l3yx/Choccy external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

l3yx/Choccy

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/l3yx/Choccy)

Close

l3yx / ChoccyView on GitHubMore

• External links
• Readme badge

GitHub项目监控 && CodeQL自动扫描 (GitHub project monitoring && CodeQL automatic analysis)

☆467Jan 19, 2025Updated last year

Alternatives and similar repositories for Choccy

Users that are interested in Choccy are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• kyo-w / router-router

  View on GitHub
  Java web路由内存分析工具
  ☆438May 22, 2025Updated 10 months ago
• ZhuriLab / Yi

  View on GitHub
  项目监控工具 以及 Codeql 自动运行
  ☆313Apr 13, 2023Updated 2 years ago
• SummerSec / learning-codeql

  View on GitHub
  CodeQL Java 全网最全的中文学习资料
  ☆799Mar 18, 2022Updated 4 years ago
• webraybtl / CodeQLpy

  View on GitHub
  CodeQLpy是一款基于CodeQL实现的半自动化代码审计工具，目前仅支持java语言。实现从源码反编译，数据库生成，脆弱性发现的全过程，可以辅助代码审计人员快速定位源码可能存在的漏洞。
  ☆849Jul 6, 2023Updated 2 years ago
• tabby-sec / tabby

  View on GitHub
  A CAT called tabby ( Code Analysis Tool )
  ☆1,641Jan 17, 2026Updated 2 months ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• waderwu / extractor-java

  View on GitHub
  CodeQL extractor for java, which don't need to compile java source
  ☆348Nov 25, 2022Updated 3 years ago
• luelueking / Deserial_Sink_With_JDBC

  View on GitHub
  Some ReadObject Sink With JDBC
  ☆243May 8, 2024Updated last year
• Whoopsunix / JavaRce

  View on GitHub
  Common Exploitation Techniques for Java RCE Vulnerabilities in Real-World Scenarios | 实战场景较通用的 Java Rce 相关漏洞的利用方式
  ☆544Mar 6, 2025Updated last year
• pen4uin / java-memshell-generator

  View on GitHub
  一款支持自定义的 Java 内存马生成工具｜A customizable Java in-memory webshell generation tool.
  ☆2,166Aug 21, 2025Updated 7 months ago
• alipay / ant-application-security-testing-benchmark

  View on GitHub
  xAST评价体系，让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".
  ☆468Jan 15, 2026Updated 2 months ago
• safe6Sec / CodeqlNote

  View on GitHub
  Codeql学习笔记
  ☆900Apr 25, 2022Updated 3 years ago
• jar-analyzer / jar-analyzer

  View on GitHub
  Jar Analyzer - 一个 JAR 包 GUI 分析工具，方法调用关系搜索，方法调用链 DFS 算法分析，模拟 JVM 的污点分析验证 DFS 结果，字符串搜索，Java Web 组件入口分析，CFG 程序分析，JVM 栈帧分析，自定义表达式搜索，紧跟 AI 技术发…
  ☆1,948Mar 19, 2026Updated last week
• pen4uin / java-echo-generator

  View on GitHub
  一款支持自定义的 Java 回显载荷生成工具｜A customizable Java echo payload generation tool.
  ☆462Jan 12, 2025Updated last year
• l3yx / jdwp-codeifier

  View on GitHub
  基于 jdwp-shellifier 的进阶JDWP漏洞利用脚本（动态执行Java/Js代码并获得回显）
  ☆321Dec 22, 2024Updated last year
• Bare Metal GPUs on DigitalOcean Gradient AI • Ad
  Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
• KimJun1010 / inspector

  View on GitHub
  IDEA代码审计辅助插件（深信服深蓝实验室天威战队强力驱动）
  ☆583Mar 10, 2025Updated last year
• ASTTeam / CodeQL

  View on GitHub
  《深入理解CodeQL》Finding vulnerabilities with CodeQL.
  ☆1,763Nov 21, 2023Updated 2 years ago
• Y4tacker / JavaSec

  View on GitHub
  a rep for documenting my study, may be from 0 to 0.1
  ☆2,255Nov 10, 2025Updated 4 months ago
• ax1sX / SecurityList

  View on GitHub
  A list for Web Security and Code Audit
  ☆1,220Dec 3, 2024Updated last year
• vulhub / java-chains

  View on GitHub
  Java Vulnerability Exploitation Platform
  ☆2,010Mar 20, 2026Updated last week
• Phelaine / SinkFinder

  View on GitHub
  闭源系统半自动漏洞挖掘工具，针对 jar/war/zip 进行静态代码分析，输出从source到sink的可达路径。LLM将验证路径可达性，并根据上下文给出该路径可信分数
  ☆508Jan 12, 2026Updated 2 months ago
• lemono0 / FastJsonParty

  View on GitHub
  FastJson全版本Docker漏洞环境(涵盖1.2.47/1.2.68/1.2.80等版本)，主要包括JNDI注入及高版本绕过、waf绕过、文件读写、原生反序列化、利用链探测绕过、不出网利用等。从黑盒的角度覆盖FastJson深入利用
  ☆1,188Jul 12, 2024Updated last year
• SpringKill-team / CodeAuditAssistant

  View on GitHub
  🔍 CodeAuditAssistant - JetBrains Code Audit Plugin (Beta) ⚡ Deep Call-Chain Tracking | 🚀 Method/Class Search | 🔥 Prebuilt Vuln Sink…
  ☆784Mar 14, 2026Updated last week
• LandGrey / spring-boot-upload-file-lead-to-rce-tricks

  View on GitHub
  spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧
  ☆753Apr 14, 2021Updated 4 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• zema1 / watchvuln

  View on GitHub
  一个高价值漏洞采集与推送服务 | Collect valueable vulnerabilities and push them to various services
  ☆1,790Nov 26, 2025Updated 4 months ago
• Firebasky / CodeqlLearn

  View on GitHub
  记录学习codeql的过程
  ☆394Jun 9, 2023Updated 2 years ago
• Lotus6 / ConfluenceMemshell

  View on GitHub
  Confluence CVE 2021，2022，2023 利用工具，支持命令执行，哥斯拉，冰蝎 内存马注入
  ☆555Feb 1, 2024Updated 2 years ago
• luelueking / ClazzSearcher

  View on GitHub
  一款使用Yaml定义搜索规则来搜索Class的工具
  ☆108Aug 2, 2023Updated 2 years ago
• safe6Sec / Fastjson

  View on GitHub
  Fastjson姿势技巧集合
  ☆1,833Oct 20, 2023Updated 2 years ago
• whocansee / FilelessAgentMemShell

  View on GitHub
  无需文件落地Agent内存马生成器
  ☆249May 30, 2024Updated last year
• 4ra1n / mysql-fake-server

  View on GitHub
  纯 Java 实现的 MySQL Fake Server | 支持 GUI 版和命令行版 | 支持反序列化和文件读取的利用方式 | 支持常见的 GADGET 和自定义 GADGET 数据 | 根据目标环境自动生成匹配的 PAYLOAD | 支持 PGSQL 和 DERBY …
  ☆827Sep 18, 2023Updated 2 years ago
• Maskhe / javasec

  View on GitHub
  自己学习java安全的一些总结，主要是安全审计相关
  ☆1,697Jan 5, 2022Updated 4 years ago
• ice-doom / CodeQLRule

  View on GitHub
  个人使用CodeQL编写的一些规则
  ☆180Mar 30, 2022Updated 3 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• fnmsd / MySQL_Fake_Server

  View on GitHub
  MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize
  ☆1,362Nov 18, 2021Updated 4 years ago
• rzte / agentcrack

  View on GitHub
  不那么一样的 Java Agent 内存马
  ☆289Nov 27, 2023Updated 2 years ago
• 4ra1n / code-inspector

  View on GitHub
  JavaWeb漏洞审计工具，构建方法调用链并模拟栈帧进行分析
  ☆335Jun 3, 2023Updated 2 years ago
• Hutt0n0 / ActiveMqRCE

  View on GitHub
  用java实现构造openwire协议，利用activeMQ < 5.18.3 RCE 回显利用 内存马注入
  ☆288Nov 20, 2023Updated 2 years ago
• kezibei / Urldns

  View on GitHub
  ☆343Mar 6, 2026Updated 3 weeks ago
• su18 / hack-fastjson-1.2.80

  View on GitHub
  ☆525Sep 16, 2022Updated 3 years ago
• Schira4396 / VcenterKiller

  View on GitHub
  一款针对Vcenter的综合利用工具，包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j，提供一键上传webs…
  ☆1,470Apr 25, 2024Updated last year