apr 13, 2026

Col-E / Recaf

The modern Java bytecode editor

Java 7,106 518 Updated Apr 1, 2026

oracle / opengrok

OpenGrok is a fast and usable source code search and cross reference engine, written in Java

Java 4,793 807 Updated Apr 6, 2026

mbechler / marshalsec

Java 3,670 681 Updated Jan 9, 2025

patrickfav / uber-apk-signer

A cli tool that helps signing and zip aligning single or multiple Android application packages (APKs) with either debug or provided release certificates. It supports v1, v2 and v3 Android signing s…

Java 2,564 251 Updated Oct 30, 2023

chrisk44 / Hijacker

Aircrack, Airodump, Aireplay, MDK3 and Reaver GUI Application for Android

Java 2,522 448 Updated Aug 26, 2020

irsdl / IIS-ShortName-Scanner

latest version of scanners for IIS short filename (8.3) disclosure vulnerability

Java 1,651 270 Updated Sep 3, 2023

d3vilbug / HackBar

HackBar plugin for Burpsuite

Java 1,618 258 Updated Apr 15, 2021

PortSwigger / param-miner

Java 1,420 178 Updated Mar 17, 2026

PortSwigger / http-request-smuggler

Java 1,198 126 Updated Jan 21, 2026

christophetd / log4shell-vulnerable-app

Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228).

Java 1,141 553 Updated Apr 26, 2024

JackOfMostTrades / gadgetinspector

A byte code analyzer for finding deserialization gadget chains in Java applications

Java 1,079 228 Updated Jun 15, 2021

veracode-research / rogue-jndi

A malicious LDAP server for JNDI injection attacks

Java 1,079 228 Updated Sep 28, 2023

pimps / JNDI-Exploit-Kit

Forked from welk1n/JNDI-Injection-Exploit

JNDI-Exploitation-Kit(A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP Server, RMI Server and LDAP Server to exploit java web apps v…

Java 936 173 Updated Sep 2, 2025

qtc-de / remote-method-guesser

Java RMI Vulnerability Scanner

Java 918 108 Updated Jul 3, 2024

cckuailong / JNDI-Injection-Exploit-Plus

80+ Gadgets(30 More than ysoserial). JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and provide background services by starting RMI server,LDAP server and HTTP server.

Java 874 112 Updated Jun 24, 2024

NickstaDB / BaRMIe

Java RMI enumeration and attack tool.

Java 742 99 Updated Sep 28, 2017

nccgroup / BurpSuiteHTTPSmuggler

A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques

Java 740 107 Updated May 4, 2019

albinowax / ActiveScanPlusPlus

ActiveScan++ Burp Suite Plugin

Java 662 203 Updated Dec 16, 2025

BishopFox / GadgetProbe

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

Java 612 97 Updated Mar 4, 2021

eclipse-steady / steady

Analyses your Java applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy. https://ecl…

Java 542 124 Updated Dec 4, 2023

qtc-de / beanshooter

JMX enumeration and attacking tool.

Java 500 54 Updated Jun 26, 2025

BishopFox / rmiscout

RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities

Java 448 60 Updated Sep 7, 2022

horrorho / InflatableDonkey

iOS9+ iCloud backup retrieval proof of concept

Java 269 87 Updated Nov 16, 2022

pwntester / DupeKeyInjector

DupeKeyInjector

Java 134 26 Updated Apr 16, 2022

PortSwigger / json-web-token-attacker

Forked from RUB-NDS/JOSEPH
Java 108 15 Updated Feb 4, 2022

957204459 / ysoserial-1

此项目为su18大佬的仓库镜像,如有问题可发issuse删库

Java 86 203 Updated May 4, 2023
Next