we1h0 / awesome-java-security-checklist

Related projects ⓘ

Alternatives and complementary repositories for awesome-java-security-checklist

• Echocipher / Pentest-Wiki
  规范渗透测试报告中的漏洞名称以及修复建议
  ☆146Updated 5 years ago
• zema1 / ysoserial
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆351Updated 2 years ago
• phith0n / xray-poc-generation
  🧬 辅助生成 XRay YAML POC
  ☆261Updated last year
• zongdeiqianxing / hscan
  集成crawlergo、xray、dirsearch、nmap等工具的src漏洞挖掘工具，使用docker封装运行；使用oneforall自动遍历子域名并扫描；
  ☆117Updated 3 years ago
• Y4er / fastjson-bypass-autotype-1.2.68
  fastjson bypass autotype 1.2.68 with Throwable and AutoCloseable.
  ☆223Updated 2 years ago
• 5wimming / gadgetinspector
  利用链、漏洞检测工具
  ☆367Updated 3 months ago
• fengupupup / RocB
  鹏 RocB - Java代码审计IDEA插件 SAST
  ☆147Updated 3 years ago
• mysticbinary / WebBug
  Java编写的Web漏洞靶场
  ☆79Updated 2 years ago
• cwkiller / unauthorized-check
  扫描常见未授权访问（redis、mongodb、memcached、elasticsearch、zookeeper、ftp、CouchDB、docker、Hadoop）
  ☆185Updated 4 years ago
• mstxq17 / VunHunterTips
  漏洞挖掘技巧及其一些工具集成
  ☆134Updated 2 years ago
• p1g3 / Fastjson-Scanner
  a burp extension to find where use fastjson
  ☆164Updated 4 years ago
• cdhe / JavaSecInterview
  打造最强的Java安全研究与安全开发面试题库，帮助师傅们找到满意的工作
  ☆173Updated 2 years ago
• kezibei / Urldns
  ☆299Updated 3 months ago
• mtxiaowangzi / CAFJE
  又一个Java Web代码审计工具
  ☆99Updated 6 years ago
• timwhitez / Frog-Auth
  🐸Unauthorized Detection Framework未授权访问检测框架
  ☆158Updated 11 months ago
• r0eXpeR / Safety-checklist
  🌴一些安全备忘清单
  ☆60Updated last year
• starnightcyber / Emergency-Material-Collection
  应急响应资料收集
  ☆86Updated 4 years ago
• lucksec / Spring-Cloud-Gateway-CVE-2022-22947
  CVE-2022-22947
  ☆220Updated 2 years ago
• flowerwind / JspFinder
  一款通过污点追踪发现Jsp webshell的工具(A tool to find Jsp Webshell through stain tracking)
  ☆175Updated 2 years ago
• Wh0ale / penetration
  渗透 超全面的渗透资料💯 包含：0day，xss，sql注入，提权……
  ☆62Updated 6 years ago
• potats0 / shiroPoc
  ☆319Updated 3 years ago
• lalajun / RMIDeserialize
  RMI 反序列化环境 一步步
  ☆211Updated 4 years ago
• woodpecker-framework / ysoserial-for-woodpecker
  给woodpecker框架量身定制的ysoserial
  ☆523Updated 2 years ago
• SPuerBRead / Bridge
  无回显漏洞测试辅助平台，平台使用Java编写，提供DNSLOG，HTTPLOG等功能，辅助渗透测试过程中无回显漏洞及SSRF等漏洞的验证和利用。
  ☆383Updated last year
• jweny / shiro-cve-2020-17523
  shiro-cve-2020-17523 漏洞的两种绕过姿势分析 以及配套的漏洞环境
  ☆114Updated 3 years ago
• 7hang / --php
  代码审计知识点整理-php
  ☆92Updated 4 years ago
• ydnzol / memshell
  Tomcat 冰蝎内存马。
  ☆213Updated 4 years ago
• bigsizeme / shiro-check
  Shiro反序列化回显利用、内存shell、检查 Burp插件
  ☆216Updated 2 years ago
• yuanhaiGreg / Fuzz-Dict
  一些常见字典
  ☆152Updated 3 years ago