Alternatives and similar repositories for StudyCodeQLpy

Users that are interested in StudyCodeQLpy are comparing it to the libraries listed below

• Ape1ron / SpringAopInDeserializationDemo1
  在spring-aop中新发现的反序列化gadget-chain
  ☆52Updated 10 months ago
• 0xrumble / BytecodeScreen
  ☆50Updated 3 years ago
• SummerSec / BlogPapers
  <a href="sumsec.me"><img src="https://readme-typing-svg.demolab.com?font=Fira+Code&size=24&pause=1000&color=FDFDFD&background=13797800&ce…
  ☆54Updated this week
• flowerwind / AutoGenerateXalanPayload
  cve-2022-34169 延伸出的Jdk Xalan的payload自动生成工具，可根据不同的Jdk生成出其所对应的xslt文件
  ☆90Updated 2 years ago
• bitterzzZZ / CVE-2021-43297-POC
  CVE-2021-43297 POC，Apache Dubbo<= 2.7.13时可以实现RCE
  ☆38Updated 3 years ago
• H3rmesk1t / Fastjson-Gadgets-Automatic-Scanner
  Automatically scan jar packages by using ast to find fastjson gadgets. In particular, this project is limited to mining Gadgets that may …
  ☆48Updated 3 years ago
• welk1n / FastjsonPocs
  一些结合第三方组件的Fastjson POC，在1.2.48以后版本中陆续被添加至黑名单。
  ☆56Updated 6 years ago
• TonyD0g / JSPHunter
  基于污点分析和模拟栈帧技术的JSP Webshell检测
  ☆48Updated last month
• ph4ntonn / inject_und3ad
  👻inject_und3ad -- 蚁剑(AntSword)插件
  ☆24Updated 6 years ago
• 0linlin0 / Java
  java
  ☆54Updated 2 years ago
• Al1ex / MysqlHoneypot
  MysqlHoneypot
  ☆23Updated 3 years ago
• threedr3am / jar-compatibility-detector
  安全升级jar包时，辅助检测Java Archive (JAR) 包之间兼容性，各类符号引用的存在检测，包括方法、方法签名、字段定义和引用、类引用等等
  ☆14Updated last year
• Firebasky / GoRmi
  该项目是通过go语言实现防止rmi利用被反置的问题。
  ☆44Updated 3 years ago
• feihong-cs / jre8u20_gadget
  jre8u20 gadget
  ☆34Updated 4 years ago
• lz520520 / java-object-searcher
  ☆21Updated 8 months ago
• Rvn0xsy / DumperAnalyze
  通过JavaAgent与Javassist技术对JVM加载的类对象进行动态插桩，可以做一些破解、加密验证的绕过等操作
  ☆115Updated last year
• woodpecker-appstore / springboot-vuldb
  ☆70Updated 4 years ago
• woodpecker-appstore / rmi-deserialization-vuldb
  Java RMI反序列化漏洞插件
  ☆49Updated 4 years ago
• xiaopan233 / Java_agent_without_file
  Java agent without file 无文件的Java agent
  ☆82Updated 3 years ago
• lz2y / DubboPOC
  Apache Dubbo漏洞测试Demo及其POC
  ☆64Updated 2 years ago
• KpLi0rn / DeserializeAll
  一个简单的批量反编译jar包的小脚本
  ☆42Updated 3 years ago
• woodpecker-framework / woodpecker-requests
  woodpecker-framework框架http发包库,专门为漏洞检测与利用场景设计。
  ☆69Updated last week
• bewhale / seeyon_zipfile_upload
  致远OA通过发送特殊请求获取管理员cookie，再通过文件上传接口上传webshell压缩文件，最后发送解压请求获取webshell
  ☆10Updated 4 years ago
• ax1sX / SpringSecurity
  A list for Spring Security
  ☆125Updated last year
• novysodope / RWAL-Scan
  Rich woman scanner --富婆扫描器
  ☆36Updated 3 years ago
• hosch3n / FastjsonVulns
  [fastjson 1.2.80] CVE-2022-25845 aspectj fileread & groovy remote classload
  ☆91Updated 3 years ago
• wuppp / releaseBehinderShell
  卸载冰蝎内存马
  ☆68Updated 4 years ago
• T00lsCom / Salon5
  T00ls.Com 2023第一期线下沙龙（苏州）PPT合集
  ☆15Updated 2 years ago
• sf197 / MemoryShellHunter
  Java Agent memory horse scanner combined with Call Graph modus
  ☆64Updated 2 years ago
• SummerSec / LookupInterface
  CodeQL 寻找 JNDI利用 Lookup接口
  ☆163Updated 3 years ago