fengupupup / RocB

鹏 RocB - Java代码审计IDEA插件 SAST

☆147

Alternatives and similar repositories for RocB:

Users that are interested in RocB are comparing it to the libraries listed below

LFYSec / ActuatorExploit
SpringBoot Actuator未授权自动化利用，支持信息泄漏/RCE
☆232Updated 4 years ago
R17a-17 / JavaVulnSummary
Java漏洞分析汇合
☆143Updated 3 years ago
flowerwind / JspFinder
一款通过污点追踪发现Jsp webshell的工具(A tool to find Jsp Webshell through stain tracking)
☆175Updated 3 years ago
Lonely-night / fastjsonVul
fastjson 80 远程代码执行漏洞复现
☆189Updated 2 years ago
Y4er / fastjson-bypass-autotype-1.2.68
fastjson bypass autotype 1.2.68 with Throwable and AutoCloseable.
☆223Updated 2 years ago
yzddmr6 / JspForAntSword
中国蚁剑JSP一句话Payload
☆119Updated 4 years ago
rufherg / WebLogic_Basic_Poc
用于WebLogic poc及exp测试的基础脚本，后续将集成各版本poc库
☆93Updated 4 years ago
depycode / fastjson-c3p0
fastjson不出网利用、c3p0
☆250Updated 3 years ago
kezibei / fastjson_payload
☆202Updated 4 months ago
potats0 / javaSerializationTools
☆145Updated 3 years ago
r00t4dm / aLIEz
☆182Updated 3 months ago
Er1cccc / ACAF
Auto Code Audit Framework for Java
☆97Updated 3 years ago
lalajun / RMIDeserialize
RMI 反序列化环境一步步
☆212Updated 4 years ago
ice-doom / CodeQLRule
个人使用CodeQL编写的一些规则
☆176Updated 2 years ago
zxcvbn001 / CodeReview
代码审计总结
☆80Updated 3 years ago
SummerSec / LookupInterface
CodeQL 寻找 JNDI利用 Lookup接口
☆162Updated 2 years ago
su18 / rasp-vuln
当死去的记忆突然开始攻击我，我终于想起了我还写过一款十分十分垃圾的 rasp 靶场。
☆78Updated 2 years ago
Veraxy00 / Shiro-EXP
Apache Shiro 反序列化漏洞检测与利用工具，一键注入内存马
☆139Updated 3 years ago
vulhub / Apereo-CAS-Attack
WIP: Demo for Attacking Apereo CAS
☆88Updated 4 years ago
woodpecker-appstore / jexpr-encoder-utils
Java表达式语句生成器
☆185Updated last year
safe6Sec / MemoryShell
内存马学习
☆169Updated 2 years ago
keven1z / weblogic_memshell
适用于weblogic和Tomcat的无文件的内存马(memshell)
☆266Updated 2 years ago
KpLi0rn / ShiroVulnEnv
Shiro内存马注入环境
☆59Updated 3 years ago
bwcxljsm / Fofa-collect
Fofa采集工具
☆112Updated 2 years ago
ydnzol / memshell
Tomcat 冰蝎内存马。
☆211Updated 4 years ago