jvm-rasp / jrasp-agentView external linksLinks
专注于JVM的运行时防御系统RASP
☆295Jun 14, 2024Updated last year
Alternatives and similar repositories for jrasp-agent
Users that are interested in jrasp-agent are comparing it to the libraries listed below
Sorting:
- Java web路由内存分析工具☆437May 22, 2025Updated 8 months ago
- Java表达式语句生成器☆194Oct 9, 2023Updated 2 years ago
- Some ReadObject Sink With JDBC☆243May 8, 2024Updated last year
- A declarative static analysis tool for jvm bytecode based Datalog like CodeQL☆344Jan 6, 2024Updated 2 years ago
- Java Js Engine Payloads All in one☆289Aug 21, 2023Updated 2 years ago
- java内存对象搜索辅助工具☆822Sep 23, 2022Updated 3 years ago
- ☆306Feb 27, 2025Updated 11 months ago
- A CAT called tabby ( Code Analysis Tool )☆1,635Jan 17, 2026Updated 3 weeks ago
- 不那么一样的 Java Agent 内存马☆289Nov 27, 2023Updated 2 years ago
- JDBC Connection URL Attack☆438Sep 10, 2021Updated 4 years ago
- A neo4j procedure for tabby☆137May 17, 2025Updated 8 months ago
- CodeQL extractor for java, which don't need to compile java source☆349Nov 25, 2022Updated 3 years ago
- 一款使用Yaml定义搜索规则来搜索Class的工具☆108Aug 2, 2023Updated 2 years ago
- 静态程序分析工具 主要生成方法的CFG和.java文件的AST☆132Jul 12, 2023Updated 2 years ago
- spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧☆753Apr 14, 2021Updated 4 years ago
- Low-level RASP: Protecting Applications Implemented in High-level Programming Languages☆69Oct 19, 2025Updated 3 months ago
- ☆21Oct 7, 2022Updated 3 years ago
- xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".☆460Jan 15, 2026Updated last month
- ZKar is a Java serialization protocol analysis tool implement in Go.☆643Feb 15, 2025Updated last year
- 抽离出 utf-8-overlong-encoding 的序列化逻辑,实现 2 3 字节加密序列化数组☆139Mar 11, 2024Updated last year
- 一款通过污点追踪发现Jsp webshell的工具(A tool to find Jsp Webshell through stain tracking)☆176Jan 4, 2022Updated 4 years ago
- 无需文件落地Agent内存马生成器☆248May 30, 2024Updated last year
- 记录学习codeql的过程☆394Jun 9, 2023Updated 2 years ago
- ☆146Jan 16, 2023Updated 3 years ago
- 通过JavaAgent与Javassist技术对JVM加载的类对象进行动态插桩,可以做一些破解、加密验证的绕过等操作☆116Jun 18, 2024Updated last year
- 收集内存马打入方式☆506May 20, 2022Updated 3 years ago
- JavaWeb MemoryShell Inject/Scan/Killer/Protect Research & Exploring☆651Jun 25, 2021Updated 4 years ago
- A helpful Java Deserialization exploit framework.☆1,239Feb 17, 2025Updated 11 months ago
- JDBC Attack Tricks☆154Sep 3, 2023Updated 2 years ago
- cve-2022-34169 延伸出的Jdk Xalan的payload自动生成工具,可根据不同的Jdk生成出其所对应的xslt文件☆93Jan 17, 2023Updated 3 years ago
- 一个基于jvm-sandbox高度定制化rasp☆58Sep 28, 2023Updated 2 years ago
- JDK CVE-2023-21939☆94Aug 26, 2023Updated 2 years ago
- 一款支持自定义的 Java 回显载荷生成工具|A customizable Java echo payload generation tool.☆460Jan 12, 2025Updated last year
- Common Exploitation Techniques for Java RCE Vulnerabilities in Real-World Scenarios | 实战场景较通用的 Java Rce 相关漏洞的利用方式☆545Mar 6, 2025Updated 11 months ago
- CodeQLpy是一款基于CodeQL实现的半自动化代码审计工具,目前仅支持java语言。实现从源码反编译,数据库生成,脆弱性发现的全过程,可以辅助代码审计人员快速定位源码可能存在的漏洞。☆847Jul 6, 2023Updated 2 years ago
- Java RCE 回显测试代码☆1,015Oct 15, 2020Updated 5 years ago
- 基于 jdwp-shellifier 的进阶JDWP漏洞利用脚本(动态执行Java/Js代码并获得回显)☆321Dec 22, 2024Updated last year
- JavaWeb漏洞审计工具,构建方法调用链并模拟栈帧进行分析☆334Jun 3, 2023Updated 2 years ago
- Apache Dubbo漏洞测试Demo及其POC☆65Mar 27, 2023Updated 2 years ago