EastSword/skill-dfyx_code_security_review

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/EastSword/skill-dfyx_code_security_review)

EastSword / skill-dfyx_code_security_review

东方隐侠团队出品，代码审计skill

☆121

Alternatives and similar repositories for skill-dfyx_code_security_review

Users that are interested in skill-dfyx_code_security_review are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

X1r0z / hessian-overlong-encoding
View on GitHub
Hessian UTF-8 Overlong Encoding
☆21Mar 9, 2024Updated 2 years ago
goddemondemongod / god_bak
View on GitHub
☆13Nov 7, 2023Updated 2 years ago
sdfwesfe / cowcow
View on GitHub
一款支持目录扫描(可配合熊猫头)+自动绕403+敏感匹配等的小脚本工具，目前此脚本属于创始测试版，后续会继续升级！！！CowCow🐂🐂
☆18Dec 27, 2024Updated last year
yezere / codeql_n1ght
View on GitHub
方便自己搭建codeql环境和数据库的工具。
☆65Mar 25, 2026Updated 2 months ago
luelueking / ClazzSearcher
View on GitHub
一款使用Yaml定义搜索规则来搜索Class的工具
☆109Aug 2, 2023Updated 2 years ago
Bare Metal GPUs on DigitalOcean Gradient AI • Ad
Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
ax1sX / RouteCheck-Alpha
View on GitHub
A Java Route Collection Tool
☆102Aug 1, 2024Updated last year
lcark / Tai-e-demo
View on GitHub
用来将Tai-e改造为开箱即用的静态代码安全分析框架的一些demo
☆37Apr 17, 2024Updated 2 years ago
Chave0v0 / API-Highlighter
View on GitHub
API Highlighter 是一个用于 BurpSuite 的插件，主要用于 web 应用迭代安全测试时高亮指定的新增接口，该插件最初用 Python 编写，现重构为 Java 版本。
☆43Feb 19, 2025Updated last year
bmth666 / GeoServer-Tools-CVE-2024-36401
View on GitHub
CVE-2024-36401 图形化利用工具，支持各个JDK版本利用以及回显、内存马实现
☆43May 18, 2026Updated 3 weeks ago
xsshim / GzWebsocket
View on GitHub
哥斯拉webshell管理工具的插件，用于连接websocket型webshell
☆183Apr 17, 2024Updated 2 years ago
Ape1ron / SpringAopInDeserializationDemo1
View on GitHub
在spring-aop中新发现的反序列化gadget-chain
☆52Jan 12, 2025Updated last year
Clayeee / Win-Logs-Parse-tool
View on GitHub
☆22Mar 4, 2019Updated 7 years ago
woodpecker-appstore / zip-tools
View on GitHub
zip slip
☆39Apr 7, 2023Updated 3 years ago
tabby-sec / tabby-vul-finder
View on GitHub
A vul-finder for loading CPG and automated finding vul-call-chains
☆71Jul 22, 2025Updated 10 months ago
Managed hosting for WordPress and PHP on Cloudways • Ad
Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
z-bool / SQLDownload
View on GitHub
内网大型数据拖库解决方案，隧道不稳定时将内网数据库保存为csv格式文件
☆34Nov 1, 2023Updated 2 years ago
prepar-z / inspectorz
View on GitHub
Java 代码审计 idea 插件
☆26Mar 8, 2025Updated last year
aaaademo / ysuserial-mod
View on GitHub
☆31Dec 6, 2024Updated last year
luelueking / Fake_Kafka_Server
View on GitHub
☆78Nov 22, 2024Updated last year
likeNlong / dll_finder
View on GitHub
XXST-白加黑辅助挖掘工具，全程静默运行不影响正常使用
☆17Apr 12, 2024Updated 2 years ago
Ar3h / utf8-overlong-agent
View on GitHub
使用 agent 实现反序列化 utf8 overlong
☆86Apr 24, 2024Updated 2 years ago
shanxigetanxiaochou / burp-xss-scan
View on GitHub
burp被动插件扫反射xss
☆14Nov 29, 2023Updated 2 years ago
Vistaminc / AuditLuma
View on GitHub
AuditLuma是一个AI+智能体代码审计系统，它利用多个AI代理和先进的技术，包括多代理合作协议（MCP）和Self-RAG（检索增强生成），为代码库提供全面的安全分析，目前已经支持ollama部署的本地大模型
☆247Aug 1, 2025Updated 10 months ago
lightless233 / sign-me-2
View on GitHub
Easy burp sign extension!
☆57Jan 27, 2025Updated last year
Managed hosting for WordPress and PHP on Cloudways • Ad
Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
Whoopsunix / utf-8-overlong-encoding
View on GitHub
抽离出 utf-8-overlong-encoding 的序列化逻辑，实现 2 3 字节加密序列化数组
☆141Mar 11, 2024Updated 2 years ago
tanweai / xianzhi-research
View on GitHub
☆170Jan 29, 2026Updated 4 months ago
TryGOTry / Debug-Nps
View on GitHub
在原版nps的基础上，增加了nps探测，以及对应的利用方式（如获取cookie，页面等），进行一些简单的二开。未经过大量测试，可能存在bug。
☆22Aug 5, 2025Updated 10 months ago
TheKingOfDuck / xlogger
View on GitHub
Log all keyboard and terminal input/output for any app 记录任意程序的键盘输入和终端输入输出
☆23Sep 19, 2025Updated 8 months ago
b1-team / phantom
View on GitHub
A memory-based evasion technique which makes shellcode invisible from process start to end.
☆17Aug 14, 2023Updated 2 years ago
Zacarx / JavaSinkTracer_MCP
View on GitHub
基于函数级污点分析的 Java 源代码漏洞审计工具JavaSinkTracer，通过 Model Context Protocol (MCP) 为 AI 助手提供安全分析能力。
☆115Oct 7, 2025Updated 8 months ago
bansh2eBreak / SpringVulnBoot-frontend
View on GitHub
基于 Vue + SpringBoot 构建的前后端分离的 Java 安全靶场。
☆16May 26, 2026Updated 2 weeks ago
Esonhugh / KubernetesCS
View on GitHub
Kubernetes has its “ADCS” -- How To Backdoor a Kubernetes in silence and more persistent?
☆41Nov 16, 2025Updated 6 months ago
wangsz05 / LearnDemo
View on GitHub
☆16Oct 30, 2022Updated 3 years ago
1-Click AI Models by DigitalOcean Gradient • Ad
Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
W01fh4cker / MemshellKit
View on GitHub
针对多个框架的高度自定义的内存马一键打入工具 | A highly customized memory shell one-click injection tool for multiple frameworks
☆49Feb 6, 2024Updated 2 years ago
DeEpinGh0st / JDumpSpiderGUI
View on GitHub
JDumpSpiderGUI 是一个用于 Java 堆转储文件分析的工具，支持命令行和 JavaFX 图形界面两种模式。该工具主要是在原工具上添加了图形化的界面
☆163May 5, 2025Updated last year
Nbccccc / FinderFuzz
View on GitHub
用于渗透测试的WebFuzz扫描工具
☆38Aug 3, 2025Updated 10 months ago
adeljck / MS17-010
View on GitHub
MS17-010 Exploits With Original NSA Tool(only for windows)
☆33Jul 30, 2024Updated last year
watanabe-hsad / GoPhantom
View on GitHub
Archived security research prototype. No longer maintained.
☆201May 9, 2026Updated 3 weeks ago
Boogipop / MetabaseRceTools
View on GitHub
CVE-2023-38646 Metabase RCE
☆54Oct 11, 2023Updated 2 years ago
Veraxy00 / SecVulList-Veraxy00
View on GitHub
发布一些我发现的漏洞以及利用脚本。
☆15Jun 29, 2023Updated 2 years ago