Alternatives and similar repositories for DongTai-engine

Users that are interested in DongTai-engine are comparing it to the libraries listed below

• TomAPU / WAF-rules
  ☆22Updated 5 years ago
• angelwhu / jvm-rasp
  基于JVM-Sandbox实现RASP安全监控防护
  ☆52Updated last year
• HXSecurity / DongTai-Plugin-IDEA
  Dongtai-plugin-idea is an IDEA plug-in developed by DongTai team for Java Web application developers. This plug-in provides functions suc…
  ☆27Updated last year
• iiiusky / java_rasp_example
  ☆28Updated 4 years ago
• Anemone95 / taint-benchmark
  A benchmark to evaluate taint analysis
  ☆30Updated 3 years ago
• threedr3am / FindClassInJars
  个人用于在自动化挖掘gadget时，方便查找gadget chains中class所在jar包，以助于便捷审计测试gadget有效性的那么一个小工具。
  ☆60Updated 5 years ago
• Conanjun / codeql_chinese
  CodeQL中文资料和常见使用解释。Chinese version of Codeql documents
  ☆9Updated 4 years ago
• jimocode / CodeInspector
  基于Java ASM技术和GadgetInspector的原理，尝试实现一个自动Java代码审计工具。目前做到了可控参数分析和数据流跟踪分析
  ☆36Updated 3 years ago
• threedr3am / log-agent
  利用agent hock指定的class，在jar运行周期内，用于跟踪被执行的方法，辅助做一些事情，比如挖洞啊
  ☆126Updated 4 years ago
• iiiusky / java_iast_example
  JAVA IAST Example
  ☆49Updated 3 years ago
• LeadroyaL / java_xxe_2019
  总结了一下2019年在JVM环境中使用XXE攻击的知识
  ☆57Updated 5 years ago
• jweny / check_jsonp_based_on_ast
  基于AST的JSONP劫持漏洞自动化挖掘
  ☆93Updated 4 years ago
• ODDFuzz / ODDFuzz
  S&P2023 Paper
  ☆39Updated 2 years ago
• bigBestWay / ice
  Use java instrument API without JAR file
  ☆45Updated 3 years ago
• grayddq / PypiScan
  这个脚本主要提供对pypi供应链的源头进行安全扫描研究，扫描并发现未知的恶意包情况。
  ☆29Updated 2 years ago
• SummerSec / SPATool
  静态程序分析工具 主要生成方法的CFG和.java文件的AST
  ☆129Updated last year
• Monyer / xssee
  A js encode/decode simple tool for XSS
  ☆27Updated 5 years ago
• cor0ps / codeql
  收集规则
  ☆30Updated 2 years ago
• XmirrorSecurity / OpenSCA-intellij-plugin
  ☆37Updated 4 months ago
• wonderkun / crawler
  利用github action定时爬取先知、安全客等的文章进行保存
  ☆59Updated 3 years ago
• Ant-FG-Lab / non_RCE
  ☆41Updated 4 years ago
• Anemone95 / JSecCode
  A Vulnerable Web App written by JavaScript (Vue+Egg)
  ☆12Updated 7 months ago
• ASTTeam / Semgrep
  《深入理解Semgrep》Finding vulnerabilities with Semgrep.
  ☆51Updated last year
• JoyChou93 / trident
  Java通用漏洞修复安全组件
  ☆59Updated 7 years ago
• xiaopan233 / Java_agent_without_file
  Java agent without file 无文件的Java agent
  ☆78Updated 3 years ago
• Maskhe / AxinSAST
  ☆10Updated 4 years ago
• h2-stack / LL-RASP
  Low-level RASP: Protecting Applications Implemented in High-level Programming Languages
  ☆63Updated last year
• 1135 / Kong_exploit
  ☆41Updated 5 years ago
• LuckyC4t / gosec-m
  gosec动态规则修改版
  ☆12Updated 3 years ago
• ASTTeam / DAST
  《深入理解DAST动态应用程序安全测试》Dynamic Application Security Testing.
  ☆52Updated 2 years ago