j5s/SpringInspector

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/j5s/SpringInspector)

j5s / SpringInspector

针对于Spring框架的自动Java代码审计工具

☆37

Alternatives and similar repositories for SpringInspector

Users that are interested in SpringInspector are comparing it to the libraries listed below

Sorting:

safe6Sec / JavaDeserialization
View on GitHub
java反序列化学习笔记
☆16Nov 17, 2021Updated 4 years ago
jimocode / CodeInspector
View on GitHub
基于Java ASM技术和GadgetInspector的原理，尝试实现一个自动Java代码审计工具。目前做到了可控参数分析和数据流跟踪分析
☆39Oct 26, 2021Updated 4 years ago
ax1sX / Automation-in-Java-Security
View on GitHub
☆10Jul 21, 2022Updated 3 years ago
mtxiaowangzi / CAFJE
View on GitHub
又一个Java Web代码审计工具
☆100May 7, 2018Updated 7 years ago
yhy0 / JavaSerializeDemo
View on GitHub
Java反序列化漏洞学习
☆14Jul 1, 2021Updated 4 years ago
xiaopan233 / GenerateNoHard
View on GitHub
本工具的定位是快速生成Java安全相关的Payload，如内存马、反序列化链、JNDI url、Fastjson等，动态生成相关Payload，并附带相应的文档。
☆93Feb 25, 2025Updated last year
0neOfU4 / JavaCodeAudit
View on GitHub
本项目是记录自己在Java代码审计过程中遇到的一些优秀文章内容，以及涉及到的Java项目源文件，汇总起来方便初学者下载分析。
☆31Jun 14, 2022Updated 3 years ago
ffffffff0x / JVWA
View on GitHub
java 代码审计学习靶场
☆119Jan 11, 2024Updated 2 years ago
SiJiDo / JAVA-Serialize-vuln
View on GitHub
java反序列化漏洞笔记
☆23Apr 6, 2019Updated 6 years ago
K4ptor / CVE-2023-22515
View on GitHub
Confluence未授权添加管理员用户漏洞利用脚本
☆25Oct 26, 2023Updated 2 years ago
lz520520 / java-object-searcher
View on GitHub
☆22Feb 21, 2025Updated last year
woodpecker-appstore / rmi-deserialization-vuldb
View on GitHub
Java RMI反序列化漏洞插件
☆49Jun 11, 2021Updated 4 years ago
j5s / XVulnFinder
View on GitHub
Java静态代码安全审计工具，使用JavaParser项目做语法分析，计划支持常见的Web漏洞与组件漏洞
☆21Sep 20, 2021Updated 4 years ago
iQingshan / ARL
View on GitHub
灯塔v2.6.2_docker版本
☆15Oct 13, 2025Updated 4 months ago
minhangxiaohui / JAVA_memshells
View on GitHub
java 内存马系列实现（Servlets 、组件、Agent）
☆10Mar 7, 2022Updated 3 years ago
liushuishang / JobSchedule
View on GitHub
基于TBSchedule开发的一个分布式任务调度框架，可以解析任务间的依赖，并执行任务（执行Shell、bat脚本）
☆12Aug 5, 2016Updated 9 years ago
suizhibo / Tao
View on GitHub
Tao（道）一款用于java语言函数调用关系生成的工具，致力于提高java代码审计效率。
☆11Jul 2, 2024Updated last year
Mr-xn / TencentSecuritySalon
View on GitHub
腾讯安全沙龙一二三期PPT集合
☆19May 24, 2025Updated 9 months ago
p1n93r / javasec
View on GitHub
Java安全相关，目前主要是CC链研究
☆10Sep 1, 2022Updated 3 years ago
moyuwa / FileMonitorPlus
View on GitHub
文件变化实时监控工具Plus版(代码审计/黑盒/白盒审计辅助工具)，基于项目修改 https://github.com/TheKingOfDuck/FileMonitor
☆11Jun 28, 2020Updated 5 years ago
WAY29 / javaGGC
View on GitHub
javaGGC for generate commons.collections gadget chain
☆12Nov 10, 2021Updated 4 years ago
fengupupup / RocB
View on GitHub
鹏 RocB - Java代码审计IDEA插件 SAST
☆151Sep 16, 2021Updated 4 years ago
i11us0ry / tools-gophish
View on GitHub
gophish批量操作，适用于大批量钓鱼演练
☆31Apr 5, 2021Updated 4 years ago
zxcvbn001 / CodeReview
View on GitHub
代码审计总结
☆85Sep 1, 2021Updated 4 years ago
passer-W / snakeyaml-memshell
View on GitHub
springboot跨线程注入内存马
☆123Apr 10, 2022Updated 3 years ago
ax1sX / SpringSecurity
View on GitHub
A list for Spring Security
☆128Jan 16, 2024Updated 2 years ago
nOnE-team / YQScan
View on GitHub
语雀敏感信息泄露搜索工具
☆13Jan 20, 2023Updated 3 years ago
S9MF / ShiroScan2
View on GitHub
基于BurpShiroPassiveScan修改增加了Xray回显链生成
☆56Sep 6, 2022Updated 3 years ago
ssrsec / SpringBootEnvDecrypt
View on GitHub
SpringBoot获取被星号脱敏的密码的明文
☆57Dec 13, 2021Updated 4 years ago
ReAbout / audit-java
View on GitHub
Java代码审计手册，关注于漏洞挖掘而非利用【持续更新】
☆199Nov 21, 2024Updated last year
dreamncn / iCrypto
View on GitHub
iCrypto，让所有密文全部变成明文！
☆101Oct 10, 2023Updated 2 years ago
Janhsu / DockerAPITool
View on GitHub
DockerRemoteAPI未授权访问(2375端口)利用工具，支持容器逃逸
☆67Dec 29, 2024Updated last year
achuna33 / FuckMemshell
View on GitHub
内存马持久化
☆59May 19, 2022Updated 3 years ago
Ormicron / bcelkit
View on GitHub
BCEL编解码工具
☆16Aug 3, 2022Updated 3 years ago
lalajun / Fastjson_Deserialize
View on GitHub
Fastjson反序列化环境（一步步）
☆14Jun 17, 2022Updated 3 years ago
hosch3n / FastjsonVulns
View on GitHub
[fastjson 1.2.80] CVE-2022-25845 aspectj fileread & groovy remote classload
☆91Sep 2, 2022Updated 3 years ago
Tr0e / JavaSinkTracer
View on GitHub
基于Python javalang库开发的一款轻量级Java源代码审计工具，by Tr0e
☆71Oct 23, 2025Updated 4 months ago
turn1tup / JvmRaspBypass
View on GitHub
☆21Oct 7, 2022Updated 3 years ago
Lya0 / GoSecCode-codeql
View on GitHub
一个基于Codeql规则的go靶场
☆41Feb 19, 2025Updated last year