pplsec / JavaVulLinks
JAVA Vul Code JAVA常见漏洞与防御代码示例
☆10Updated 6 years ago
Alternatives and similar repositories for JavaVul
Users that are interested in JavaVul are comparing it to the libraries listed below
Sorting:
- 用于演示Java Web项目中,漏洞的成因及修复方案,可用于黑盒测试和白盒测试,部分修复方案可用于生产环境。☆43Updated 7 years ago
- 一款存储HTTP请求入库的burpsuite插件☆29Updated 7 years ago
- 总结了一下2019年在JVM环境中使用XXE攻击的知识☆57Updated 5 years ago
- VulHint是辅助代码审计的 sublime text 3 插件☆67Updated 6 years ago
- Linux服务器信息收集脚本☆20Updated 7 years ago
- 又一个Java Web代码审计工具☆100Updated 7 years ago
- 提取phpinfo()敏感信息☆11Updated 6 years ago
- Xray 被动扫描管理☆57Updated 5 years ago
- 一个基于docker的安全培训系统☆60Updated 4 years ago
- Java Security Documents☆80Updated 5 years ago
- FasterXML/jackson-databind 远程代码执行漏洞☆74Updated 5 years ago
- SeeCode Scanner 扫描引擎☆2Updated 5 years ago
- 可以直接反弹shell☆47Updated 2 years ago
- ☆39Updated 7 years ago
- ☆82Updated 7 years ago
- 基于JVM-Sandbox实现RASP安全监控防护☆52Updated last year
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆213Updated 5 years ago
- ☆1Updated 6 years ago
- 个人用于在自动化挖掘gadget时,方便查找gadget chains中class所在jar包,以助于便捷审计测试gadget有效性的那么一个小工具。☆60Updated 5 years ago
- docker remote api未授权访问的利用代码☆50Updated 8 years ago
- java反序列化漏洞利用-JBOSS(含payload生成的java项目,漏洞利用py脚本,shodan部分目标主机搜索结果)☆51Updated 9 years ago
- python audit tool 审计 注入 inject☆34Updated 9 years ago
- 一款精简版github信息泄露搜集工具☆85Updated 6 years ago
- Java 反序列化 学习的实验代码 Java_deserialize_vuln_lab☆87Updated 6 years ago
- A plugin to check xss by using chrome_headless☆52Updated 6 years ago
- A burp extender that recalculate signature value automatically after you modified request parameter value.☆60Updated 2 years ago
- java xxe defense demo☆48Updated 5 years ago
- 基于chrome的信息泄露扫描插件☆36Updated 6 years ago
- Java通用漏洞修复安全组件☆59Updated 7 years ago
- A list of interesting payloads, tips and tricks for bug bounty hunters.☆24Updated 5 years ago