l3yx / Java-RASP-Research-EnvLinks

之前方便自己研究RASP原理和绕过时顺手写的，用于快速启动和重置RASP环境

☆71

Alternatives and similar repositories for Java-RASP-Research-Env

Users that are interested in Java-RASP-Research-Env are comparing it to the libraries listed below

Sorting:

yulate / tabby-pipeline
用于快速启动tabby 分析漏洞或者gadget的环境
☆90Updated 4 months ago
cwkiller / JDBC-PROXY-Bypass
利用代理驱动绕过JDBC Attack检测
☆136Updated 5 months ago
cwkiller / ClassLinefix
Java bytecode line number restoration tool
☆98Updated 3 months ago
Y4Sec-Team / no-templates
如果反序列化过程中使用resolveClass拉黑了TemplatesImpl如何绕过
☆52Updated 2 years ago
tabby-sec / tabby-intellij-plugin
A IntelliJ Plugin for Tabby to Find Vulnerabilities Easily
☆37Updated last year
Le1a / JarLibsConsolidator
一个IDEA插件：一键收集项目中所有jar包依赖的工具插件。遍历项目目录收集所有jar文件，复制到all-in-one文件夹，并自动添加为项目库。
☆49Updated last month
pacemrc / VulDebug
Java漏洞调试分析集合
☆91Updated last year
KpLi0rn / DeserializeAll
一个简单的批量反编译jar包的小脚本
☆44Updated 3 years ago
freeFV / ShortPayload
如何将Java反序列化Payload极致缩小
☆66Updated 3 years ago
ax1sX / RouteCheck-Alpha
A Java Route Collection Tool
☆102Updated last year
h3h3qaq / JavaDecompiler
一个基于 Vineflower 引擎的多线程 Java 批量反编译工具，支持快速处理大量的 class 文件和 JAR 文件。
☆55Updated 7 months ago
yulate / ReflectorMate
idea插件，快速生成反序列化中常用的方法，比如setFieldValue、createTemplatesImpl等
☆29Updated last year
Ar3h / utf8-overlong-agent
使用 agent 实现反序列化 utf8 overlong
☆81Updated last year
woodpecker-appstore / java-memshell-generator
Java 内存马生成插件
☆54Updated 2 years ago
luelueking / Fake_Kafka_Server
☆79Updated last year
phith0n / tls_proxy
A lightweight reverse proxy server that converts TLS traffic to TCP, allowing secure communication between clients and upstream servers.
☆77Updated last year
Ape1ron / davinci
多组件客户端
☆74Updated 7 months ago
jorgectf / jdk4QL
Java JDK 8-18 CodeQL databases
☆16Updated last year
Whoopsunix / utf-8-overlong-encoding
抽离出 utf-8-overlong-encoding 的序列化逻辑，实现 2 3 字节加密序列化数组
☆139Updated last year
tabby-sec / tabby-vul-finder
A vul-finder for loading CPG and automated finding vul-call-chains
☆67Updated 4 months ago
Y4Sec-Team / mysql-jdbc-tricks
JDBC Attack Tricks
☆154Updated 2 years ago
lz2y / DubboPOC
Apache Dubbo漏洞测试Demo及其POC
☆64Updated 2 years ago
h3h3qaq / JDK-CodeQLDB-Builder
使用 Docker 一键构建 JDK 源码的 CodeQL 数据库，方便使用 CodeQL 查找 JDK 中的数据。
☆27Updated 6 months ago
triplexlove / javasocket
java实现反序列化建立socket连接
☆61Updated 11 months ago
unam4 / fineldapc
某软最新公开gadgegt,新加入不出网利用。
☆83Updated last year
TonyD0g / JSPHunter
基于污点分析和模拟栈帧技术的JSP Webshell检测
☆48Updated 2 months ago
luelueking / CVE-2022-25845-In-Spring
CVE-2022-25845(fastjson1.2.80) exploit in Spring Env!
☆99Updated last year
pho3n1x-web / HTTPServerGO
这是一个用Go编写的红队内网环境中一个能快速开启HTTP文件浏览服务的小工具，能够执行shell命令,可以执行webshell
☆78Updated 2 years ago
kyo-w / Spel-research
Spel-research
☆26Updated 3 years ago
ax1sX / MemShell
MemShell List
☆88Updated 2 years ago