HXSecurity / DongTai
Dongtai IAST is an open-source Interactive Application Security Testing (IAST) tool that enables real-time detection of common vulnerabilities in Java applications and third-party components through passive instrumentation. It is particularly suitable for use in the testing phase of the development pipeline.
☆1,266Updated 3 months ago
Alternatives and similar repositories for DongTai:
Users that are interested in DongTai are comparing it to the libraries listed below
- veinmind-tools 是由长亭科技自研,基于 veinmind-sdk 打造的容器安全工具集☆1,575Updated last year
- Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynam…☆687Updated last year
- 一款甲方资产巡航扫描系统。系统定位是发现资产,进行端口爆破。帮助企业更快发现弱口令问题。主要功能包括: 资产探测、端口爆破、定时任务、管理后台识别、报表展示☆1,768Updated 2 years ago
- 安全、快捷、高交互、企业级的蜜罐管理系统,护网;支持多种协议蜜��罐、蜜签、诱饵等功能。A safe, fast, highly interactive and enterprise level honeypot management system, supports mult…☆1,236Updated last year
- Attack surface mapping☆1,446Updated last year
- 傻瓜式漏洞PoC测试框架☆1,444Updated last year
- Scan for sensitive information easily and effectively.☆951Updated this week
- Fiora:漏洞PoC框架Nuclei的图形版。快捷搜索PoC、一键运行Nuclei。即可作为独立程序运行,也可作为burp插件使用。☆1,203Updated 10 months ago
- Nemo是用来进行自动化信息收集的一个简单平台,通过集成常用的信息收集工具和技术,实现对内网及互联网资产信息的自动收集,提高隐患排查和渗透测试的工作效率。☆1,773Updated 3 months ago
- Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack…☆2,992Updated 10 months ago
- ☕️ Java Security,安全编码和代码审计☆1,509Updated 3 weeks ago
- 边界打点后的自动化渗透工具☆1,855Updated 3 years ago
- ☆452Updated last year
- OAExploit一款基于产品的一键扫描工具。☆1,472Updated 2 years ago
- netspy是一款快速探测内网可达网段工具(深信服深蓝实验室天威战队强力驱动)☆2,064Updated last year
- domain_hunter的高级版本,SRC挖洞、HW打点之必备!自动化资产收集;快速Title获取;外部工具联动;等等☆2,029Updated 3 weeks ago
- HeapDump敏感信息提取工具☆1,418Updated 3 months ago
- A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅☆1,707Updated last month
- DNSLog-GO 是一款golang编写的监控 DNS 解析记录的工具,自带WEB界面 / DNSLog-GO is a monitoring tool written in Golang that monitors DNS resolution records. It …☆1,140Updated this week
- 一款基于BurpSuite的被动式shiro检测插件☆1,719Updated 2 years ago
- 飞刃是一套完整的企业级黑盒漏洞扫描系统,集成漏洞扫描、漏洞管理、扫描资产、爬虫等服务。 拥有强大的漏洞检测引擎和丰富的插件库,覆盖多种漏洞类型和应用程序框架。☆1,134Updated last year
- BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算…☆1,496Updated last year
- 一个高价值漏洞采集与推送服务 | collect valueable vulnerability and push it☆1,541Updated this week
- shiro反序列化漏洞综合利用,包含(回显执行命令/注入内存马)修复原版中NoCC的问题 https://github.com/j1anFen/shiro_attack☆2,170Updated 11 months ago
- Passive Security Scanner (被动式安全扫描器)☆1,931Updated 2 years ago
- shiro 反序列 命令执行辅助检测工具☆1,454Updated 10 months ago
- 一款适用于红蓝对抗中的仿真钓鱼系统☆1,467Updated last year
- 红/蓝队环境自动化部署工具 | Red/Blue team environment automation deployment tool☆1,890Updated 7 months ago
- Ladon for Kali 全平台开源内网渗透扫描器,Windows/Linux/Mac/路由器内网渗透,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql…☆1,644Updated last year
- KunLun-M是一个完全开源的静态白盒扫描工具,支持PHP、JavaScript的语义扫描,基础安全、组件安全扫描,Chrome Ext\Solidity的基础扫描。☆2,301Updated 5 months ago