LFYSec / MScanLinks
The source code of [S&P'25] Detecting Taint-Style Vulnerabilities in Microservice-Structured Web Applications.
☆60Updated 2 months ago
Alternatives and similar repositories for MScan
Users that are interested in MScan are comparing it to the libraries listed below
Sorting:
- A neo4j procedure for tabby☆136Updated 8 months ago
- A vul-finder for loading CPG and automated finding vul-call-chains☆71Updated 6 months ago
- CodeQL分析闭源Jar包脚本,基于Apache Ant构建CodeQL数据库☆42Updated 3 years ago
- 用来将Tai-e改造为开箱即用的静态代码安全分析框架的一些demo☆37Updated last year
- 腾讯ai渗透黑客松参赛作品(xjtuHunter)☆184Updated 2 months ago
- javaDeserializeLabs☆70Updated 2 years ago
- 2023白帽补天大会部分代码☆129Updated 2 years ago
- Some ReadObject Sink With JDBC☆243Updated last year
- Lessons for syntaxflow zero to hero☆54Updated last year
- ☆146Updated 3 years ago
- 简单实现的 Java RASP☆35Updated 5 years ago
- JavaRce complements project - use RASP to prevent vulnerabilities☆24Updated last year
- 2023 各大 CTF 的比赛附件☆49Updated 2 years ago
- 使用 Docker 一键构建 JDK 源码的 CodeQL 数据库,方便使用 CodeQL 查找 JDK 中的数据。☆27Updated 8 months ago
- 阿里巴巴安全SDK,提供SSRF、JDBC、XXE防护能力☆120Updated 3 months ago
- Tai-e的Web插件☆23Updated last year
- 用于快速启动tabby 分析漏洞或者gadget的环境☆94Updated 6 months ago
- 构造字节在ASCII范围内的jar☆138Updated 3 years ago
- ☆25Updated last year
- Java表达式语句生成器☆194Updated 2 years ago
- Collection of CTF Web challenges I made☆53Updated 2 years ago
- 基于污点分析的JSP Webshell检测工具,模拟JVM的栈帧操作进行数据流分析,可以检测出各种变形的JSP Webshell☆21Updated 4 years ago
- JDBC Attack Tricks☆154Updated 2 years ago
- 之前方便自己研究RASP原理和绕过时顺手写的,用于快速启动和重置RASP环境☆71Updated last year
- Fenrir 是一个基于 MCP 协议与 AST 技术的代码审计工具,旨在解决安全研究与自动化代码审计领域中,面对大规模、结构复杂甚至反编译代码时,传统代码搜索与分析手段效率低、准确性差的问题。☆168Updated 3 months ago
- 不那么一样的 Java Agent 内存马☆289Updated 2 years ago
- 《Spring漏洞研究》☆47Updated 3 years ago
- CVE-2022-25845(fastjson1.2.80) exploit in Spring Env!☆106Updated last year
- ☆19Updated 2 years ago
- ☆32Updated last year