Alternatives and similar repositories for Web-Security

Users that are interested in Web-Security are comparing it to the libraries listed below

• waderwu / javaDeserializeLabs
  javaDeserializeLabs
  ☆69Updated 2 years ago
• Drun1baby / CTF-Repo-2023
  2023 各大 CTF 的比赛附件
  ☆49Updated 2 years ago
• luelueking / Deserial_Sink_With_JDBC
  Some ReadObject Sink With JDBC
  ☆233Updated last year
• Firebasky / ctf-Challenge
  是一些比赛中的好题，加上自己出的一些。。。
  ☆43Updated 3 years ago
• FuckPHP / FuckPHP
  《PHP安全-只有PHP安全才能拯救世界》Only PHP Security Can Save The World.
  ☆156Updated 2 years ago
• yuanhaiGreg / Fuzz-Dict
  一些常见字典
  ☆171Updated 3 years ago
• kezibei / fastjson_payload
  ☆223Updated last month
• W01fh4cker / LearnFastjsonVulnFromZero-Basic
  【两万字原创】零基础学fastjson漏洞（基础篇），公众号：追梦信安
  ☆164Updated 8 months ago
• datouo / CTF-Java-Gadget
  CTF-Java-Gadget专注于收集CTF中Java赛题的反序列化片段
  ☆255Updated 7 months ago
• Fushuling / TaintScaner
  一款基于污点分析的PHP扫描工具，能快速匹配从常见Source点如$_POST、$GET到Sink点system等的路径，同时支持单独对函数的扫描。
  ☆133Updated 3 months ago
• woodpecker-appstore / jexpr-encoder-utils
  Java表达式语句生成器
  ☆191Updated last year
• yzddmr6 / Java-Js-Engine-Payloads
  Java Js Engine Payloads All in one
  ☆274Updated last year
• kezibei / Urldns
  ☆329Updated 11 months ago
• ax1sX / RouteCheck-Alpha
  A Java Route Collection Tool
  ☆97Updated 11 months ago
• Macr0phag3 / dibber
  用于自动搜索 Python 沙箱逃逸、SSTI 攻击链的小工具
  ☆37Updated 5 months ago
• p1n93r / SpringBootAdmin-thymeleaf-SSTI
  SpringBootAdmin-thymeleaf-SSTI which can cause RCE
  ☆80Updated last year
• phith0n / vueinfo
  Extract website information from Vue
  ☆275Updated last year
• YYHYlh / Apache-Dubbo-CVE-2023-23638-exp
  Apache Dubbo (CVE-2023-23638)漏洞利用的工程化实践
  ☆225Updated last year
• AFKL1919 / CTF-Challenges
  A collection of all the CTF challenges I have made.
  ☆10Updated 2 years ago
• 0range-x / dragon-lab
  ☆56Updated last year
• Y4tacker / HackingFernFlower
  2023白帽补天大会部分代码
  ☆124Updated last year
• crushforyou / 2025hvv-poc
  记录2025hvvpoc
  ☆39Updated last week
• ccdr4gon / Dr4gonSword
  ☆96Updated last year
• kyo-w / router-router
  Java web路由内存分析工具
  ☆433Updated last month
• fine-1 / php-SER-libs
  php反序列化靶场，集合了常见的php反序列化漏洞——由这周末在做梦制作
  ☆148Updated 3 years ago
• l3yx / jdwp-codeifier
  基于 jdwp-shellifier 的进阶JDWP漏洞利用脚本（动态执行Java/Js代码并获得回显）
  ☆299Updated 6 months ago
• X3NNY / sstilabs
  A lab to help you learning SSTI
  ☆107Updated last year
• wa1ki0g / NoAuth
  java-web 自动化鉴权绕过
  ☆314Updated 3 months ago
• luelueking / RuoYi-v4.7.8-RCE-POC
  ☆241Updated last year
• wh1t3p1g / tabby-path-finder
  A neo4j procedure for tabby
  ☆125Updated last month