j5s / XVulnFinderLinks
Java静态代码安全审计工具,使用JavaParser项目做语法分析,计划支持常见的Web漏洞与组件漏洞
☆21Updated 3 years ago
Alternatives and similar repositories for XVulnFinder
Users that are interested in XVulnFinder are comparing it to the libraries listed below
Sorting:
- 静态程序分析工具 主要生成方法的CFG和.java文件的AST☆132Updated 2 years ago
- 基于Java ASM技术和GadgetInspector的原理,尝试实现一个自动Java代码审计工具。目前做到了可控参数分析和数据流跟踪分析☆36Updated 3 years ago
- Auto Code Audit Framework for Java☆96Updated 3 years ago
- 代码审计自动化系统,底层架构为蜻蜓编排系统,墨菲SCA,fortify,SemGrep,hema☆30Updated 5 months ago
- JAVA IAST Example☆49Updated 3 years ago
- 针对于Spring框架的自动Java代码审计工具☆34Updated 3 years ago
- 一个基于jvm-sandbox高度定制化rasp☆58Updated last year
- Dongtai-plugin-idea is an IDEA plug-in developed by DongTai team for Java Web application developers. This plug-in provides functions suc…☆27Updated last year
- RASP测试靶场☆173Updated 2 years ago
- 个人使用CodeQL编写的一些规则☆176Updated 3 years ago
- A neo4j procedure for tabby☆128Updated 3 months ago
- 当死去的记忆突然开始攻击我,我终于想起了我还写过一款十分十分垃圾的 rasp 靶场。☆78Updated 3 years ago
- Lessons for syntaxflow zero to hero☆51Updated 11 months ago
- 自学时写的适合Java安全小白用来学习Java反序列化漏洞的文章和Demo。(随懒狗的学习进度持续更新🐶)。Some articles and demos written during self-study which are suitable for Java Secu…☆11Updated 3 years ago
- simpleIAST- 基于污点追踪的灰盒漏洞扫描工具。☆88Updated this week
- nativeRasp that can hook native methods☆24Updated 2 years ago
- 2023白帽补天大会部分代码☆127Updated last year
- 鹏 RocB - Java代码审计IDEA插件 SAST☆150Updated 3 years ago
- Tai-e的Web插件☆23Updated last year
- 项目监控工 具 以及 Codeql 自动运行☆311Updated 2 years ago
- A vul-finder for loading CPG and automated finding vul-call-chains☆61Updated last month
- ☆18Updated 2 years ago
- 《深入理解DAST动态应用程序安全测试》Dynamic Application Security Testing.☆53Updated 2 years ago
- Spring内存马检测和隐形马研究☆12Updated 3 years ago
- 《Spring漏洞研究》☆47Updated 3 years ago
- ☆38Updated 3 years ago
- JAVA 安全靶场,IAST 测试用 例,JAVA漏洞复现,代码审计,SAST测试用例,安全扫描(主动和被动),JAVA漏洞靶场,RASP测试用例 ; Java Security Testbed, IAST Test Cases, Java Vulnerability R…☆251Updated 11 months ago
- Java安全,漏洞分析/挖掘/利用☆13Updated 2 years ago
- 开发和安全和运营:DevSecOps-Software development (Dev) and Security (Sec) and IT operations (Ops).☆25Updated last year
- Apache Dubbo漏洞测试Demo及其POC☆62Updated 2 years ago