东方隐侠团队出品,代码审计skill
☆108Feb 25, 2026Updated 2 months ago
Alternatives and similar repositories for skill-dfyx_code_security_review
Users that are interested in skill-dfyx_code_security_review are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆13Nov 7, 2023Updated 2 years ago
- 一款支持 目录扫描(可配合熊猫头)+自动绕403+敏感匹配 等的小脚本工具,目前此脚本属于创始测试版,后续会继续升级!!!CowCow🐂🐂☆18Dec 27, 2024Updated last year
- 用来将Tai-e改造为开箱即用的静态代码安全分析框架的一些demo☆37Apr 17, 2024Updated 2 years ago
- API Highlighter 是一个用于 BurpSuite 的插件,主要用于 web 应用迭代安全测试时高亮指定的新增接口,该插件最初用 Python 编写,现重构为 Java 版本。☆43Feb 19, 2025Updated last year
- 一款使用Yaml定义搜索规则来搜索Class的工具☆109Aug 2, 2023Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A Java Route Collection Tool☆103Aug 1, 2024Updated last year
- ☆22Mar 4, 2019Updated 7 years ago
- zip slip☆39Apr 7, 2023Updated 3 years ago
- Hessian UTF-8 Overlong Encoding☆21Mar 9, 2024Updated 2 years ago
- 内网大型数据拖库解决方案,隧道不稳定时将内网数据库保存为csv格式文件☆34Nov 1, 2023Updated 2 years ago
- Java 代码审计 idea 插件☆26Mar 8, 2025Updated last year
- 方便自己搭建codeql环境和数据库的工具。☆64Mar 25, 2026Updated last month
- XXST-白加黑辅助挖掘工具,全程静默运行不影响正常使用☆17Apr 12, 2024Updated 2 years ago
- burp被动插件扫反射xss☆13Nov 29, 2023Updated 2 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- AuditLuma是一个AI+智能体代码审计系统,它利用多个AI代理和先进的技术,包括多代理合作协议(MCP)和Self-RAG(检索增强生成),为代码库提供全面的安全分析,目前已经支持ollama部署的本地大模型☆249Aug 1, 2025Updated 9 months ago
- ☆166Jan 29, 2026Updated 3 months ago
- 基于函数级污点分析的 Java 源代码漏洞审计工具JavaSinkTracer,通过 Model Context Protocol (MCP) 为 AI 助手提供安全分析能力。☆110Oct 7, 2025Updated 7 months ago
- 哥斯拉webshell管理工具的插件,用于连接websocket型webshell☆183Apr 17, 2024Updated 2 years ago
- 基于 Vue + SpringBoot 构建的前后端分离的 Java 安全靶场。☆16Updated this week
- ☆16Oct 30, 2022Updated 3 years ago
- 用于渗透测试的WebFuzz扫描工具☆38Aug 3, 2025Updated 9 months ago
- Archived security research prototype. No longer maintained.☆203May 9, 2026Updated last week
- 发布一些我发现的漏洞以及利用脚本。☆15Jun 29, 2023Updated 2 years ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- 一些总结出来的gadget的flow,后续合适和加入新的flow☆68Dec 6, 2025Updated 5 months ago
- 哥斯拉反射自定义 AES 通信插件加密器,基于基于AES+自定义Stream Wrapper注册+include执行,全链路零eval,类多态触发的webshell生成器。☆47Mar 24, 2026Updated last month
- 一款辅助探测Orderby注入漏洞的BurpSuite插件☆25Oct 19, 2021Updated 4 years ago
- Hacking GraalVM Espresso - Abusing Continuation API to Make ROP-like Attack☆36Aug 27, 2025Updated 8 months ago
- 基于 PyQt5 的 Nuclei 漏洞扫描图形化工具,支持 POC 管理、FOFA/Hunter/Shodan 资产搜索、AI 辅助分析、漏洞报告生成等功能☆54May 4, 2026Updated 2 weeks ago
- A vul-finder for loading CPG and automated finding vul-call-chains☆71Jul 22, 2025Updated 9 months ago
- 抽离出 utf-8-overlong-encoding 的序列化逻辑,实现 2 3 字节加密序列化数组☆141Mar 11, 2024Updated 2 years ago
- 在spring-aop中新发现的反序列化gadget-chain☆52Jan 12, 2025Updated last year
- Spring Boot whitelabel error page SpEL rce EXP☆13May 24, 2024Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- 一款src捡洞扫描器☆26Jan 13, 2021Updated 5 years ago
- CVE-2015-4852、CVE-2016-0638、CVE-2016-3510、CVE-2019-2890漏洞POC☆17Aug 11, 2020Updated 5 years ago
- Tai-e的Web插件☆23Jun 11, 2024Updated last year
- 使用 agent 实现反序列化 utf8 overlong☆86Apr 24, 2024Updated 2 years ago
- 对原版JNDIExploit进行修改增加线程和JMX注入内存马☆17Apr 23, 2025Updated last year
- A tool to exploit the hash length extension attack in various hashing algorithms☆17Sep 11, 2012Updated 13 years ago
- CVE-2024-36401 图形化利用工具,支持各个JDK版本利用以及回显、内存马实现☆43Jul 16, 2025Updated 10 months ago