LFYSec/MScan

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/LFYSec/MScan)

LFYSec / MScan

The source code of [S&P'25] Detecting Taint-Style Vulnerabilities in Microservice-Structured Web Applications.

☆66

Alternatives and similar repositories for MScan

Users that are interested in MScan are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

X1r0z / hacking-espresso
View on GitHub
Hacking GraalVM Espresso - Abusing Continuation API to Make ROP-like Attack
☆36Aug 27, 2025Updated 7 months ago
LFYSec / AgentFuzz
View on GitHub
The source code of [Sec'25] Make Agent Defeat Agent: Automatic Detection of Taint-Style Vulnerabilities in LLM-based Agents
☆67Sep 9, 2025Updated 7 months ago
waderwu / nativeRasp
View on GitHub
nativeRasp that can hook native methods
☆23Apr 24, 2023Updated 2 years ago
cwkiller / JDBC-PROXY-Bypass
View on GitHub
利用代理驱动绕过JDBC Attack检测
☆144Jun 15, 2025Updated 9 months ago
yulate / tabby-pipeline
View on GitHub
用于快速启动tabby 分析漏洞或者gadget的环境
☆94Jul 14, 2025Updated 8 months ago
1-Click AI Models by DigitalOcean Gradient • Ad
Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
hldfight / Tai-e-WebPlugin
View on GitHub
Tai-e的Web插件
☆23Jun 11, 2024Updated last year
adeljck / Finder
View on GitHub
用于windows下通过NTFS MFT快速查找文件名中带有敏感词的文件
☆44Sep 29, 2025Updated 6 months ago
ouuan / ZipDiff
View on GitHub
[USENIX Security '25] My ZIP isn’t your ZIP: Identifying and Exploiting Semantic Gaps Between ZIP Parsers
☆38Mar 20, 2026Updated 2 weeks ago
l3yx / intentlang
View on GitHub
The next-generation AI Agent framework driven by Intent Engineering. Move beyond turn-based Function Calling to embrace code-level intent…
☆79Jan 11, 2026Updated 2 months ago
BytecodeDL / soot-fact-generator
View on GitHub
generate facts from bytecode (source is https://github.com/plast-lab/doop-mirror/tree/master/generators)
☆23Nov 24, 2024Updated last year
Java-Chains / papers
View on GitHub
Topic: The Swiss Army Knife of Java Exploitation
☆21Feb 25, 2025Updated last year
brant-ruan / ICCI
View on GitHub
Industrial Cybersecurity Conference Index
☆13Mar 11, 2024Updated 2 years ago
h3h3qaq / JDK-CodeQLDB-Builder
View on GitHub
使用 Docker 一键构建 JDK 源码的 CodeQL 数据库，方便使用 CodeQL 查找 JDK 中的数据。
☆27May 14, 2025Updated 10 months ago
software-engineering-and-security / Gleipner
View on GitHub
A benchmark for Java gadget chain detecting algorithms.
☆15Jun 20, 2025Updated 9 months ago
Proton VPN Special Offer - Get 70% off • Ad
Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
boostsecurityio / supply-chain-research
View on GitHub
Supply Chain Security Research - Attack Trees
☆10Jan 9, 2023Updated 3 years ago
tabby-sec / tabby-vul-finder
View on GitHub
A vul-finder for loading CPG and automated finding vul-call-chains
☆72Jul 22, 2025Updated 8 months ago
evilpan / audit.vim
View on GitHub
Code audit (code review) with VIM.
☆17Jan 3, 2025Updated last year
fdu-sec / JDD
View on GitHub
☆207Oct 27, 2025Updated 5 months ago
X1r0z / hessian-overlong-encoding
View on GitHub
Hessian UTF-8 Overlong Encoding
☆21Mar 9, 2024Updated 2 years ago
ax1sX / RouteCheck-Alpha
View on GitHub
A Java Route Collection Tool
☆102Aug 1, 2024Updated last year
pixelindigo / yurascanner
View on GitHub
YuraScanner
☆75Feb 13, 2025Updated last year
su18 / fastjson-commons-io
View on GitHub
☆12May 28, 2021Updated 4 years ago
secureweb / symphp
View on GitHub
Holistic Concolic Execution for Dynamic Web Applications via Symbolic Interpreter Analysis (IEEE S&P 2024)
☆15Oct 3, 2024Updated last year
1-Click AI Models by DigitalOcean Gradient • Ad
Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
cwkiller / ASP-ASP.NET-WebShell-Bypass
View on GitHub
ASP & ASP.NET WebShell Bypass
☆69Jan 4, 2026Updated 3 months ago
mo-xiaoxi / HDiff
View on GitHub
☆28Jun 7, 2022Updated 3 years ago
serverless-ca / cloud-ca
View on GitHub
Cloud CA built using AWS CA Terraform Module
☆13Mar 15, 2026Updated 3 weeks ago
CTFTraining / huwangbei_2018_easy_laravel
View on GitHub
护网杯 2018 WEB (4) easy_laravel
☆12Aug 22, 2019Updated 6 years ago
yulate / CtfAgent
View on GitHub
ctf awd比赛快速hook java题，提供一键流量转发，无痛修复
☆61Mar 17, 2025Updated last year
jorgectf / jdk4QL
View on GitHub
Java JDK 8-18 CodeQL databases
☆17Jun 2, 2024Updated last year
bit4woo / Java_deserialize_vuln_lab
View on GitHub
Java 反序列化学习的实验代码 Java_deserialize_vuln_lab
☆87Nov 26, 2018Updated 7 years ago
Esonhugh / My-Cloud-Security
View on GitHub
[ALL IN ONE] Everything that I shared to public about Cloud Security is here.
☆63Apr 19, 2025Updated 11 months ago
X1r0z / jetty-fuzz
View on GitHub
☆33May 27, 2024Updated last year
Proton VPN Special Offer - Get 70% off • Ad
Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
Whoopsunix / PPPRASP
View on GitHub
JavaRce complements project - use RASP to prevent vulnerabilities
☆24Apr 22, 2024Updated last year
rzte / agentcrack
View on GitHub
不那么一样的 Java Agent 内存马
☆289Nov 27, 2023Updated 2 years ago
woodpecker-appstore / jexpr-encoder-utils
View on GitHub
Java表达式语句生成器
☆195Oct 9, 2023Updated 2 years ago
lcark / Tai-e-demo
View on GitHub
用来将Tai-e改造为开箱即用的静态代码安全分析框架的一些demo
☆37Apr 17, 2024Updated last year
JSREP / crawler-leetcode
View on GitHub
Crawler LeetCode，爬虫挑战合集
☆67Jan 28, 2026Updated 2 months ago
XingTuLab / JSIMPLIFIER
View on GitHub
a tool to deobfuscate, unminify, and simplify JavaScript code.
☆51Dec 17, 2025Updated 3 months ago
adeljck / YongYou-Exploit
View on GitHub
YongYou U8C deserialization file upload exploit tool targeting IPFxxFileService and IFileTrans services
☆29Sep 28, 2025Updated 6 months ago