Cryin / JavaID
java source code static code analysis and danger function identify prog
☆532Updated 6 years ago
Alternatives and similar repositories for JavaID:
Users that are interested in JavaID are comparing it to the libraries listed below
- 一个利用ASM对字节码进行污点传播分析的静态代码审计应用(添加 了大量代码注释,适合大家进行源码学习)。也加入了挖掘Fastjson反序列化gadget chains和SQLInject(JdbcTemplate、MyBatis、JPA、Hibernate、原生jdbc等)静…☆446Updated 3 years ago
- ☆803Updated 2 years ago
- Weblogic环境搭建工具☆782Updated 4 years ago
- 在渗透测试中快速检测常见中间件、组件的高危漏洞。☆732Updated 3 years ago
- java内存对象搜索辅助工具☆797Updated 2 years ago
- burp插件开发指南☆612Updated 3 years ago
- Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)☆1,310Updated 2 years ago
- Java RCE 回显测试代码☆1,010Updated 4 years ago
- spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧☆696Updated 3 years ago
- Web Security Technology & Vulnerability Analysis Whitepapers☆543Updated 6 years ago
- a webshell resides in the memory of java web server☆669Updated 6 years ago
- OpenRASP 漏洞测试环境☆306Updated last year
- Burpsuite-Plugins-Usage☆509Updated 4 years ago
- 常用渗透poc收集☆295Updated 3 years ago
- 从wooyun中提取的payload,以及burp插件☆845Updated 2 years ago
- IAST 灰盒扫描工具☆445Updated 2 years ago
- Codeql学习笔记☆867Updated 2 years ago
- Spring Boot Actuator未授权访问【XXE、RCE】单/多目标检测☆513Updated 4 years ago
- A helpful Java Deserialization exploit framework.☆1,208Updated last month
- Apache Shiro 反序列化漏洞检测与利用工具☆534Updated 5 years ago
- Fastjson <= 1.2.47 远程命令执行漏洞利用工具及方法☆399Updated 2 months ago
- PC客户端(C-S架构)渗透测试checklist / Client side(C-S) penetration checklist☆660Updated 4 years ago
- 通过BurpSuite来构建自己的爆破字典,可以通过字典爆破来发现隐藏资产。☆496Updated last year
- MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize☆1,292Updated 3 years ago
- Static code auditing system☆460Updated 4 years ago
- java代码审计学习笔记☆640Updated 5 years ago
- ☆212Updated 6 months ago
- 利用链、漏洞检测工具☆367Updated 8 months ago
- ☆404Updated 5 years ago
- (周瑜)Java - SpringBoot 持久化 WebShell 学习demo(不仅仅是SpringBoot,适合任何符合JavaEE规范的服务)☆598Updated 3 years ago