Alternatives and similar repositories for jvm-sandbox-rasp

Users that are interested in jvm-sandbox-rasp are comparing it to the libraries listed below

• Mr-xn / CVE-2024-32113

  View on GitHub
  Apache OFBIZ Path traversal leading to RCE POC[CVE-2024-32113 & CVE-2024-36104]
  ☆27Jun 3, 2024Updated last year
• TonyD0g / JSPHunter

  View on GitHub
  基于污点分析和模拟栈帧技术的JSP Webshell检测
  ☆48Sep 30, 2025Updated 4 months ago
• luelueking / ClazzSearcher

  View on GitHub
  一款使用Yaml定义搜索规则来搜索Class的工具
  ☆108Aug 2, 2023Updated 2 years ago
• X1r0z / hessian-overlong-encoding

  View on GitHub
  Hessian UTF-8 Overlong Encoding
  ☆21Mar 9, 2024Updated last year
• KingBridgeSS / jdifferer

  View on GitHub
  ☆65Sep 27, 2023Updated 2 years ago
• tabby-sec / tabby-vul-finder

  View on GitHub
  A vul-finder for loading CPG and automated finding vul-call-chains
  ☆71Jul 22, 2025Updated 6 months ago
• luelueking / Bypass_JVM_Verifier

  View on GitHub
  Bypass JVM Class ByteCode Verifier , 对抗反编译器
  ☆117Sep 21, 2023Updated 2 years ago
• X1r0z / dubbo-rce

  View on GitHub
  PoC of Apache Dubbo CVE-2023-23638
  ☆34Jan 29, 2024Updated 2 years ago
• AIex-3 / confluence-hack

  View on GitHub
  CVE-2023-22515
  ☆52Nov 10, 2023Updated 2 years ago
• l3yx / Java-RASP-Research-Env

  View on GitHub
  之前方便自己研究RASP原理和绕过时顺手写的，用于快速启动和重置RASP环境
  ☆71Oct 13, 2024Updated last year
• luelueking / Deserial_Sink_With_JDBC

  View on GitHub
  Some ReadObject Sink With JDBC
  ☆243May 8, 2024Updated last year
• Y4tacker / HackingFernFlower

  View on GitHub
  2023白帽补天大会部分代码
  ☆129Dec 26, 2023Updated 2 years ago
• tabby-sec / tabby-path-finder

  View on GitHub
  A neo4j procedure for tabby
  ☆137May 17, 2025Updated 9 months ago
• aaaademo / Confluence-EvilJar

  View on GitHub
  配合 CVE-2023-22515 后台上传jar包实现RCE
  ☆23Nov 9, 2023Updated 2 years ago
• yzddmr6 / MyPresentations

  View on GitHub
  My security presentations
  ☆29Aug 21, 2023Updated 2 years ago
• 4ra1n / java-gate

  View on GitHub
  Java JNI HellsGate/HalosGate/TartarusGate/RecycledGate/SSN Syscall/Many Shellcode Loaders
  ☆195Jul 7, 2023Updated 2 years ago
• yezere / codeql_n1ght

  View on GitHub
  方便自己搭建codeql环境和数据库的工具。
  ☆64Aug 16, 2025Updated 6 months ago
• yzddmr6 / Java-Js-Engine-Payloads

  View on GitHub
  Java Js Engine Payloads All in one
  ☆289Aug 21, 2023Updated 2 years ago
• Phelaine / SinkFinder

  View on GitHub
  闭源系统半自动漏洞挖掘工具，针对 jar/war/zip 进行静态代码分析，输出从source到sink的可达路径。LLM将验证路径可达性，并根据上下文给出该路径可信分数
  ☆502Jan 12, 2026Updated last month
• kyo-w / router-router

  View on GitHub
  Java web路由内存分析工具
  ☆437May 22, 2025Updated 8 months ago
• Java-Chains / chains-plugin-demo

  View on GitHub
  Java Chains 插件编写 demo
  ☆14Mar 5, 2025Updated 11 months ago
• jvm-rasp / jrasp-agent

  View on GitHub
  专注于JVM的运行时防御系统RASP
  ☆295Jun 14, 2024Updated last year
• Ape1ron / SpringAopInDeserializationDemo1

  View on GitHub
  在spring-aop中新发现的反序列化gadget-chain
  ☆52Jan 12, 2025Updated last year
• X1r0z / JNDIMap

  View on GitHub
  A powerful JNDI injection exploitation framework that supports RMI, LDAP and LDAPS protocols, including various bypass methods for high-v…
  ☆566Feb 4, 2026Updated 2 weeks ago
• flowerwind / AutoGenerateXalanPayload

  View on GitHub
  cve-2022-34169 延伸出的Jdk Xalan的payload自动生成工具，可根据不同的Jdk生成出其所对应的xslt文件
  ☆93Jan 17, 2023Updated 3 years ago
• pen4uin / java-echo-generator

  View on GitHub
  一款支持自定义的 Java 回显载荷生成工具｜A customizable Java echo payload generation tool.
  ☆461Jan 12, 2025Updated last year
• Whoopsunix / utf-8-overlong-encoding

  View on GitHub
  抽离出 utf-8-overlong-encoding 的序列化逻辑，实现 2 3 字节加密序列化数组
  ☆139Mar 11, 2024Updated last year
• Y4Sec-Team / CVE-2023-21939

  View on GitHub
  JDK CVE-2023-21939
  ☆94Aug 26, 2023Updated 2 years ago
• corener / JavaPassDump

  View on GitHub
  JavaPassDump
  ☆272Jan 7, 2022Updated 4 years ago
• luelueking / JSource-Obfuscator

  View on GitHub
  Java Source Code Obfuscator（java源代码混淆器）
  ☆251Apr 23, 2024Updated last year
• Avento / MemShell4Spring

  View on GitHub
  Memory Webshell for Spring Web - 适用于 Spring Web 的内存马
  ☆25Jan 18, 2024Updated 2 years ago
• wa1ki0g / NoAuth

  View on GitHub
  java-web 自动化鉴权绕过
  ☆376Apr 3, 2025Updated 10 months ago
• yulate / tabby-pipeline

  View on GitHub
  用于快速启动tabby 分析漏洞或者gadget的环境
  ☆94Jul 14, 2025Updated 7 months ago
• Y4Sec-Team / no-templates

  View on GitHub
  如果反序列化过程中使用resolveClass拉黑了TemplatesImpl如何绕过
  ☆53Sep 10, 2023Updated 2 years ago
• Whoopsunix / JavaRce

  View on GitHub
  Common Exploitation Techniques for Java RCE Vulnerabilities in Real-World Scenarios | 实战场景较通用的 Java Rce 相关漏洞的利用方式
  ☆545Mar 6, 2025Updated 11 months ago
• qi4L / Ysoserial-go

  View on GitHub
  A Go library for generating Java deserialization payloads.
  ☆155Sep 9, 2024Updated last year
• Neo-Maoku / MultiTshProxy

  View on GitHub
  tsh多终端代理通信
  ☆19Feb 26, 2025Updated 11 months ago
• 4ra1n / code-encryptor

  View on GitHub
  使用JNI加密字节码，通过JVMTI解密字节码以保护代码，支持自定义包名和密钥，使用魔法禁止黑客dump字节码
  ☆181Dec 4, 2024Updated last year
• BytecodeDL / ByteCodeDL

  View on GitHub
  A declarative static analysis tool for jvm bytecode based Datalog like CodeQL
  ☆344Jan 6, 2024Updated 2 years ago