JacyCui/static-analysis

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/JacyCui/static-analysis)

JacyCui / static-analysis

静态分析基础教程

☆183

Alternatives and similar repositories for static-analysis

Users that are interested in static-analysis are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

luelueking / ClazzSearcher
View on GitHub
一款使用Yaml定义搜索规则来搜索Class的工具
☆109Aug 2, 2023Updated 2 years ago
luelueking / Deserial_Sink_With_JDBC
View on GitHub
Some ReadObject Sink With JDBC
☆245May 8, 2024Updated last year
pascal-lab / Tai-e
View on GitHub
An easy-to-learn/use static analysis framework for Java
☆1,772Mar 22, 2026Updated 2 weeks ago
kyo-w / router-router
View on GitHub
Java web路由内存分析工具
☆439May 22, 2025Updated 10 months ago
tabby-sec / tabby-vul-finder
View on GitHub
A vul-finder for loading CPG and automated finding vul-call-chains
☆72Jul 22, 2025Updated 8 months ago
GPU virtual machines on DigitalOcean Gradient AI • Ad
Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
alipay / ant-application-security-testing-benchmark
View on GitHub
xAST评价体系，让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".
☆468Jan 15, 2026Updated 2 months ago
Y4tacker / HackingFernFlower
View on GitHub
2023白帽补天大会部分代码
☆129Dec 26, 2023Updated 2 years ago
BytecodeDL / ByteCodeDL
View on GitHub
A declarative static analysis tool for jvm bytecode based Datalog like CodeQL
☆345Jan 6, 2024Updated 2 years ago
tabby-sec / tabby-path-finder
View on GitHub
A neo4j procedure for tabby
☆137May 17, 2025Updated 10 months ago
Whoopsunix / utf-8-overlong-encoding
View on GitHub
抽离出 utf-8-overlong-encoding 的序列化逻辑，实现 2 3 字节加密序列化数组
☆140Mar 11, 2024Updated 2 years ago
pascal-lab / Tai-e-assignments
View on GitHub
Tai-e assignments for static program analysis
☆1,223Aug 28, 2025Updated 7 months ago
KingBridgeSS / jdifferer
View on GitHub
☆65Sep 27, 2023Updated 2 years ago
luelueking / Bypass_JVM_Verifier
View on GitHub
Bypass JVM Class ByteCode Verifier , 对抗反编译器
☆116Sep 21, 2023Updated 2 years ago
Whoopsunix / JavaRce
View on GitHub
Common Exploitation Techniques for Java RCE Vulnerabilities in Real-World Scenarios | 实战场景较通用的 Java Rce 相关漏洞的利用方式
☆548Mar 6, 2025Updated last year
End-to-end encrypted email - Proton Mail • Ad
Special offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
Y4Sec-Team / mysql-jdbc-tricks
View on GitHub
JDBC Attack Tricks
☆154Sep 3, 2023Updated 2 years ago
JacyCui / fla
View on GitHub
formal language and automata
☆32Jan 9, 2026Updated 3 months ago
flowerwind / AutoGenerateXalanPayload
View on GitHub
cve-2022-34169 延伸出的Jdk Xalan的payload自动生成工具，可根据不同的Jdk生成出其所对应的xslt文件
☆93Jan 17, 2023Updated 3 years ago
SpringJasmine / Jasmine
View on GitHub
☆30Aug 30, 2022Updated 3 years ago
waderwu / extractor-java
View on GitHub
CodeQL extractor for java, which don't need to compile java source
☆349Nov 25, 2022Updated 3 years ago
h2-stack / LL-RASP
View on GitHub
Low-level RASP: Protecting Applications Implemented in High-level Programming Languages
☆69Oct 19, 2025Updated 5 months ago
ErodedElk / Chaos-me-JavaScript-V8
View on GitHub
零基础入门V8引擎漏洞挖掘
☆287Apr 8, 2024Updated 2 years ago
RangerNJU / Static-Program-Analysis-Book
View on GitHub
Getting started with static program analysis. 静态程序分析入门教程。
☆1,766Mar 20, 2024Updated 2 years ago
tabby-sec / tabby
View on GitHub
A CAT called tabby ( Code Analysis Tool )
☆1,642Jan 17, 2026Updated 2 months ago
DigitalOcean Gradient AI Platform • Ad
Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
Phelaine / SinkFinder
View on GitHub
闭源系统半自动漏洞挖掘工具，针对 jar/war/zip 进行静态代码分析，输出从source到sink的可达路径。LLM将验证路径可达性，并根据上下文给出该路径可信分数
☆509Jan 12, 2026Updated 2 months ago
l3yx / Choccy
View on GitHub
GitHub项目监控 && CodeQL自动扫描 (GitHub project monitoring && CodeQL automatic analysis)
☆469Jan 19, 2025Updated last year
lcark / Tai-e-demo
View on GitHub
用来将Tai-e改造为开箱即用的静态代码安全分析框架的一些demo
☆37Apr 17, 2024Updated last year
BeichenDream / JDR
View on GitHub
☆147Jan 16, 2023Updated 3 years ago
BytecodeDL / graphdb-intellij-plugin
View on GitHub
neo4j plugin of ByteCodeDL for the IntelliJ Platform. ByteCodeDL-Neo4j-IDEA-Plugin
☆16Dec 28, 2023Updated 2 years ago
webraybtl / CodeQLpy
View on GitHub
CodeQLpy是一款基于CodeQL实现的半自动化代码审计工具，目前仅支持java语言。实现从源码反编译，数据库生成，脆弱性发现的全过程，可以辅助代码审计人员快速定位源码可能存在的漏洞。
☆851Jul 6, 2023Updated 2 years ago
LandGrey / spring-boot-upload-file-lead-to-rce-tricks
View on GitHub
spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧
☆754Apr 14, 2021Updated 4 years ago
brant-ruan / ICCI
View on GitHub
Industrial Cybersecurity Conference Index
☆13Mar 11, 2024Updated 2 years ago
fdu-sec / JDD
View on GitHub
☆207Oct 27, 2025Updated 5 months ago
Proton VPN Special Offer - Get 70% off • Ad
Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
ASTTeam / CodeQL
View on GitHub
《深入理解CodeQL》Finding vulnerabilities with CodeQL.
☆1,765Nov 21, 2023Updated 2 years ago
rzte / agentcrack
View on GitHub
不那么一样的 Java Agent 内存马
☆289Nov 27, 2023Updated 2 years ago
whocansee / FilelessAgentMemShell
View on GitHub
无需文件落地Agent内存马生成器
☆249May 30, 2024Updated last year
c0ny1 / ascii-jar
View on GitHub
构造字节在ASCII范围内的jar
☆140Feb 14, 2022Updated 4 years ago
l3yx / jdwp-codeifier
View on GitHub
基于 jdwp-shellifier 的进阶JDWP漏洞利用脚本（动态执行Java/Js代码并获得回显）
☆322Dec 22, 2024Updated last year
datouo / CTF-Java-Gadget
View on GitHub
CTF-Java-Gadget专注于收集CTF中Java赛题的反序列化片段
☆284Dec 13, 2024Updated last year
jar-analyzer / jar-analyzer-v1-cli
View on GitHub
本项目可以把一个或多个Jar包构建成数据库，用户连接数据库后通过SQL语句任意搜索需要的内容，例如类和方法信息，方法调用关系等
☆75Oct 11, 2023Updated 2 years ago