Zacarx/JavaSinkTracer_MCP external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Zacarx/JavaSinkTracer_MCP

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Zacarx/JavaSinkTracer_MCP)

Close

Zacarx / JavaSinkTracer_MCPView on GitHubMore

• External links
• Readme badge

基于函数级污点分析的 Java 源代码漏洞审计工具JavaSinkTracer，通过 Model Context Protocol (MCP) 为 AI 助手提供安全分析能力。

☆103Oct 7, 2025Updated 4 months ago

Alternatives and similar repositories for JavaSinkTracer_MCP

Users that are interested in JavaSinkTracer_MCP are comparing it to the libraries listed below

• Tr0e / JavaSinkTracer

  View on GitHub
  基于Python javalang库开发的一款轻量级Java源代码审计工具，by Tr0e
  ☆71Oct 23, 2025Updated 4 months ago
• pap1rman / JNDIExploit-modify

  View on GitHub
  对原版JNDIExploit进行修改增加线程和JMX注入内存马
  ☆17Apr 23, 2025Updated 10 months ago
• sdfwesfe / cowcow

  View on GitHub
  一款支持 目录扫描(可配合熊猫头)+自动绕403+敏感匹配 等的小脚本工具，目前此脚本属于创始测试版，后续会继续升级！！！CowCow🐂🐂
  ☆18Dec 27, 2024Updated last year
• soot-oss / SootUp-Examples

  View on GitHub
  Example code to help getting start with SootUp
  ☆14Aug 7, 2025Updated 6 months ago
• zan8in / aries

  View on GitHub
  Aries is a free and open-source network scanner, support SYN scanning mode.
  ☆34Sep 9, 2023Updated 2 years ago
• winmin / ida-pro-mcp

  View on GitHub
  AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.
  ☆44Feb 12, 2026Updated 2 weeks ago
• YoDiDi / cors-jsonp

  View on GitHub
  就是一个burp插件啦(ÒܫÓױ)
  ☆17Sep 9, 2021Updated 4 years ago
• WDLegend / gokart-2

  View on GitHub
  ☆18Dec 25, 2024Updated last year
• czz1233 / primary-java

  View on GitHub
  😁java基础知识😮 互联网 Java 工程师进阶知识完全扫盲🤗面试指南↪Java学习
  ☆22Jan 15, 2026Updated last month
• Vistaminc / AuditLuma

  View on GitHub
  AuditLuma是一个AI+智能体代码审计系统，它利用多个AI代理和先进的技术，包括多代理合作协议（MCP）和Self-RAG（检索增强生成），为代码库提供全面的安全分析，目前已经支持ollama部署的本地大模型
  ☆222Aug 1, 2025Updated 6 months ago
• darkfiv / PromptInjectionScanner

  View on GitHub
  ☆105Dec 8, 2025Updated 2 months ago
• Niiiiko / FastjsonScan4Burp

  View on GitHub
  FastjsonScan4Burp 一款基于burp被动扫描的fastjson漏洞探测插件，可针对数据包中存在json的参数或请求体进行payload测试。旨在帮助安全人员更加便捷的发现、探测、深入利用fastjson漏洞，目前已实现fastjson探测、版本、依赖探测、出…
  ☆157Mar 13, 2025Updated 11 months ago
• Claradoll / Security_Learning

  View on GitHub
  ☆22Dec 5, 2022Updated 3 years ago
• wwsuixin / ws_tools

  View on GitHub
  ☆22Nov 25, 2024Updated last year
• AQF0R / FUCK_AWD_TOOLS

  View on GitHub
  AWD
  ☆25Aug 22, 2023Updated 2 years ago
• 0range-x / dragon-lab

  View on GitHub
  ☆57Nov 28, 2023Updated 2 years ago
• test502git / SScan

  View on GitHub
  一款src捡洞扫描器
  ☆25Jan 13, 2021Updated 5 years ago
• for-A1kaid / CodeAudit

  View on GitHub
  记录一些代码审计过的源码
  ☆182Feb 26, 2025Updated last year
• SpringJasmine / Jasmine

  View on GitHub
  ☆30Aug 30, 2022Updated 3 years ago
• outlaws-bai / GalaxyDemo

  View on GitHub
  HTTP报文加密的具体实现，用于测试 https://github.com/outlaws-bai/Galaxy
  ☆33Dec 29, 2025Updated 2 months ago
• hmKunlun / Chypass

  View on GitHub
  ☆34Mar 6, 2025Updated 11 months ago
• guchangan1 / CodeVulnScan

  View on GitHub
  CodeVulnScan 是一款基于正则表达式的代码安全审计工具，专为红队成员快速定位sink设计。它能够快速扫描目标代码库，定位潜在的漏洞 Sink 点，提升代码审计效率。
  ☆61Feb 11, 2026Updated 2 weeks ago
• hmKunlun / deepulse

  View on GitHub
  ☆32May 9, 2025Updated 9 months ago
• xz-zone / burp_history

  View on GitHub
  Burp Suite HTTP traffic monitoring & management extension for security testers
  ☆57Feb 4, 2026Updated 3 weeks ago
• 123654mjx / ICPAssetExpress

  View on GitHub
  一款互联网有效资产发现工具，方便快速对多个企业进行信息收集（目前基于360 quake 会员api）
  ☆124Oct 10, 2025Updated 4 months ago
• winmin / Be-a-Docker-Escaper

  View on GitHub
  The container escape challenge of Be A RWCTFer competition (https://be-a-rwctfer.realworldctf.com/)
  ☆61Mar 20, 2025Updated 11 months ago
• xz-zone / Webpack_extract

  View on GitHub
  Hengge team develops JavaScript specifically for loading Webpack for batch reading
  ☆51Dec 25, 2025Updated 2 months ago
• tangxiaofeng7 / smartscan

  View on GitHub
  burpsuite插件-被动无感识别指纹-主动poc扫描
  ☆29Sep 13, 2024Updated last year
• Qi4l-Labs / RLscan

  View on GitHub
  强化学习 + 端口扫描
  ☆128Feb 23, 2025Updated last year
• w-sega / Parsing

  View on GitHub
  Parsing 是一个 Chrome 插件，选择ai分析当前页面的Js代码，内置提示词，不再需要单拎js。以及信息收集功能，提升渗透测试效率。
  ☆53Jan 28, 2026Updated last month
• zangcc / Java_Risky_Functions

  View on GitHub
  Java 代码审计-存在风险的函数汇总。方便我们日常代码审计过程中快速定位漏洞点，配合静态代码分析工具做到事半功倍。Java code audit - summary of risky functions. It is convenient for us to quickl…
  ☆31Jul 16, 2024Updated last year
• zelat / BurpCopilot

  View on GitHub
  基于AI的BurpSuite漏洞分析插件
  ☆11Sep 21, 2023Updated 2 years ago
• PortSwigger / copy-as-python-requests

  View on GitHub
  Copy as requests plugin for Burp Suite
  ☆67Sep 24, 2024Updated last year
• duckpigdog / XSS-Sec

  View on GitHub
  本项目是一个以“实战为导向”的 XSS 漏洞练习靶场，覆盖反射型、存储型、DOM 型、SVG、CSP、框架注入、协议绕过等多种场景。页面样式统一，逻辑清晰，适合系统化学习与教学演示
  ☆21Jan 10, 2026Updated last month
• SummerSec / Static-Analysis

  View on GitHub
  静态分析笔记 Static-Analysis-Notes 程序分析笔记 资源分享
  ☆187Jan 11, 2023Updated 3 years ago
• z-bool / SQLDownload

  View on GitHub
  内网大型数据拖库解决方案，隧道不稳定时将内网数据库保存为csv格式文件
  ☆35Nov 1, 2023Updated 2 years ago
• A0WaQ4 / BurpText4ShellScan

  View on GitHub
  Text4Shell的burp被动扫描插件
  ☆36Dec 29, 2022Updated 3 years ago
• LtmThink / SQLRecorder

  View on GitHub
  SQLRecorder是一个能够实时记录SQL语句的工具，方便代码审计时对SQL注入的实时关注。(A proxy to record all passing SQL statements.)
  ☆36Apr 5, 2025Updated 10 months ago
• 0ofo / java-memshell

  View on GitHub
  Java内存马教程
  ☆122Jul 8, 2025Updated 7 months ago