用于演示Java Web项目中,漏洞的成因及修复方案,可用于黑盒测试和白盒测试,部分修复方案可用于生产环境。
☆43Apr 20, 2018Updated 7 years ago
Alternatives and similar repositories for Java-EE-VulnWeb
Users that are interested in Java-EE-VulnWeb are comparing it to the libraries listed below
Sorting:
- 又一个Java Web代码审计工具☆100May 7, 2018Updated 7 years ago
- JAVA Vul Code JAVA常见漏洞与防御代码示例☆10Sep 18, 2018Updated 7 years ago
- Custom Fortify SCA rules to detect common JSSE certification validation flaws☆11Nov 18, 2015Updated 10 years ago
- 👻inject_und3ad -- 蚁剑(AntSword)插件☆24Aug 8, 2019Updated 6 years ago
- Learn how to get a reverse shell from JIRA application server☆24Dec 2, 2018Updated 7 years ago
- ☆13Feb 17, 2016Updated 10 years ago
- Java通用漏洞修复安全组件☆60Jul 12, 2025Updated 7 months ago
- 记录各语言、框架中危险的sink,个人代码审计、漏洞研究使用。☆117Dec 30, 2021Updated 4 years ago
- ☆41Nov 9, 2018Updated 7 years ago
- ☆34Nov 4, 2018Updated 7 years ago
- 第二届阿里云安全算法挑战赛☆16May 11, 2018Updated 7 years ago
- 一个Fuzzing服务器端模板注入漏洞的半自动化工具☆15Aug 4, 2016Updated 9 years ago
- 收集了java XXE漏洞的demo及修复方式☆19Mar 11, 2024Updated last year
- Hunter作为中通DevSecOps闭环方案中的一环,扮演着很重要的角色,开源之后希望能帮助到更多企业。☆346Dec 14, 2022Updated 3 years ago
- CVE-2019-3799 - Spring Cloud Config Server: Directory Traversal < 2.1.2, 2.0.4, 1.4.6☆31Apr 18, 2019Updated 6 years ago
- Java漏洞练习程序,开发工具Eclipse,运行环境Java 1.7以上版本,Tocmat7以上。☆54Oct 25, 2018Updated 7 years ago
- OpenRASP 漏洞测试环境☆314Oct 31, 2023Updated 2 years ago
- Java every minor versions.☆74Apr 19, 2023Updated 2 years ago
- A Java serializer in JavaScript☆80May 21, 2018Updated 7 years ago
- 整理收集Struts2漏洞环境☆270Jan 9, 2018Updated 8 years ago
- Security Knowledge Structure(安全知识汇总)☆248Oct 12, 2018Updated 7 years ago
- Syclover公开课: Python与HTTP☆26Nov 27, 2023Updated 2 years ago
- Java 反序列化学习的实验代码 Java_deserialize_vuln_lab☆87Nov 26, 2018Updated 7 years ago
- cobalt strike 自启动脚本☆41Mar 19, 2017Updated 8 years ago
- ☆51Mar 25, 2015Updated 10 years ago
- scanver☆21Nov 13, 2018Updated 7 years ago
- 用WebShell攻击PHP-FPM Attacking PHP-FPM with WebShell☆41May 6, 2021Updated 4 years ago
- 同一局域网内网站源码监控、webshell检测总控端☆23Mar 3, 2018Updated 7 years ago
- CVE-2018-8021 Proof-Of-Concept and Exploit☆106Dec 3, 2018Updated 7 years ago
- 在原版nps的基础上,增加了nps探测,以及对应的利用方式(如获取cookie,页面等),进行一些简单的二开。未经过大量测试,可能存在bug。☆21Aug 5, 2025Updated 6 months ago
- Environment for CVE-2018-1273 (Spring Data Commons)☆10Aug 15, 2018Updated 7 years ago
- AutoScan 有多个目标时,多线程调用xray+rad进行自动扫描☆87Jul 12, 2022Updated 3 years ago
- codemillx is a tool for CodeQL, extract the comments in the code and generate codeql module. 强化Go开源项目安全检测(内含开源项目漏洞挖掘方法)☆205Mar 19, 2022Updated 3 years ago
- Burpsuite HTTP 插件,主要用于内网测试,可定制Content-Type和Response Content☆24Jul 2, 2018Updated 7 years ago
- 总结一些渗透中值得关注的默认端口☆23May 19, 2016Updated 9 years ago
- Grafana Arbitrary File Reading Vulnerability☆27Dec 7, 2021Updated 4 years ago
- 编译原理学习代码仓库☆23Jan 17, 2022Updated 4 years ago
- Shiro-721 Padding Oracle Attack☆73Jun 4, 2021Updated 4 years ago
- 演示dubbo rpc Apache commons collections 的Java序列化漏洞☆42Nov 13, 2015Updated 10 years ago