Tr0e/JavaSinkTracer external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Tr0e/JavaSinkTracer

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Tr0e/JavaSinkTracer)

Close

Tr0e / JavaSinkTracerView on GitHubMore

• External links
• Readme badge

基于Python javalang库开发的一款轻量级Java源代码审计工具，by Tr0e

☆73Oct 23, 2025Updated 5 months ago

Alternatives and similar repositories for JavaSinkTracer

Users that are interested in JavaSinkTracer are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• guchangan1 / CodeVulnScan

  View on GitHub
  CodeVulnScan 是一款基于正则表达式的代码安全审计工具，专为红队成员快速定位sink设计。它能够快速扫描目标代码库，定位潜在的漏洞 Sink 点，提升代码审计效率。
  ☆65Feb 11, 2026Updated last month
• Zacarx / JavaSinkTracer_MCP

  View on GitHub
  基于函数级污点分析的 Java 源代码漏洞审计工具JavaSinkTracer，通过 Model Context Protocol (MCP) 为 AI 助手提供安全分析能力。
  ☆109Oct 7, 2025Updated 6 months ago
• Ed1s0nZ / AIMergeBot

  View on GitHub
  AIMergeBot：基于AI的自动化代码安全审查工具，通过ReAct + MCP架构，智能分析合并请求（MR/PR），助力高效发现和防控安全风险。
  ☆61Aug 3, 2025Updated 8 months ago
• j5s / SpringInspector

  View on GitHub
  针对于Spring框架的自动Java代码审计工具
  ☆37Jan 24, 2022Updated 4 years ago
• winezer0 / XSAST-Python

  View on GitHub
  X-SAST 替代Seay的多语言、轻量、快速、代码审计工具 (Python版本)
  ☆126Feb 10, 2026Updated last month
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• Chave0v0 / YONYOU-TOOL

  View on GitHub
  用友漏洞综合利用工具
  ☆265Nov 9, 2024Updated last year
• Nbccccc / FinderFuzz

  View on GitHub
  用于渗透测试的WebFuzz扫描工具
  ☆37Aug 3, 2025Updated 8 months ago
• MD-SEC / Anti_AntSword

  View on GitHub
  蚁剑反制马
  ☆13Aug 16, 2023Updated 2 years ago
• Elitewa / ai_dirscan

  View on GitHub
  可用于AI进行自动目录扫描的MCP辅助工具
  ☆36Apr 16, 2025Updated 11 months ago
• SpringKill-team / CodeAuditAssistant

  View on GitHub
  🔍 CodeAuditAssistant - JetBrains Code Audit Plugin (Beta) ⚡ Deep Call-Chain Tracking | 🚀 Method/Class Search | 🔥 Prebuilt Vuln Sink…
  ☆784Mar 14, 2026Updated 3 weeks ago
• chasingboy / appsx

  View on GitHub
  appsx 是一款自动化信息收集｜敏感信息识别｜未授权漏洞扫描｜指纹识别｜常见漏洞扫描工具
  ☆64Dec 19, 2025Updated 3 months ago
• prepar-z / inspectorz

  View on GitHub
  Java 代码审计 idea 插件
  ☆26Mar 8, 2025Updated last year
• Java-Chains / chains-plugin-demo

  View on GitHub
  Java Chains 插件编写 demo
  ☆15Mar 5, 2025Updated last year
• ibaiw / wscan

  View on GitHub
  本来要自己写个脚本存放poc，发现有大佬已经写了个轮子，使用J2ExpSuite，后期添加POC
  ☆12Feb 17, 2023Updated 3 years ago
• NordVPN Special Discount Offer • Ad
  Save on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
• winezer0 / jxBrowserBrute

  View on GitHub
  基于Java jxbrowser 浏览器的登录枚举测试工具 (支持验证码识别)
  ☆13Jul 10, 2025Updated 8 months ago
• qianxiao996 / BurpSuite-FrameScan

  View on GitHub
  ☆40Nov 25, 2024Updated last year
• phpcalm / exceed

  View on GitHub
  一个功能强大的浏览器扩展程序，专门用于检测Web系统中的权限越权漏洞，适用于Web渗透测试。
  ☆43Oct 11, 2025Updated 5 months ago
• RuoJi6 / Code-Audit-Scanner

  View on GitHub
  jetbrains 编辑器代码审计插件，适配：phpStorm，webStorm，rider，IntelliJ IDEA，pyCharm
  ☆67Dec 25, 2025Updated 3 months ago
• f1tz / mcp-for-security-python

  View on GitHub
  一个为主流渗透测试工具打造的MCP服务器集合。 | A collection of Model Context Protocol servers for popular security tools like SQLMap, FFUF, NMAP, Masscan and …
  ☆35Jun 22, 2025Updated 9 months ago
• Neo-Maoku / MultiTshProxy

  View on GitHub
  tsh多终端代理通信
  ☆19Feb 26, 2025Updated last year
• Garck3h / killBehinderMemShell

  View on GitHub
  一款冰蝎内存马清除工具；冰蝎内存马卸载工具 ；内存马的查杀功能有待实现。
  ☆12Aug 20, 2023Updated 2 years ago
• LtmThink / SQLRecorder

  View on GitHub
  SQLRecorder是一个能够实时记录SQL语句的工具，方便代码审计时对SQL注入的实时关注。(A proxy to record all passing SQL statements.)
  ☆35Apr 5, 2025Updated last year
• 7-e1even / LFlow

  View on GitHub
  通过上下文进行流量分析
  ☆21Nov 7, 2025Updated 5 months ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• youki992 / YonYouNCPocTool

  View on GitHub
  用友NC漏洞批量检测工具，支持POC显示、单一检测、批量检测、结果导出、AI交互等
  ☆46Sep 8, 2025Updated 7 months ago
• Mr-xn / CVE-2025-54424

  View on GitHub
  CVE-2025-54424：1Panel 客户端证书绕过RCE漏洞 一体化工具 (扫描+利用)
  ☆57Aug 5, 2025Updated 8 months ago
• linqiu919 / trae2api

  View on GitHub
  ☆30Jun 27, 2025Updated 9 months ago
• MZgoudan / goudan-miguanshibieqi

  View on GitHub
  结合四大识别插件优点而集合的专业的全球蜜罐检测工具 - 支持35+种国际蜜罐平台，165+条检测规则。
  ☆76Aug 22, 2025Updated 7 months ago
• Roboterh / study_summary

  View on GitHub
  study_summary
  ☆10Aug 8, 2022Updated 3 years ago
• whgojp / JavaSecLab

  View on GitHub
  JavaSecLab is a comprehensive Java vulnerability platform｜​ JavaSecLab是一款综合型Java漏洞平台，提供相关漏洞缺陷代码、修复代码、漏洞场景、审计SINK点、安全编码规范，覆盖多种漏洞场景，友好用户交互U…
  ☆832Mar 23, 2025Updated last year
• Satan0x00 / IcpSearch

  View on GitHub
  批量查询域名备案；app；小程序
  ☆20May 28, 2025Updated 10 months ago
• ajest983 / Attack-Suricata-Rules

  View on GitHub
  此Suricata IDS Rules 用于检测网络攻击行为，支持常见C2工具/中间件漏洞利用/Frp隧道/HTTP隧道/TCP隧道/常见webshell/redis未授权/Shiro反序列化/Fastjson反序列化/挖矿/SQL注入等特征
  ☆26Sep 5, 2025Updated 7 months ago
• Zjackky / CodeScan

  View on GitHub
  一款轻量级匹配Sink点的代码审计扫描器，为了帮助红队过程中快速代码审计的小工具
  ☆409Oct 6, 2024Updated last year
• Simple, predictable pricing with DigitalOcean hosting • Ad
  Always know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
• caigo8 / PHPAuthScanner

  View on GitHub
  ☆65Oct 24, 2025Updated 5 months ago
• wuhenaaaaa / zookeeper

  View on GitHub
  Apache ZooKeeper
  ☆11Jul 4, 2023Updated 2 years ago
• J0o1ey / rips-Chinese

  View on GitHub
  本人三年前汉化的PHP代码审计工具rips
  ☆114Mar 6, 2022Updated 4 years ago
• Getshell / HAETAE

  View on GitHub
  神器獬廌-CobaltStrike综合框架
  ☆10Oct 15, 2022Updated 3 years ago
• h3h3qaq / JavaDecompiler

  View on GitHub
  一个基于 Vineflower 引擎的多线程 Java 批量反编译工具，支持快速处理大量的 class 文件和 JAR 文件。
  ☆58Apr 28, 2025Updated 11 months ago
• fankun99 / Gathery

  View on GitHub
  Gathery 是一款基于 PyQt5 开发的网络安全信息收集与分析工具，集成了多种实用的信息收集功能和小工具，帮助安全研究人员、渗透测试人员和网络管理员快速收集目标信息
  ☆19Jun 22, 2025Updated 9 months ago
• 0ofo / Deswing

  View on GitHub
  图形化Java反序列化利用工具，集成Ysoserial
  ☆353May 8, 2024Updated last year