angelwhu / jvm-raspView external linksLinks
基于JVM-Sandbox实现RASP安全监控防护
☆53Aug 8, 2023Updated 2 years ago
Alternatives and similar repositories for jvm-rasp
Users that are interested in jvm-rasp are comparing it to the libraries listed below
Sorting:
- 一些Java RASP demo☆11Sep 26, 2019Updated 6 years ago
- Java After-Deserialization Attack☆79Apr 26, 2021Updated 4 years ago
- A Java runtime information-gathering tool which uses the Java Attach API for information acquisition☆204Apr 26, 2021Updated 4 years ago
- 🚀Faster Github Monitor🚀☆104Jan 7, 2023Updated 3 years ago
- ☆28Jul 18, 2020Updated 5 years ago
- HTTP/HTTPS proxy server by golang [high performance version]☆54Jul 25, 2020Updated 5 years ago
- Eagle is a Web Application Attack and Audit Framework. Eagle has moved to Bitbucket.☆11Nov 21, 2016Updated 9 years ago
- IAST 灰盒扫描工具☆448Jul 19, 2022Updated 3 years ago
- ☆16Jan 5, 2021Updated 5 years ago
- ☆41Mar 10, 2021Updated 4 years ago
- Static code auditing system☆468Jan 8, 2021Updated 5 years ago
- ☆835Jun 7, 2022Updated 3 years ago
- 一个利用ASM对字节码进行污点传播分析的静态代码审计应用(添加了大量代码注释,适合大家进行源码学习)。也加入了挖掘Fastjson反序列化gadget chains和SQLInject(JdbcTemplate、MyBatis、JPA、Hibernate、原生jdbc等)静…☆458Mar 24, 2022Updated 3 years ago
- bypass JEP290 RaspHook code☆63Sep 21, 2020Updated 5 years ago
- ☆153Jun 24, 2019Updated 6 years ago
- 利用agent hock指定的class,在jar运行周期内,用于跟踪被执行的方法,辅助做一些事情,比如挖洞啊☆125Jul 17, 2020Updated 5 years ago
- TongASDP漏洞测试环境☆35Mar 22, 2023Updated 2 years ago
- Native Java serialization filter blacklist for common gadgets☆20Sep 12, 2019Updated 6 years ago
- 基于burpsuite headless 的代理式被动扫描系统☆97Feb 10, 2020Updated 6 years ago
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆212May 19, 2020Updated 5 years ago
- MySQL JDBC Deserialization Payload / MySQL客户端jdbc反序列化漏洞payload☆13Feb 8, 2020Updated 6 years ago
- ☆19Mar 13, 2019Updated 6 years ago
- 基于Flink实现实时冰蝎(Behinder)流量检测☆39Sep 30, 2019Updated 6 years ago
- Binary rewriting approach with fork server support to fuzz Java applications with afl-fuzz.☆91May 3, 2018Updated 7 years ago
- 一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-442…☆126Dec 11, 2021Updated 4 years ago
- ☆42Jul 23, 2019Updated 6 years ago
- woodpecker-framework框架http发包库,专门为漏洞检测与利用场景设计。☆72Nov 5, 2025Updated 3 months ago
- JAVA IAST Example☆49Dec 13, 2021Updated 4 years ago
- ☆11Dec 1, 2023Updated 2 years ago
- 超硬核!使用图数据技术发现软件漏洞☆185Sep 1, 2021Updated 4 years ago
- ☆131Jun 17, 2022Updated 3 years ago
- 用于检测python项目的第三方依赖组件是否存在安全漏洞。☆23Aug 11, 2020Updated 5 years ago
- ☆28Sep 11, 2019Updated 6 years ago
- A Flexible Log Analysis System Based on Golang and Lua-Plugins. 插件化的准实时日志分析系统。☆95Jan 11, 2021Updated 5 years ago
- Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynam…☆696Dec 25, 2023Updated 2 years ago
- Web Security Technology & Vulnerability Analysis Whitepapers☆549Jan 1, 2019Updated 7 years ago
- Some payloads of JNDI Injection in JDK 1.8.0_191+☆484Dec 9, 2020Updated 5 years ago
- PHP Runtime Vulnerability Detection☆483May 25, 2019Updated 6 years ago
- 参赛所用的sshop平台☆11Jun 26, 2018Updated 7 years ago