bfengj/CTF external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

bfengj/CTF

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/bfengj/CTF)

Close

bfengj / CTFView on GitHubMore

• External links
• Readme badge

关于我在CTF中的所有东西

☆429Sep 22, 2025Updated 7 months ago

Alternatives and similar repositories for CTF

Users that are interested in CTF are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• bfengj / Cloud-Security

  View on GitHub
  记录自己在云安全上的学习笔记等。
  ☆134Sep 18, 2024Updated last year
• Y4tacker / JavaSec

  View on GitHub
  a rep for documenting my study, may be from 0 to 0.1
  ☆2,266Mar 25, 2026Updated last month
• datouo / CTF-Java-Gadget

  View on GitHub
  CTF-Java-Gadget专注于收集CTF中Java赛题的反序列化片段
  ☆284Dec 13, 2024Updated last year
• Drun1baby / JavaSecurityLearning

  View on GitHub
  记录一下 Java 安全学习历程，也算是半条学习路线了
  ☆1,344Jun 26, 2025Updated 10 months ago
• achuna33 / Memoryshell-JavaALL

  View on GitHub
  收集内存马打入方式
  ☆507May 20, 2022Updated 3 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• Whoopsunix / JavaRce

  View on GitHub
  Common Exploitation Techniques for Java RCE Vulnerabilities in Real-World Scenarios | 实战场景较通用的 Java Rce 相关漏洞的利用方式
  ☆546Mar 6, 2025Updated last year
• SummerSec / JavaLearnVulnerability

  View on GitHub
  Java漏洞学习笔记 Deserialization Vulnerability
  ☆943Jun 14, 2023Updated 2 years ago
• phith0n / JavaThings

  View on GitHub
  Share Things Related to Java - Java安全漫谈笔记相关内容
  ☆2,009Apr 9, 2025Updated last year
• Maskhe / javasec

  View on GitHub
  自己学习java安全的一些总结，主要是安全审计相关
  ☆1,700Jan 5, 2022Updated 4 years ago
• pen4uin / java-memshell-generator

  View on GitHub
  一款支持自定义的 Java 内存马生成工具｜A customizable Java in-memory webshell generation tool.
  ☆2,188Aug 21, 2025Updated 8 months ago
• HackJava / HackJava

  View on GitHub
  《Java安全-只有Java安全才能拯救宇宙》Only Java Security Can Save The Universe.
  ☆2,881Aug 4, 2023Updated 2 years ago
• Firebasky / Java

  View on GitHub
  关于学习java安全的一些知识,正在学习中ing,欢迎fork and star
  ☆792Jul 11, 2023Updated 2 years ago
• javaweb-sec / javaweb-sec

  View on GitHub
  ☆1,065Jun 6, 2025Updated 10 months ago
• vulhub / java-chains

  View on GitHub
  Java Vulnerability Exploitation Platform
  ☆2,036Apr 10, 2026Updated 3 weeks ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• bitterzzZZ / MemoryShellLearn

  View on GitHub
  分享几个直接可用的内存马，记录一下学习过程中看过的文章
  ☆982Mar 23, 2022Updated 4 years ago
• W01fh4cker / LearnJavaMemshellFromZero

  View on GitHub
  【三万字原创】完全零基础从0到1掌握Java内存马，公众号：追梦信安
  ☆994May 25, 2025Updated 11 months ago
• ax1sX / SecurityList

  View on GitHub
  A list for Web Security and Code Audit
  ☆1,230Dec 3, 2024Updated last year
• H3rmesk1t / Security-Learning

  View on GitHub
  对于安全学习的一些总结，更新ing，期待 Fork & Star！
  ☆345Dec 26, 2023Updated 2 years ago
• safe6Sec / Fastjson

  View on GitHub
  Fastjson姿势技巧集合
  ☆1,841Oct 20, 2023Updated 2 years ago
• lemono0 / FastJsonParty

  View on GitHub
  FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本)，主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用
  ☆1,205Jul 12, 2024Updated last year
• KimJun1010 / inspector

  View on GitHub
  IDEA代码审计辅助插件（深信服深蓝实验室天威战队强力驱动）
  ☆584Mar 10, 2025Updated last year
• Marven11 / Fenjing

  View on GitHub
  专为CTF设计的Jinja2 SSTI全自动绕WAF脚本 | A Jinja2 SSTI cracker for bypassing WAF, designed for CTF
  ☆1,269Updated this week
• luelueking / Deserial_Sink_With_JDBC

  View on GitHub
  Some ReadObject Sink With JDBC
  ☆245May 8, 2024Updated last year
• End-to-end encrypted email - Proton Mail • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
• tabby-sec / tabby

  View on GitHub
  A CAT called tabby ( Code Analysis Tool )
  ☆1,647Jan 17, 2026Updated 3 months ago
• Getshell / Mshell

  View on GitHub
  Memshell-攻防内存马研究
  ☆961Apr 13, 2025Updated last year
• Zjackky / CodeScan

  View on GitHub
  一款轻量级匹配Sink点的代码审计扫描器，为了帮助红队过程中快速代码审计的小工具
  ☆408Oct 6, 2024Updated last year
• yuyan-sec / RedisEXP

  View on GitHub
  Redis 漏洞利用工具
  ☆942Jan 26, 2025Updated last year
• X1r0z / JNDIMap

  View on GitHub
  A powerful JNDI injection exploitation framework that supports RMI, LDAP and LDAPS protocols, including various bypass methods for high-v…
  ☆581Feb 4, 2026Updated 2 months ago
• pen4uin / java-echo-generator

  View on GitHub
  一款支持自定义的 Java 回显载荷生成工具｜A customizable Java echo payload generation tool.
  ☆464Jan 12, 2025Updated last year
• LandGrey / spring-boot-upload-file-lead-to-rce-tricks

  View on GitHub
  spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧
  ☆754Apr 14, 2021Updated 5 years ago
• Fushuling / TaintScaner

  View on GitHub
  一款基于污点分析的PHP扫描工具，能快速匹配从常见Source点如$_POST、$GET到Sink点system等的路径，同时支持单独对函数的扫描。
  ☆173Apr 10, 2025Updated last year
• c0ny1 / java-object-searcher

  View on GitHub
  java内存对象搜索辅助工具
  ☆823Sep 23, 2022Updated 3 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• waderwu / javaDeserializeLabs

  View on GitHub
  javaDeserializeLabs
  ☆70Apr 18, 2023Updated 3 years ago
• yulate / jdbc-tricks

  View on GitHub
  《深入JDBC安全：特殊URL构造与不出网反序列化利用技术揭秘》对应研究总结项目 "Deep Dive into JDBC Security: Special URL Construction and Non-Networked Deserialization Explo…
  ☆578Feb 7, 2026Updated 2 months ago
• jar-analyzer / jar-analyzer

  View on GitHub
  Jar Analyzer - 一个 JAR 包 GUI 分析工具，方法调用关系搜索，方法调用链 DFS 算法分析，模拟 JVM 的污点分析验证 DFS 结果，字符串搜索，Java Web 组件入口分析，CFG 程序分析，JVM 栈帧分析，自定义表达式搜索，紧跟 AI 技术发…
  ☆2,069Apr 11, 2026Updated 3 weeks ago
• CTF-Archives / ctf-docker-template

  View on GitHub
  Deployment template for docker target machine in ctf for CTFd and other platforms that support dynamic flags
  ☆408Nov 14, 2025Updated 5 months ago
• ReaJason / MemShellParty

  View on GitHub
  一款专注于 Java 主流 Web 中间件的内存马快速生成工具，致力于简化安全研究人员和红队成员的工作流程，提升攻防效率
  ☆1,434Updated this week
• W01fh4cker / LearnFastjsonVulnFromZero-Improvement

  View on GitHub
  【两万字原创】零基础学fastjson漏洞（提高篇），公众号：追梦信安
  ☆212Dec 7, 2023Updated 2 years ago
• Y4er / ysoserial

  View on GitHub
  ysoserial修改版，着重修改ysoserial.payloads.util.Gadgets.createTemplatesImpl使其可以通过引入自定义class的形式来执行命令、内存马、反序列化回显。
  ☆766Jan 11, 2024Updated 2 years ago