Ghidra is a software reverse engineering (SRE) framework

Alibaba Java Diagnostic Tool Arthas/Alibaba Java诊断利器Arthas

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

The modern Java bytecode editor

An extensible multilanguage static code analyzer.

This is a tool to repackage apk file, then the apk can load any xposed modules installed in the device. It is another way to hook an app without root device.

Java安全相关的漏洞和技术demo，原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。

An NFC research toolkit application for Android

Burp suite 分块传输辅助插件

Share Things Related to Java - Java安全漫谈笔记相关内容

A cross-platform GUI and CLI app for automatically saving SHSH blobs

Android Virtual Keyboard Input via ADB (Useful for Test Automation)

An easy-to-learn/use static analysis framework for Java

TCP/UDP Non-HTTP Proxy Extension (NoPE) for Burp Suite.

Tai-e assignments for static program analysis

burp验证码识别接口调用插件

Vulnerability scanner based on vulners.com search API

从wooyun中提取的payload，以及burp插件

A new version of Soot with a completely overhauled architecture

ActiveScan++ Burp Suite Plugin

A modern GUI for FutureRestore, with added features to make the process easier.

xAST评价体系，让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".

Dump classes from running JVM process.

Library to read, write, analyze, and process java bytecode

A Java bytecode obfuscator

CVE-2022-39197 漏洞补丁. CVE-2022-39197 Vulnerability Patch.

IFDS/IDE Solver for Soot and other frameworks

A JSP backdoor that enables under Tomcat hiding arbitrary JSP files, in addition to their access logs.

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.