codemillx is a tool for CodeQL, extract the comments in the code and generate codeql module. 强化Go开源项目安全检测(内含开源项目漏洞挖掘方法)
☆205Mar 19, 2022Updated 3 years ago
Alternatives and similar repositories for codemillx
Users that are interested in codemillx are comparing it to the libraries listed below
Sorting:
- Codeql学习笔记☆900Apr 25, 2022Updated 3 years ago
- 个人使用CodeQL编写的一些规则☆180Mar 30, 2022Updated 3 years ago
- 自动反编译闭源应用,创建codeql数据库☆316Mar 2, 2022Updated 4 years ago
- 项目监控工具 以及 Codeql 自动运行☆313Apr 13, 2023Updated 2 years ago
- 记录学习codeql的过程☆394Jun 9, 2023Updated 2 years ago
- 静态分析及代码审计自动化相关资料收集☆298Jul 29, 2022Updated 3 years ago
- CodeQL Java 全网最全的中文学习资料☆799Mar 18, 2022Updated 3 years ago
- 记录各语言、框架中危险的sink,个人代码审计、漏洞研究使用。☆117Dec 30, 2021Updated 4 years ago
- A declarative static analysis tool for jvm bytecode based Datalog like CodeQL☆345Jan 6, 2024Updated 2 years ago
- spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧☆754Apr 14, 2021Updated 4 years ago
- 利用链、漏洞检测工具☆373Jul 31, 2024Updated last year
- 关于学习java安全的一些知识,正在学习中ing,欢迎fork and star☆792Jul 11, 2023Updated 2 years ago
- ☆274Oct 28, 2021Updated 4 years ago
- 《深入理解CodeQL》Finding vulnerabilities with CodeQL.☆1,757Nov 21, 2023Updated 2 years ago
- Finding Java gadget chains with CodeQL☆184Jan 14, 2025Updated last year
- 注入JVM进程 动态获取目标进程连接的数据库☆342Mar 6, 2022Updated 3 years ago
- (周瑜)Java - SpringBoot 持久化 WebShell(不仅仅是SpringBoot,适合任何符合JavaEE规范的服务)☆615Dec 29, 2021Updated 4 years ago
- Go相关的安全研究☆234Nov 6, 2023Updated 2 years ago
- ZKar is a Java serialization protocol analysis tool implement in Go.☆649Feb 15, 2025Updated last year
- 一个利用ASM对字节码进行污点传播分析的静态代码审计应用(添加了大量代码注释,适合大家进行源码学习)。也加入了挖掘Fastjson反序列化gadget chains和SQLInject(JdbcTemplate、MyBatis、JPA、Hibernate、原生jdbc等)静…☆458Mar 24, 2022Updated 3 years ago
- K8S安全攻防思维导图 | Docker安全攻防思维导图☆417Jun 22, 2022Updated 3 years ago
- 各种工具指纹收集分享☆529Nov 3, 2021Updated 4 years ago
- DVPNET 公开漏洞知识库☆94Jun 10, 2021Updated 4 years ago
- Flask 内存马☆313Mar 26, 2021Updated 4 years ago
- Java反序列化漏洞利用链补全计划,仅用于个人归纳总结。☆420Dec 3, 2021Updated 4 years ago
- java内存对象搜索辅助工具☆823Sep 23, 2022Updated 3 years ago
- A CAT called tabby ( Code Analysis Tool )☆1,637Jan 17, 2026Updated last month
- A rouge mysql server supports reading files from most mysql libraries of multiple programming languages.☆754Dec 2, 2022Updated 3 years ago
- ☆295May 7, 2022Updated 3 years ago
- 域控安全one for all☆736Sep 9, 2024Updated last year
- JetBrains系列产品.idea钓鱼反制红队☆331Jan 27, 2026Updated last month
- WebSocket 内存马/Webshell,一种新型内存马/WebShell技术☆1,488Apr 10, 2023Updated 2 years ago
- Java web路由内存分析工具☆437May 22, 2025Updated 9 months ago
- 一个方便安全研究人员获取每日安全日报的爬虫和推送程序,目前爬取范围包括先知社区、安全客、Seebug Paper、跳跳糖、奇安信攻防社区、棱角社区以及绿盟、腾讯玄武、天融信、360等实验室博客,持续更新中。☆930Dec 24, 2023Updated 2 years ago
- fastjson不出网利用、c3p0☆256Jul 30, 2021Updated 4 years ago
- fastjson 被动扫描、不出网payload生成☆367Nov 19, 2021Updated 4 years ago
- 文章 Attack Code 的详细全文。安全和开发总是具有伴生属性,尤其是云的安全方向,本篇文章是希望能帮助到读者的云安全入门材料。Full text of the article Attack Code. Security and development always …☆557Feb 29, 2024Updated 2 years ago
- A Go library for generating Java deserialization payloads.☆155Sep 9, 2024Updated last year
- 分享几个直接可用的内存马,记录一下学习过程中看过的文章☆975Mar 23, 2022Updated 3 years ago