cokeBeer / go-cves
收录go语言编写的项目、框架和组件出现的cve,或者一些相关的利用方式的文章
☆38Updated 2 years ago
Alternatives and similar repositories for go-cves:
Users that are interested in go-cves are comparing it to the libraries listed below
- Spel-research☆26Updated 2 years ago
- Easy burp sign extension!☆54Updated last month
- A IntelliJ Plugin for Tabby to Find Vulnerabilities Easily☆33Updated 4 months ago
- java☆54Updated 2 years ago
- 是我阅读各种源码写的笔记☆71Updated 2 years ago
- ☆50Updated 2 years ago
- 编译原理学习代码仓库☆23Updated 3 years ago
- A vul-finder for loading CPG and automated finding vul-call-chains☆40Updated 5 months ago
- 代码审计自动化系统,底层架构为蜻蜓编排系统,墨菲SCA,fortify,SemGrep,hema☆27Updated last week
- 之前方便自己研究RASP原理和绕过时顺手写的,用于快速启动和重置RASP环境☆55Updated 5 months ago
- nativeRasp that can hook native methods☆23Updated last year
- ☆28Updated last year
- 在spring-aop中新发现的反序列化gadget-chain☆43Updated 2 months ago
- CVE-2021-43297 POC,Apache Dubbo<= 2.7.13时可以实现RCE☆38Updated 3 years ago
- 用来将Tai-e改造为开箱即用的静态代码安全分析框架的一些demo☆36Updated 11 months ago
- 一个简单的批量反编译jar包的小脚本☆35Updated 3 years ago
- [fastjson 1.2.80] CVE-2022-25845 aspectj fileread & groovy remote classload☆90Updated 2 years ago
- burp extension for SSRF☆27Updated last year
- 安全升级jar包时,辅助检测Java Archive (JAR) 包之间兼容性☆14Updated 8 months ago
- 一些结合第三方组件的Fastjson POC,在1.2.48以后版本中陆续被添加至黑名单。☆56Updated 5 years ago
- CodeQL 寻找 JNDI利用 Lookup接口☆163Updated 2 years ago
- 当死去的记忆突然开始攻击我,我终于想起了我还写过一款十分十分垃圾的 rasp 靶场。☆78Updated 2 years ago
- ☆35Updated 2 years ago
- JSHunter-一款针对于前端的未授权访问扫描工具☆20Updated 7 months ago
- 打CTF实在厌倦了找利用链,就知道一个fastjson的版本,一堆依赖找啊找,头都疼。为了解决这个烦恼,用了卓卓师傅的fastjson黑名单工具和库,自己改造了一下。☆32Updated 5 years ago
- 简单实现的 Java RASP☆35Updated 4 years ago
- 《Spring漏洞研究》☆45Updated 2 years ago
- Java 内存马生成插件☆50Updated last year
- Automatically scan jar packages by using ast to find fastjson gadgets. In particular, this project is limited to mining Gadgets that may …☆50Updated 3 years ago
- Extract React router info from React based website within browser☆27Updated 11 months ago