Alternatives and similar repositories for go-sec-code

Users that are interested in go-sec-code are comparing it to the libraries listed below

• cokeBeer / go-cves
  收录go语言编写的项目、框架和组件出现的cve，或者一些相关的利用方式的文章
  ☆41Updated 2 years ago
• Ciyfly / Source_code_learning
  是我阅读各种源码写的笔记
  ☆73Updated 2 years ago
• ASTTeam / DAST
  《深入理解DAST动态应用程序安全测试》Dynamic Application Security Testing.
  ☆53Updated 2 years ago
• yaklang / ssa.to
  https://ssa.to main page for ssa compiler utils
  ☆47Updated 2 weeks ago
• 78778443 / swallow
  代码审计自动化系统,底层架构为蜻蜓编排系统,墨菲SCA,fortify,SemGrep,hema
  ☆30Updated 5 months ago
• changheluor007 / JSPKiller
  基于污点分析的JSP Webshell检测工具，模拟JVM的栈帧操作进行数据流分析，可以检测出各种变形的JSP Webshell
  ☆21Updated 3 years ago
• h2-stack / LL-RASP
  Low-level RASP: Protecting Applications Implemented in High-level Programming Languages
  ☆64Updated 2 years ago
• ttonys / CodeQLAnalyseJar
  CodeQL分析闭源Jar包脚本，基于Apache Ant构建CodeQL数据库
  ☆37Updated 2 years ago
• tabby-sec / tabby-path-finder
  A neo4j procedure for tabby
  ☆126Updated 2 months ago
• SummerSec / SPATool
  静态程序分析工具 主要生成方法的CFG和.java文件的AST
  ☆131Updated 2 years ago
• HackJava / Spring
  《Spring漏洞研究》
  ☆46Updated 3 years ago
• TonyD0g / JSPHunter
  基于污点分析和模拟栈帧技术的JSP Webshell检测
  ☆46Updated last month
• rmb122 / easyrasp
  简单实现的 Java RASP
  ☆35Updated 4 years ago
• leveryd-asm / asm
  Scanner platform based on Kubernetes and Argo-Workflow 基于k8s和argo工作流的扫描器
  ☆110Updated last year
• xiaopan233 / Java_agent_without_file
  Java agent without file 无文件的Java agent
  ☆82Updated 3 years ago
• lz2y / DubboPOC
  Apache Dubbo漏洞测试Demo及其POC
  ☆62Updated 2 years ago
• phith0n / PaddingZip
  PaddingZip is a tool that you can craft a zip file that contains the padding characters between the file content.
  ☆75Updated 2 years ago
• hudangwei / codemillx
  codemillx is a tool for CodeQL, extract the comments in the code and generate codeql module. 强化Go开源项目安全检测(内含开源项目漏洞挖掘方法)
  ☆204Updated 3 years ago
• jweny / check_jsonp_based_on_ast
  基于AST的JSONP劫持漏洞自动化挖掘
  ☆93Updated 4 years ago
• su18 / rasp-vuln
  当死去的记忆突然开始攻击我，我终于想起了我还写过一款十分十分垃圾的 rasp 靶场。
  ☆78Updated 3 years ago
• vvmdx / CVE-Daily-Push
  零成本实现CVE每日推送
  ☆21Updated last year
• SummerSec / LookupInterface
  CodeQL 寻找 JNDI利用 Lookup接口
  ☆163Updated 3 years ago
• lcark / Tai-e-demo
  用来将Tai-e改造为开箱即用的静态代码安全分析框架的一些demo
  ☆37Updated last year
• waderwu / nativeRasp
  nativeRasp that can hook native methods
  ☆24Updated 2 years ago
• yuligesec / watchvuln
  一个高价值漏洞采集与推送服务 | A valueable vulnerability collection and push service
  ☆31Updated 10 months ago
• bitterzzZZ / CVE-2021-43297-POC
  CVE-2021-43297 POC，Apache Dubbo<= 2.7.13时可以实现RCE
  ☆38Updated 3 years ago
• KpLi0rn / LearnCompiler
  编译原理学习代码仓库
  ☆23Updated 3 years ago
• Ovi3 / extract-react-router
  Extract React router info from React based website within browser
  ☆34Updated last year
• Y4Sec-Team / CVE-2023-21939
  JDK CVE-2023-21939
  ☆96Updated last year
• flowerwind / AutoGenerateXalanPayload
  cve-2022-34169 延伸出的Jdk Xalan的payload自动生成工具，可根据不同的Jdk生成出其所对应的xslt文件
  ☆92Updated 2 years ago