基于Java ASM技术和GadgetInspector的原理,尝试实现一个自动Java代码审计工具。目前做到了可控参数分析和数据流跟踪分析
☆39Oct 26, 2021Updated 4 years ago
Alternatives and similar repositories for CodeInspector
Users that are interested in CodeInspector are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- 针对于Spring框架的自动Java代码审计工具☆37Jan 24, 2022Updated 4 years ago
- Java静态代码安全审计工具,使用JavaParser项目做语法分析,计划支持常见的Web漏洞与组件漏洞☆21Sep 20, 2021Updated 4 years ago
- JAVA IAST Example☆49Dec 13, 2021Updated 4 years ago
- 一个java代码审计辅助工具☆29Nov 2, 2022Updated 3 years ago
- generate facts from bytecode (source is https://github.com/plast-lab/doop-mirror/tree/master/generators)☆23Nov 24, 2024Updated last year
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- ☆12Aug 5, 2021Updated 4 years ago
- jre8u20 gadget☆34May 23, 2021Updated 4 years ago
- A declarative static analysis tool for jvm bytecode based Datalog like CodeQL☆345Jan 6, 2024Updated 2 years ago
- java�反序列化漏洞笔记☆24Apr 6, 2019Updated 7 years ago
- payloads☆15Mar 17, 2021Updated 5 years ago
- JavaWeb漏洞审计工具,构建方法调用链并模拟栈帧进行分析☆335Jun 3, 2023Updated 2 years ago
- 鹏 RocB - Java代码审计IDEA插件 SAST☆151Sep 16, 2021Updated 4 years ago
- 开发和安全和运营:DevSecOps-Software development (Dev) and Security (Sec) and IT operations (Ops).☆27Apr 13, 2024Updated last year
- 静态分析及代码审计自动化相关资料收集☆298Jul 29, 2022Updated 3 years ago
- NordVPN Special Discount Offer • AdSave on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
- 一个基于jvm-sandbox高度定制化rasp☆58Sep 28, 2023Updated 2 years ago
- Java RMI反序列化漏洞插件☆49Jun 11, 2021Updated 4 years ago
- 7bits安全团队-《Java安全-记一次实战使用memoryshell》代码样例☆19Nov 13, 2022Updated 3 years ago
- 一个利用ASM对字节码进行污点传播分析的静态代码审计应用(添加了大量代码注释,适合大家进行源码学习)。也加入了挖掘Fastjson反序列化gadget chains和SQLInject(JdbcTemplate、MyBatis、JPA、Hibernate、原生jdbc等)静…☆458Mar 24, 2022Updated 4 years ago
- 添加Connector内存马与ws内存马检测逻辑☆16Oct 9, 2022Updated 3 years ago
- 项目监控工具 以及 Codeql 自动运行☆314Apr 13, 2023Updated 2 years ago
- 个人使用CodeQL编写的一些规则☆181Mar 30, 2022Updated 4 years ago
- Java代码审计案例☆24May 16, 2021Updated 4 years ago
- ☆21Mar 4, 2023Updated 3 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- ☆11Mar 19, 2022Updated 4 years ago
- ☆42Jul 23, 2019Updated 6 years ago
- ☆11Oct 10, 2018Updated 7 years ago
- ☆38Oct 26, 2021Updated 4 years ago
- Codeql学习笔记☆903Apr 25, 2022Updated 3 years ago
- spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧☆754Apr 14, 2021Updated 4 years ago
- JDBC Connection URL Attack☆443Sep 10, 2021Updated 4 years ago
- CVE-2019-2890 WebLogic 反序列化RCE漏洞☆44Dec 8, 2019Updated 6 years ago
- ☆37Aug 25, 2020Updated 5 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- 专注于JVM的运行时防御系统RASP☆296Jun 14, 2024Updated last year
- 利用链、漏洞检测工具☆375Jul 31, 2024Updated last year
- 本项目是记录自己在Java代码审计过程中遇到的一些优秀文章内容,以及涉及到的Java项目源文件,汇总起来方便初学者下载分析。☆31Jun 14, 2022Updated 3 years ago
- cve-2022-34169 延伸出的Jdk Xalan的payload自动生成工具,可根据不同的Jdk生成出其所对应的xslt文件☆93Jan 17, 2023Updated 3 years ago
- Tomcat 冰蝎内存马。☆214Sep 14, 2020Updated 5 years ago
- SyscallLoader☆11Sep 13, 2021Updated 4 years ago
- Java web路由内存分析工具☆439May 22, 2025Updated 10 months ago