ReAbout/audit-java external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

ReAbout/audit-java

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ReAbout/audit-java)

Close

ReAbout / audit-javaView on GitHubMore

• External links
• Readme badge

Java代码审计手册，关注于漏洞挖掘而非利用【持续更新】

☆200Nov 21, 2024Updated last year

Alternatives and similar repositories for audit-java

Users that are interested in audit-java are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• KimJun1010 / inspector

  View on GitHub
  IDEA代码审计辅助插件（深信服深蓝实验室天威战队强力驱动）
  ☆584Mar 10, 2025Updated last year
• proudwind / javasec_study

  View on GitHub
  java代码审计学习笔记
  ☆684Feb 24, 2020Updated 6 years ago
• pen4uin / java-echo-generator

  View on GitHub
  一款支持自定义的 Java 回显载荷生成工具｜A customizable Java echo payload generation tool.
  ☆462Jan 12, 2025Updated last year
• for-A1kaid / CodeAudit

  View on GitHub
  记录一些代码审计过的源码
  ☆183Feb 26, 2025Updated last year
• 7hang / --Java

  View on GitHub
  代码审计知识点整理-Java
  ☆531Jun 15, 2020Updated 5 years ago
• NordVPN Special Discount Offer • Ad
  Save on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
• 0xf4n9x / CDGXStreamDeserRCE

  View on GitHub
  亿赛通电子文档安全管理系统XStream反序列化漏洞任意文件上传利用
  ☆120Aug 9, 2024Updated last year
• Whoopsunix / JavaRce

  View on GitHub
  Common Exploitation Techniques for Java RCE Vulnerabilities in Real-World Scenarios | 实战场景较通用的 Java Rce 相关漏洞的利用方式
  ☆548Mar 6, 2025Updated last year
• Zjackky / CodeScan

  View on GitHub
  一款轻量级匹配Sink点的代码审计扫描器，为了帮助红队过程中快速代码审计的小工具
  ☆409Oct 6, 2024Updated last year
• lemono0 / FastJsonParty

  View on GitHub
  FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本)，主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用
  ☆1,195Jul 12, 2024Updated last year
• novysodope / javaeasyscan

  View on GitHub
  javaeasyscanner - 富婆系列，代码审计辅助工具，致力于解放大脑，方便双手
  ☆278Jun 18, 2024Updated last year
• Lotus6 / JavaGadgetGenerator

  View on GitHub
  JavaGadgetGenerator 工具，支持 ysoserial，Hessian，字节码，Expr/SSTI，Shiro，JDBC 等 Gadget 生成，封装，混淆，出网延迟探测，内存马注入等...
  ☆560Apr 3, 2026Updated last week
• kyo-w / router-router

  View on GitHub
  Java web路由内存分析工具
  ☆439May 22, 2025Updated 10 months ago
• SpringKill-team / CodeAuditAssistant

  View on GitHub
  🔍 CodeAuditAssistant - JetBrains Code Audit Plugin (Beta) ⚡ Deep Call-Chain Tracking | 🚀 Method/Class Search | 🔥 Prebuilt Vuln Sink…
  ☆784Mar 14, 2026Updated 3 weeks ago
• BambiZombie / FrchannelPlus

  View on GitHub
  帆软bi反序列化漏洞利用工具
  ☆191Mar 23, 2024Updated 2 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• k4i-x3i0 / jndiExploit-beta

  View on GitHub
  魔改版，实现冰蝎直连内存马，无需修改冰蝎客户端
  ☆76Jan 3, 2024Updated 2 years ago
• bmth666 / Yongyou-Unserialize-plus

  View on GitHub
  用友的一些反序列化链子以及1day，二开了狼组的YongYouNcTool，改了一下逻辑以及poc
  ☆125Oct 12, 2024Updated last year
• suizhibo / MemShellGene

  View on GitHub
  一款Java内存马生成、测试工具，搭配@ax1sX的MemShell食用。
  ☆263Feb 15, 2026Updated last month
• ReAbout / web-sec

  View on GitHub
  WEB安全手册(红队安全技能栈)，漏洞理解，漏洞利用，代码审计和渗透测试总结。【持续更新】
  ☆1,905Nov 7, 2025Updated 5 months ago
• pykiller / API-T00L

  View on GitHub
  互联网厂商API利用工具。
  ☆569Sep 13, 2024Updated last year
• wa1ki0g / NoAuth

  View on GitHub
  java-web 自动化鉴权绕过
  ☆380Apr 3, 2025Updated last year
• 0x727 / BypassPro

  View on GitHub
  对Auth/Waf 自动化bypass的burpsuite插件
  ☆1,120Feb 28, 2026Updated last month
• Y4tacker / JavaSec

  View on GitHub
  a rep for documenting my study, may be from 0 to 0.1
  ☆2,263Mar 25, 2026Updated 2 weeks ago
• lokerxx / JavaVul

  View on GitHub
  JAVA 安全靶场，IAST 测试用例，JAVA漏洞复现，代码审计，SAST测试用例，安全扫描（主动和被动），JAVA漏洞靶场，RASP测试用例 ； Java Security Testbed, IAST Test Cases, Java Vulnerability R…
  ☆283Mar 24, 2026Updated 2 weeks ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• cckuailong / JNDI-Injection-Exploit-Plus

  View on GitHub
  80+ Gadgets(30 More than ysoserial). JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and provide background serv…
  ☆873Jun 24, 2024Updated last year
• Chanzi-keji / chanzi

  View on GitHub
  "chanzi" is a simple and user-friendly JAVA SAST tool that utilizes taint analysis technology, includes built-in common vulnerability ru…
  ☆484Feb 1, 2026Updated 2 months ago
• Lotus6 / AutoRepeater

  View on GitHub
  Burp插件，自动化挖掘SSRF，Redirect，Sqli漏洞，自定义匹配参数
  ☆467Sep 10, 2023Updated 2 years ago
• Drun1baby / JavaSecurityLearning

  View on GitHub
  记录一下 Java 安全学习历程，也算是半条学习路线了
  ☆1,337Jun 26, 2025Updated 9 months ago
• evilashz / PigScheduleTask

  View on GitHub
  添加计划任务方法集合
  ☆310Aug 6, 2023Updated 2 years ago
• W01fh4cker / LearnFastjsonVulnFromZero-Improvement

  View on GitHub
  【两万字原创】零基础学fastjson漏洞（提高篇），公众号：追梦信安
  ☆211Dec 7, 2023Updated 2 years ago
• X1r0z / JNDIMap

  View on GitHub
  A powerful JNDI injection exploitation framework that supports RMI, LDAP and LDAPS protocols, including various bypass methods for high-v…
  ☆573Feb 4, 2026Updated 2 months ago
• kN6jq / JeecgCracker

  View on GitHub
  JeecgCracker 是一个专门针对 JeecgBoot 框架的密码爆破工具。
  ☆29Oct 29, 2024Updated last year
• TonyNPham / GodzillaPlugin-Suo5-MemProxy

  View on GitHub
  一款高性能 HTTP 内存代理 | 哥斯拉插件 | readteam | 红队 | 内存马 | Suo5 | Godzilla | 正向代理
  ☆288Aug 8, 2023Updated 2 years ago
• Wordpress hosting with auto-scaling on Cloudways • Ad
  Fully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
• iamHuFei / HVVault

  View on GitHub
  梳理【护网高利用率POC】并集成Nuclei模板仓库，针对解决网上同一资产漏洞一键检测工具参次不齐问题。
  ☆578Mar 21, 2024Updated 2 years ago
• Pizz33 / GoThief

  View on GitHub
  集成了截图 键盘记录 剪贴版功能，用于网络限制场景下的信息搜集
  ☆89May 18, 2024Updated last year
• jar-analyzer / jar-analyzer

  View on GitHub
  Jar Analyzer - 一个 JAR 包 GUI 分析工具，方法调用关系搜索，方法调用链 DFS 算法分析，模拟 JVM 的污点分析验证 DFS 结果，字符串搜索，Java Web 组件入口分析，CFG 程序分析，JVM 栈帧分析，自定义表达式搜索，紧跟 AI 技术发…
  ☆2,046Apr 3, 2026Updated last week
• W01fh4cker / LearnJavaMemshellFromZero

  View on GitHub
  【三万字原创】完全零基础从0到1掌握Java内存马，公众号：追梦信安
  ☆993May 25, 2025Updated 10 months ago
• TheBeastofwar / JenkinsExploit-GUI

  View on GitHub
  一款Jenkins的综合漏洞利用工具
  ☆465Mar 20, 2024Updated 2 years ago
• Lotus6 / ConfluenceMemshell

  View on GitHub
  Confluence CVE 2021，2022，2023 利用工具，支持命令执行，哥斯拉，冰蝎 内存马注入
  ☆557Feb 1, 2024Updated 2 years ago
• Adminxe / FileHunter

  View on GitHub
  钓鱼上线后渗透工具
  ☆132Feb 19, 2023Updated 3 years ago