laruence / taintView external linksLinks
Taint is a PHP extension, used for detecting XSS codes
☆617Jul 1, 2024Updated last year
Alternatives and similar repositories for taint
Users that are interested in taint are comparing it to the libraries listed below
Sorting:
- A PHP7 extension that can hook most functions/classes and parts of opcodes☆243Sep 17, 2021Updated 4 years ago
- PHP Runtime Vulnerability Detection☆483May 25, 2019Updated 6 years ago
- A tool that can scan php vulnerabilities automatically using static analysis methods☆488Mar 20, 2018Updated 7 years ago
- dynamic crawler for web vulnerability scanner☆253Mar 4, 2020Updated 5 years ago
- PHP 白盒分析工具,结合AST 和数据流跟踪分析代码,达到自动化白盒审计功能☆148May 14, 2018Updated 7 years ago
- A tracing and troubleshooting tool for PHP scripts.☆1,679Nov 28, 2018Updated 7 years ago
- a simple tool to detect potential security threat in php code☆317Sep 9, 2024Updated last year
- Source Code Security Audit (源代码安全审计)☆3,188Sep 16, 2022Updated 3 years ago
- JRE8u20_RCE_Gadget☆255Jul 1, 2016Updated 9 years ago
- A PHP Persistent Configurations Container☆1,048Jul 29, 2025Updated 6 months ago
- 通过劫持Zend底层opcode编译,还原部分混淆加密的php源码,检测网站木马加入日志,禁用危险方法,禁用特定目录PHP文件的执行☆125Dec 5, 2017Updated 8 years ago
- fastjson remote code execute poc 直接用intellij IDEA打开即可 首先编译得到Test.class,然后运行Poc.java☆403Dec 16, 2022Updated 3 years ago
- 这是一个实验性的PHP扩展,加载这个扩展后,每次请求将可以执行一段自己的PHP代码。☆198Oct 22, 2018Updated 7 years ago
- 被动式漏洞扫描系统☆873Nov 1, 2017Updated 8 years ago
- A Control Flow Graph implementation in PHP☆247Sep 20, 2025Updated 4 months ago
- python audit tool 审计 注入 inject☆182Feb 25, 2016Updated 9 years ago
- 一个利用ASM对字节码进行污点传播分析的静态代码审计应用(添加了大量代码注释,适合大家进行源码学习)。也加入了挖掘Fastjson反序列化gadget chains和SQLInject(JdbcTemplate、MyBatis、JPA、Hibernate、原生jdbc等)静…☆458Mar 24, 2022Updated 3 years ago
- Security-related PHP7 OPcache abuse tools and demo☆317Jan 2, 2023Updated 3 years ago
- Static code auditing system☆468Jan 8, 2021Updated 5 years ago
- ssrf、ssrfIntranetFuzz、dnsRebinding、recordEncode、dnsPoisoning、Support ipv4/ipv6☆217Aug 17, 2017Updated 8 years ago
- Web App Monitor☆228Sep 20, 2018Updated 7 years ago
- 用于扫描git,svn泄露☆78Jul 29, 2015Updated 10 years ago
- ☆835Jun 7, 2022Updated 3 years ago
- KunLun-M是一个完全开源的静态白盒扫描工具,支持PHP、JavaScript的语义扫描,基础安全、组件安全扫描,Chrome Ext\Solidity的基础扫描。☆2,379Jan 16, 2026Updated 3 weeks ago
- Php Codz Hacking☆669Sep 5, 2015Updated 10 years ago
- QAQ Just study unserialize vulnerabilities in Java :)☆196Aug 22, 2018Updated 7 years ago
- ☆146Jun 20, 2018Updated 7 years ago
- 更快速的进行Web应用指纹识别☆172May 9, 2019Updated 6 years ago
- 基于http代理的web漏洞扫描器的实现☆354Mar 19, 2016Updated 9 years ago
- 🔥Open source RASP solution☆2,952Oct 2, 2025Updated 4 months ago
- A byte code analyzer for finding deserialization gadget chains in Java applications☆1,080Jun 15, 2021Updated 4 years ago
- Light, concurrent RPC framework for PHP & C☆1,437Jul 29, 2025Updated 6 months ago
- Java RMI enumeration and attack tool.☆745Sep 28, 2017Updated 8 years ago
- Web Security Technology & Vulnerability Analysis Whitepapers☆549Jan 1, 2019Updated 7 years ago
- a webshell resides in the memory of java web server☆698Jun 26, 2018Updated 7 years ago
- CVE-2019-2725 命令回显☆436May 8, 2023Updated 2 years ago
- PHP7内核剖析☆3,413May 12, 2022Updated 3 years ago
- a passive scanner based on Mitmproxy and Arachni☆109Aug 17, 2017Updated 8 years ago
- Proof of concept exploit, showing how to do bytecode injection through untrusted deserialization with Spring Framework 4.2.4☆116May 17, 2019Updated 6 years ago