LFYSec/MScan

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/LFYSec/MScan)

LFYSec / MScan

The source code of [S&P'25] Detecting Taint-Style Vulnerabilities in Microservice-Structured Web Applications.

☆72

Alternatives and similar repositories for MScan

Users that are interested in MScan are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

X1r0z / hacking-espresso
View on GitHub
Hacking GraalVM Espresso - Abusing Continuation API to Make ROP-like Attack
☆36Aug 27, 2025Updated 9 months ago
LFYSec / AgentFuzz
View on GitHub
The source code of [Sec'25] Make Agent Defeat Agent: Automatic Detection of Taint-Style Vulnerabilities in LLM-based Agents
☆88Apr 13, 2026Updated last month
waderwu / nativeRasp
View on GitHub
nativeRasp that can hook native methods
☆23Apr 24, 2023Updated 3 years ago
cwkiller / JDBC-PROXY-Bypass
View on GitHub
利用代理驱动绕过JDBC Attack检测
☆145Jun 15, 2025Updated 11 months ago
yulate / tabby-pipeline
View on GitHub
用于快速启动tabby 分析漏洞或者gadget的环境
☆94Jul 14, 2025Updated 10 months ago
Managed hosting for WordPress and PHP on Cloudways • Ad
Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
hldfight / Tai-e-WebPlugin
View on GitHub
Tai-e的Web插件
☆23Jun 11, 2024Updated last year
cwkiller / ASP-ASP.NET-WebShell-Bypass
View on GitHub
ASP & ASP.NET WebShell Bypass
☆70Jan 4, 2026Updated 5 months ago
adeljck / Finder
View on GitHub
用于windows下通过NTFS MFT快速查找文件名中带有敏感词的文件
☆44Sep 29, 2025Updated 8 months ago
ouuan / ZipDiff
View on GitHub
[USENIX Security '25] My ZIP isn’t your ZIP: Identifying and Exploiting Semantic Gaps Between ZIP Parsers
☆39Mar 20, 2026Updated 2 months ago
yhy0 / ghsa-skill-builder
View on GitHub
GitHub Advisory Database Skills builder
☆72Mar 14, 2026Updated 2 months ago
ax1sX / RouteCheck-Alpha
View on GitHub
A Java Route Collection Tool
☆102Aug 1, 2024Updated last year
l3yx / intentlang
View on GitHub
The next-generation AI Agent framework driven by Intent Engineering. Move beyond turn-based Function Calling to embrace code-level intent…
☆89Jan 11, 2026Updated 4 months ago
Ape1ron / FastjsonInDeserializationDemo1
View on GitHub
高版本Fastjson在Java原生反序列化中的利用演示
☆26Jan 12, 2025Updated last year
BytecodeDL / soot-fact-generator
View on GitHub
generate facts from bytecode (source is https://github.com/plast-lab/doop-mirror/tree/master/generators)
☆23Nov 24, 2024Updated last year
AI Agents on DigitalOcean Gradient AI Platform • Ad
Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
Java-Chains / papers
View on GitHub
Topic: The Swiss Army Knife of Java Exploitation
☆21Feb 25, 2025Updated last year
brant-ruan / ICCI
View on GitHub
Industrial Cybersecurity Conference Index
☆13Mar 11, 2024Updated 2 years ago
h3h3qaq / JDK-CodeQLDB-Builder
View on GitHub
使用 Docker 一键构建 JDK 源码的 CodeQL 数据库，方便使用 CodeQL 查找 JDK 中的数据。
☆27May 14, 2025Updated last year
software-engineering-and-security / Gleipner
View on GitHub
A benchmark for Java gadget chain detecting algorithms.
☆16Jun 20, 2025Updated 11 months ago
tabby-sec / tabby-vul-finder
View on GitHub
A vul-finder for loading CPG and automated finding vul-call-chains
☆71Jul 22, 2025Updated 10 months ago
evilpan / audit.vim
View on GitHub
Code audit (code review) with VIM.
☆17Jan 3, 2025Updated last year
X1r0z / hessian-overlong-encoding
View on GitHub
Hessian UTF-8 Overlong Encoding
☆21Mar 9, 2024Updated 2 years ago
fdu-sec / JDD
View on GitHub
☆210Oct 27, 2025Updated 7 months ago
pixelindigo / yurascanner
View on GitHub
YuraScanner
☆81Feb 13, 2025Updated last year
Managed hosting for WordPress and PHP on Cloudways • Ad
Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
su18 / fastjson-commons-io
View on GitHub
☆12May 28, 2021Updated 5 years ago
mo-xiaoxi / HDiff
View on GitHub
☆28Jun 7, 2022Updated 4 years ago
CTFTraining / huwangbei_2018_easy_laravel
View on GitHub
护网杯 2018 WEB (4) easy_laravel
☆12Aug 22, 2019Updated 6 years ago
secureweb / symphp
View on GitHub
Holistic Concolic Execution for Dynamic Web Applications via Symbolic Interpreter Analysis (IEEE S&P 2024)
☆16Oct 3, 2024Updated last year
yulate / CtfAgent
View on GitHub
ctf awd比赛快速hook java题，提供一键流量转发，无痛修复
☆63Mar 17, 2025Updated last year
jorgectf / jdk4QL
View on GitHub
Java JDK 8-18 CodeQL databases
☆17Jun 2, 2024Updated 2 years ago
c0ny1 / ascii-jar
View on GitHub
构造字节在ASCII范围内的jar
☆142Feb 14, 2022Updated 4 years ago
bit4woo / Java_deserialize_vuln_lab
View on GitHub
Java 反序列化学习的实验代码 Java_deserialize_vuln_lab
☆87Nov 26, 2018Updated 7 years ago
Esonhugh / My-Cloud-Security
View on GitHub
[ALL IN ONE] Everything that I shared to public about Cloud Security is here.
☆64Apr 19, 2025Updated last year
Managed hosting for WordPress and PHP on Cloudways • Ad
Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
X1r0z / jetty-fuzz
View on GitHub
☆32May 27, 2024Updated 2 years ago
Whoopsunix / PPPRASP
View on GitHub
JavaRce complements project - use RASP to prevent vulnerabilities
☆24Apr 22, 2024Updated 2 years ago
AlphabugX / Jawd
View on GitHub
Jawd——Jar文件编辑并重新打包导出神器。一款能够让你在AWD抢占先机，应急响应第一时间修复bug的神器
☆154Aug 26, 2025Updated 9 months ago
rzte / agentcrack
View on GitHub
不那么一样的 Java Agent 内存马
☆288Nov 27, 2023Updated 2 years ago
woodpecker-appstore / jexpr-encoder-utils
View on GitHub
Java表达式语句生成器
☆194Oct 9, 2023Updated 2 years ago
lcark / Tai-e-demo
View on GitHub
用来将Tai-e改造为开箱即用的静态代码安全分析框架的一些demo
☆37Apr 17, 2024Updated 2 years ago
crushforyou / 2025hvv-poc
View on GitHub
记录2025hvvpoc
☆259Jul 29, 2025Updated 10 months ago