Alternatives and similar repositories for python-fortify

Users that are interested in python-fortify are comparing it to the libraries listed below

• Contrast-Security-OSS / joogle
  A static analysis API for finding deserialization attack gadgets
  ☆38Updated 2 years ago
• mbechler / serianalyzer
  A static byte code analyzer for Java deserialization gadget research
  ☆250Updated 8 years ago
• frohoff / inspector-gadget
  Primitive tool for exploring/querying Java classes via the Tinkerpop Gremlin graph traversal language
  ☆108Updated 9 years ago
• cdaller / security_taint_propagation
  Java taint propagation for java. Define tainted sources, sanitizer methods and sinks via aspects.
  ☆28Updated 7 years ago
• irsl / jackson-rce-via-spel
  An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions
  ☆124Updated 7 years ago
• angelwhu / jvm-rasp
  基于JVM-Sandbox实现RASP安全监控防护
  ☆52Updated 2 years ago
• appsecco / json-flash-csrf-poc
  This repo contains the files required to perform a CSRF attack using Flash and HTTP 307 redirections.
  ☆77Updated 7 years ago
• advanced-security / custom-codeql-bundle
  An example repository that demonstrates how the build custom CodeQL bundles that include query customizations through the `Customizations…
  ☆25Updated 3 years ago
• Semmle / SecurityQueries
  Deprecated: Please visit https://github.com/github/codeql instead.
  ☆80Updated 3 years ago
• githubsatelliteworkshops / codeql
  GitHub Satellite 2020 workshops on finding security vulnerabilities with CodeQL for Java/JavaScript.
  ☆210Updated last year
• mwielgoszewski / jython-burp-api
  Develop Burp extensions in Jython
  ☆179Updated 8 years ago
• ajinabraham / libsast
  Generic SAST Library
  ☆132Updated 3 months ago
• zerothoughts / spring-jndi
  Proof of concept exploit, showing how to do bytecode injection through untrusted deserialization with Spring Framework 4.2.4
  ☆116Updated 6 years ago
• pwntester / XStreamPOC
  POC for XStream RCE
  ☆13Updated 11 years ago
• ramshazar / orangetsai-springboot-actuator-poc
  ☆27Updated 4 years ago
• NetsOSS / headless-burp
  Automate security tests using Burp Suite.
  ☆229Updated last year
• codeplutos / java-security-manager-bypass
  ☆151Updated 6 years ago
• ryohare / fortify-structural-rules-guide
  A technique for developing Fortify structural rules and characterization rules.
  ☆14Updated 5 years ago
• ssexxe / XXEBugFind
  A tool for detecting XML External Entity (XXE) vulnerabilities in Java applications
  ☆72Updated 11 years ago
• GrrrDog / ZeroNights-HackQuest-2016
  2 web tasks from ZeroNights HackQuest 2016
  ☆50Updated 8 years ago
• CaledoniaProject / CVE-2018-1270
  Spring messaging STOMP protocol RCE
  ☆113Updated 7 years ago
• frohoff / marshalsec
  ☆75Updated 8 years ago
• mbechler / serjs
  A Java serializer in JavaScript
  ☆81Updated 7 years ago
• PortSwigger / json-web-token-attacker
  ☆108Updated 3 years ago
• pwntester / JRE8u20_RCE_Gadget
  JRE8u20_RCE_Gadget
  ☆253Updated 9 years ago
• dschadow / Java-Web-Security
  Java-Web-Security - Sichere Webanwendungen mit Java entwickeln
  ☆220Updated last week
• Morningstar / GoASQ
  General Open Architecture Security Questionnaire
  ☆32Updated 2 years ago
• Marcono1234 / codeql-java-queries
  Personal CodeQL queries
  ☆64Updated 3 weeks ago
• summitt / burp-ysoserial
  YSOSERIAL Integration with burp suite
  ☆166Updated 2 years ago
• cxai / Checkmarx-PowerTools
  A collection of various scripts and automations to simplify Checkmarx SAST and IAST setup and use
  ☆14Updated 7 years ago