Lists (1)
Stars
Free universal database tool and SQL client
APM, Application Performance Monitoring System
A simple app to use Xposed without root, unlock the bootloader or modify system image, etc.
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.
💸 WeChat's lucky money helper (微信抢红包插件) by Zhongyi Tong. An Android app that helps you snatch red packets in WeChat groups.
SpringBoot 相关漏洞学习资料,利用方法和技巧合集,黑盒安全评估 check list
BTrace - a safe, dynamic tracing tool for the Java platform
lanproxy是一个将局域网个人电脑、服务器代理到公网的内网穿透工具,支持tcp流量转发,可支持任何tcp上层协议(访问内网网站、本地支付接口调试、ssh访问、远程桌面、http代理、https代理、socks5代理...)。技术交流QQ群 736294209
SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
☕ 30 seconds to collect useful Java 8 snippet.
基于SpringMVC、Mybatis、Redis、Freemarker的Shiro管理Demo源码的升级版。
TCP/UDP Non-HTTP Proxy Extension (NoPE) for Burp Suite.
Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)
Finds unknown classes of injection vulnerabilities
a webshell resides in the memory of java web server
J2EEScan is a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tests on J2EE applications.
REST/JSON API to the Burp Suite security tool.
Sample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).
WS-Attacker is a modular framework for web services penetration testing. It is developed by the Chair of Network and Data Security, Ruhr University Bochum (https://nds.rub.de/ ) and the Hackmanit G…
fastjson remote code execute poc 直接用intellij IDEA打开即可 首先编译得到Test.class,然后运行Poc.java