Alternatives and similar repositories for hacking-espresso

Users that are interested in hacking-espresso are comparing it to the libraries listed below

• h3h3qaq / JDK-CodeQLDB-Builder
  使用 Docker 一键构建 JDK 源码的 CodeQL 数据库，方便使用 CodeQL 查找 JDK 中的数据。
  ☆27Updated 6 months ago
• yulate / ReflectorMate
  idea插件，快速生成反序列化中常用的方法，比如setFieldValue、createTemplatesImpl等
  ☆29Updated last year
• l3yx / Java-RASP-Research-Env
  之前方便自己研究RASP原理和绕过时顺手写的，用于快速启动和重置RASP环境
  ☆71Updated last year
• tabby-sec / tabby-vul-finder
  A vul-finder for loading CPG and automated finding vul-call-chains
  ☆67Updated 4 months ago
• yulate / tabby-pipeline
  用于快速启动tabby 分析漏洞或者gadget的环境
  ☆90Updated 4 months ago
• yezere / codeql_n1ght
  方便自己搭建codeql环境和数据库的工具。
  ☆57Updated 3 months ago
• Whoopsunix / utf-8-overlong-encoding
  抽离出 utf-8-overlong-encoding 的序列化逻辑，实现 2 3 字节加密序列化数组
  ☆139Updated last year
• luelueking / ClazzSearcher
  一款使用Yaml定义搜索规则来搜索Class的工具
  ☆107Updated 2 years ago
• lcark / Tai-e-demo
  用来将Tai-e改造为开箱即用的静态代码安全分析框架的一些demo
  ☆37Updated last year
• Esonhugh / My-Cloud-Security
  [ALL IN ONE] Everything that I shared to public about Cloud Security is here.
  ☆59Updated 7 months ago
• tabby-sec / tabby-intellij-plugin
  A IntelliJ Plugin for Tabby to Find Vulnerabilities Easily
  ☆37Updated last year
• chainreactors / tinyctfer
  antix's baby intent runtime and meta-tooling design.
  ☆43Updated this week
• X1r0z / ClassNameObfuscator
  基于多种策略, 对已有 JAR 包中的全限定类名进行变换, 无限生成高度相似的虚假类名
  ☆18Updated 4 months ago
• Whoopsunix / PPPRASP
  JavaRce complements project - use RASP to prevent vulnerabilities
  ☆23Updated last year
• cwkiller / ClassLinefix
  Java bytecode line number restoration tool
  ☆98Updated 3 months ago
• Java-Chains / chains-plugin-demo
  Java Chains 插件编写 demo
  ☆13Updated 9 months ago
• DawnT0wn / Learning-History
  在学习过程中的一些记录
  ☆22Updated 2 months ago
• BofeiC / JDD-PocLearning
  ☆24Updated last year
• WDLegend / gokart-2
  ☆18Updated 11 months ago
• Le1a / JarLibsConsolidator
  一个IDEA插件：一键收集项目中所有jar包依赖的工具插件。遍历项目目录收集所有jar文件，复制到all-in-one文件夹，并自动添加为项目库。
  ☆49Updated last month
• Y4Sec-Team / no-templates
  如果反序列化过程中使用resolveClass拉黑了TemplatesImpl如何绕过
  ☆52Updated 2 years ago
• ReaJason / No-one
  Next Generation Java WebShell Manager
  ☆54Updated 2 months ago
• Y4Sec-Team / mysql-jdbc-tricks
  JDBC Attack Tricks
  ☆153Updated 2 years ago
• unam4 / java_gadget_flow
  一些总结出来的gadget的flow，后续合适和加入新的flow
  ☆45Updated 11 months ago
• Y4Sec-Team / CVE-2023-21939
  JDK CVE-2023-21939
  ☆94Updated 2 years ago
• h3h3qaq / JavaDecompiler
  一个基于 Vineflower 引擎的多线程 Java 批量反编译工具，支持快速处理大量的 class 文件和 JAR 文件。
  ☆55Updated 7 months ago
• luelueking / CVE-2022-25845-In-Spring
  CVE-2022-25845(fastjson1.2.80) exploit in Spring Env!
  ☆99Updated last year
• Ape1ron / davinci
  多组件客户端
  ☆74Updated 7 months ago
• phith0n / tls_proxy
  A lightweight reverse proxy server that converts TLS traffic to TCP, allowing secure communication between clients and upstream servers.
  ☆77Updated last year
• cwkiller / JDBC-PROXY-Bypass
  利用代理驱动绕过JDBC Attack检测
  ☆136Updated 5 months ago