Lucifaer / head_first_javaraspView external linksLinks
一些Java RASP demo
☆11Sep 26, 2019Updated 6 years ago
Alternatives and similar repositories for head_first_javarasp
Users that are interested in head_first_javarasp are comparing it to the libraries listed below
Sorting:
- ☆41Mar 10, 2021Updated 4 years ago
- 参赛所用的sshop平台☆11Jun 26, 2018Updated 7 years ago
- 基于JVM-Sandbox实现RASP安全监控防护☆53Aug 8, 2023Updated 2 years ago
- 近年来容器安全相关论文收集整理☆15May 26, 2023Updated 2 years ago
- ☆16Jan 5, 2021Updated 5 years ago
- 一个抓取phpinfo重要信息的小工具☆29Mar 5, 2019Updated 6 years ago
- Challenges I created for 35c3☆48Dec 31, 2018Updated 7 years ago
- ☆38Oct 26, 2021Updated 4 years ago
- LANGZI_SRC_安全巡航 是一款集成漏扫,验证,资产监控,自动复现并且生成结果表报的工具,实现初衷是为了帮助白帽子在SRC中节约时间成本的自动化工具。☆14Jul 7, 2019Updated 6 years ago
- Goal Go Red-Team 工具类☆44Jan 15, 2025Updated last year
- ☆17May 29, 2018Updated 7 years ago
- Native Java serialization filter blacklist for common gadgets☆20Sep 12, 2019Updated 6 years ago
- ☆22Nov 3, 2022Updated 3 years ago
- [NDSS 2024] ReqsMiner is an innovative fuzzing framework developed to discover previously unexamined inconsistencies in CDN forwarding re…☆25Jun 27, 2024Updated last year
- Java agent without file 无文件的Java agent☆82Apr 7, 2022Updated 3 years ago
- My solution for GitHub Security Lab CTF 4: CodeQL and Chill - The Java Edition☆19Jun 10, 2020Updated 5 years ago
- 手把手教你写IAST系列☆24Jan 12, 2024Updated 2 years ago
- Spring Boot Actuator + Spring Cloud Vul Env☆19Dec 25, 2019Updated 6 years ago
- 当死去的记忆突然开始攻击我,我终于想起了我还写过一款十分十分垃圾的 rasp 靶场。☆79Jul 21, 2022Updated 3 years ago
- Artifact for ICSE 2023☆50Sep 24, 2022Updated 3 years ago
- CVE-2021-22205 Gitlab 未授权远程代码执行漏洞 EXP, 移除了对djvumake & djvulibre的依赖,可在win平台使用☆23Oct 30, 2021Updated 4 years ago
- ☆83Jan 11, 2018Updated 8 years ago
- A Java runtime information-gathering tool which uses the Java Attach API for information acquisition☆204Apr 26, 2021Updated 4 years ago
- recon.cloud is website that scans AWS, Azure and GCP public cloud footprint this GO tool only utilize its API for getting result to termi…☆25Feb 11, 2023Updated 3 years ago
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆212May 19, 2020Updated 5 years ago
- 汉化的CTFd☆21Oct 7, 2018Updated 7 years ago
- A static byte code analyzer for Java deserialization gadget research☆252Apr 17, 2017Updated 8 years ago
- ☆28Jan 24, 2024Updated 2 years ago
- nativeRasp that can hook native methods☆24Apr 24, 2023Updated 2 years ago
- 基于nsjail的CTF竞赛Docker环境☆24Jul 30, 2018Updated 7 years ago
- ☆32May 27, 2024Updated last year
- ☆27Jun 7, 2022Updated 3 years ago
- 就是一个练习RMI反序列化的最简单环境☆30Jan 8, 2022Updated 4 years ago
- 🐍 The Offensive Python☆20Jun 4, 2021Updated 4 years ago
- Apache Tomcat + MongoDB Remote Code Execution☆113Jan 15, 2021Updated 5 years ago
- 一个利用ASM对字节码进行污点传播分析的静态代码审计应用(添加了大量代码注释,适合大家进行源码学习)。也加入了挖掘Fastjson反序列化gadget chains和SQLInject(JdbcTemplate、MyBatis、JPA、Hibernate、原生jdbc等)静…☆458Mar 24, 2022Updated 3 years ago
- 一个Java攻击框架☆23Nov 27, 2020Updated 5 years ago
- Atropos: Effective Fuzzing of Web Applications for Server-Side Vulnerabilities☆75Aug 15, 2024Updated last year
- ☆34Nov 4, 2018Updated 7 years ago