EastSword/skill-dfyx_code_security_review

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/EastSword/skill-dfyx_code_security_review)

EastSword / skill-dfyx_code_security_review

东方隐侠团队出品，代码审计skill

☆90

Alternatives and similar repositories for skill-dfyx_code_security_review

Users that are interested in skill-dfyx_code_security_review are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

goddemondemongod / god_bak
View on GitHub
☆13Nov 7, 2023Updated 2 years ago
sdfwesfe / cowcow
View on GitHub
一款支持目录扫描(可配合熊猫头)+自动绕403+敏感匹配等的小脚本工具，目前此脚本属于创始测试版，后续会继续升级！！！CowCow🐂🐂
☆18Dec 27, 2024Updated last year
Chave0v0 / API-Highlighter
View on GitHub
API Highlighter 是一个用于 BurpSuite 的插件，主要用于 web 应用迭代安全测试时高亮指定的新增接口，该插件最初用 Python 编写，现重构为 Java 版本。
☆42Feb 19, 2025Updated last year
ax1sX / RouteCheck-Alpha
View on GitHub
A Java Route Collection Tool
☆103Aug 1, 2024Updated last year
Clayeee / Win-Logs-Parse-tool
View on GitHub
☆22Mar 4, 2019Updated 7 years ago
Wordpress hosting with auto-scaling - Free Trial Offer • Ad
Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
woodpecker-appstore / zip-tools
View on GitHub
zip slip
☆39Apr 7, 2023Updated 3 years ago
X1r0z / hessian-overlong-encoding
View on GitHub
Hessian UTF-8 Overlong Encoding
☆21Mar 9, 2024Updated 2 years ago
z-bool / SQLDownload
View on GitHub
内网大型数据拖库解决方案，隧道不稳定时将内网数据库保存为csv格式文件
☆34Nov 1, 2023Updated 2 years ago
prepar-z / inspectorz
View on GitHub
Java 代码审计 idea 插件
☆26Mar 8, 2025Updated last year
yezere / codeql_n1ght
View on GitHub
方便自己搭建codeql环境和数据库的工具。
☆64Mar 25, 2026Updated last month
likeNlong / dll_finder
View on GitHub
XXST-白加黑辅助挖掘工具，全程静默运行不影响正常使用
☆17Apr 12, 2024Updated 2 years ago
shanxigetanxiaochou / burp-xss-scan
View on GitHub
burp被动插件扫反射xss
☆13Nov 29, 2023Updated 2 years ago
Vistaminc / AuditLuma
View on GitHub
AuditLuma是一个AI+智能体代码审计系统，它利用多个AI代理和先进的技术，包括多代理合作协议（MCP）和Self-RAG（检索增强生成），为代码库提供全面的安全分析，目前已经支持ollama部署的本地大模型
☆247Aug 1, 2025Updated 8 months ago
tanweai / xianzhi-research
View on GitHub
☆164Jan 29, 2026Updated 3 months ago
Deploy on Railway without the complexity - Free Credits Offer • Ad
Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
Zacarx / JavaSinkTracer_MCP
View on GitHub
基于函数级污点分析的 Java 源代码漏洞审计工具JavaSinkTracer，通过 Model Context Protocol (MCP) 为 AI 助手提供安全分析能力。
☆110Oct 7, 2025Updated 6 months ago
xsshim / GzWebsocket
View on GitHub
哥斯拉webshell管理工具的插件，用于连接websocket型webshell
☆183Apr 17, 2024Updated 2 years ago
bansh2eBreak / SpringVulnBoot-frontend
View on GitHub
基于 Vue + SpringBoot 构建的前后端分离的 Java 安全靶场。
☆16Updated this week
wangsz05 / LearnDemo
View on GitHub
☆16Oct 30, 2022Updated 3 years ago
Nbccccc / FinderFuzz
View on GitHub
用于渗透测试的WebFuzz扫描工具
☆37Aug 3, 2025Updated 8 months ago
watanabe-hsad / GoPhantom
View on GitHub
GoPhantom 是一个为红队演练和安全研究设计的下一代荷载加载器（Payload Loader）生成器。它利用 Go 语言的强大功能，将原始的 Shellcode 和一个诱饵文件打包成一个独立的、具有较强免杀（AV-Evasion）能力的 Windows 可执行文件。
☆202Mar 19, 2026Updated last month
Veraxy00 / SecVulList-Veraxy00
View on GitHub
发布一些我发现的漏洞以及利用脚本。
☆15Jun 29, 2023Updated 2 years ago
unam4 / java_gadget_flow
View on GitHub
一些总结出来的gadget的flow，后续合适和加入新的flow
☆68Dec 6, 2025Updated 4 months ago
e1arth / Godzilla_bypass_webshell
View on GitHub
哥斯拉反射自定义 AES 通信插件加密器，基于基于AES+自定义Stream Wrapper注册+include执行，全链路零eval，类多态触发的webshell生成器。
☆47Mar 24, 2026Updated last month
Managed Kubernetes at scale on DigitalOcean • Ad
DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
ce-automne / OrderbyHunter
View on GitHub
一款辅助探测Orderby注入漏洞的BurpSuite插件
☆25Oct 19, 2021Updated 4 years ago
X1r0z / hacking-espresso
View on GitHub
Hacking GraalVM Espresso - Abusing Continuation API to Make ROP-like Attack
☆36Aug 27, 2025Updated 8 months ago
tabby-sec / tabby-vul-finder
View on GitHub
A vul-finder for loading CPG and automated finding vul-call-chains
☆72Jul 22, 2025Updated 9 months ago
Whoopsunix / utf-8-overlong-encoding
View on GitHub
抽离出 utf-8-overlong-encoding 的序列化逻辑，实现 2 3 字节加密序列化数组
☆140Mar 11, 2024Updated 2 years ago
ChenChen753 / Nuclei_Gui
View on GitHub
基于 PyQt5 的 Nuclei 漏洞扫描图形化工具，支持 POC 管理、FOFA/Hunter/Shodan 资产搜索、AI 辅助分析、漏洞报告生成等功能
☆48Updated this week
Ape1ron / SpringAopInDeserializationDemo1
View on GitHub
在spring-aop中新发现的反序列化gadget-chain
☆52Jan 12, 2025Updated last year
xzajyjs / SpringBoot-whitelabel-error-rce-EXP
View on GitHub
Spring Boot whitelabel error page SpEL rce EXP
☆13May 24, 2024Updated last year
test502git / SScan
View on GitHub
一款src捡洞扫描器
☆25Jan 13, 2021Updated 5 years ago
zhzhdoai / Weblogic_Vuln
View on GitHub
CVE-2015-4852、CVE-2016-0638、CVE-2016-3510、CVE-2019-2890漏洞POC
☆17Aug 11, 2020Updated 5 years ago
Deploy to Railway using AI coding agents - Free Credits Offer • Ad
Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
hldfight / Tai-e-WebPlugin
View on GitHub
Tai-e的Web插件
☆23Jun 11, 2024Updated last year
Ar3h / utf8-overlong-agent
View on GitHub
使用 agent 实现反序列化 utf8 overlong
☆86Apr 24, 2024Updated 2 years ago
pap1rman / JNDIExploit-modify
View on GitHub
对原版JNDIExploit进行修改增加线程和JMX注入内存马
☆17Apr 23, 2025Updated last year
3stoneBrother / code-audit
View on GitHub
☆585Feb 13, 2026Updated 2 months ago
bmth666 / GeoServer-Tools-CVE-2024-36401
View on GitHub
CVE-2024-36401 图形化利用工具，支持各个JDK版本利用以及回显、内存马实现
☆40Jul 16, 2025Updated 9 months ago
crazyMarky / pentest-skills
View on GitHub
💬 🚀 告别繁琐命令行，用自然语言驱动专业级渗透测试。 ⚡ 让安全测试从未如此简单、高效。Forget complex command lines. 🛡️ Professional penetration testing, powered by natural lan…
☆88Mar 6, 2026Updated last month
Tas9er / ByPassTamperPlus
View on GitHub
ByPassTamperPlus / SQLMap加强绕WAF / Code By:Tas9er
☆116Feb 12, 2026Updated 2 months ago