Java 代码审计-存在风险的函数汇总。方便我们日常代码审计过程中快速定位漏洞点,配合静态代码分析工具做到事半功倍。Java code audit - summary of risky functions. It is convenient for us to quickly locate vulnerability points in the daily code audit process, and cooperate with static code analysis tools to achieve twice the result with half the effort.
☆30Jul 16, 2024Updated last year
Alternatives and similar repositories for Java_Risky_Functions
Users that are interested in Java_Risky_Functions are comparing it to the libraries listed below
Sorting:
- burp被动插件扫反射xss☆14Nov 29, 2023Updated 2 years ago
- 一款用Go实现的批量加载漏洞检测插件进行多线程扫描的框架。☆11Jan 20, 2024Updated 2 years ago
- Phishing sender是一款针对钓鱼邮件应急演练所编写的小脚本,实际上是封装了swaks,让人们做演练的时候更加方便快捷。☆16Jun 8, 2022Updated 3 years ago
- 基于前端vue框架的JavaFx图形化GUI漏洞扫描工具,支持一键扫描vue-manage-system系统前端泄露的未授权目录接口漏洞,并且对扫描的暴露目录进行逐一测试和验证,方便渗透人员快速确定未授权接口。还添加了出口IP地址信息本地DNS信息等的查询,方便清楚自身出口…☆279Aug 11, 2023Updated 2 years ago
- 自动化资产收集,端口扫描,指纹识别,蜜罐识别,漏洞检测 轻量级神器☆34Dec 26, 2024Updated last year
- 结合反射调用、动态编译、BCEL、defineClass0,ScriptEngine、Expression等技术的一款免杀JSP Webshell生成工具☆19Dec 16, 2021Updated 4 years ago
- 加密app渗透测试包,用于brida和frida练习hook逆向技术的安卓apk源码。尝试暴破出加密密码并进行登录即可通关。自动加解密。Brida+burpsuite联动(自动加解密APP请求参数)演示视频在我的Bilibili。☆19Mar 27, 2025Updated 11 months ago
- 010Editor Templates☆13May 29, 2024Updated last year
- Aries is a free and open-source network scanner, support SYN scanning mode.☆34Sep 9, 2023Updated 2 years ago
- AD Pentest Cheatsheet by BlackWasp☆23Oct 10, 2022Updated 3 years ago
- 鸿蒙模拟器 root 工具,方便调试。☆36Jun 8, 2024Updated last year
- 若依4.8.0后台RCE☆27May 21, 2025Updated 9 months ago
- A vul-finder for loading CPG and automated finding vul-call-chains☆72Jul 22, 2025Updated 7 months ago
- 全自动化信息收集工具,解放双手。☆191Jan 16, 2024Updated 2 years ago
- Java漏洞分析汇合☆142Dec 14, 2021Updated 4 years ago
- Catcher(捕手) 重点系统指纹漏洞验证工具,适用于外网打点,资产梳理漏洞检查。☆316Feb 18, 2025Updated last year
- 红队命令速查 是由棱角社区(Edge Forum) 整理的关于 Red Team 期间所常使用的一些基础命令。☆63Jul 11, 2024Updated last year
- Burpsuite - Js Route Scan 正则匹配获取响应中的路由进行被动探测与递归目录探测的burp插件☆368Jun 7, 2024Updated last year
- java-swing-gui-stater | Java Swing GUI Maven 项目模板 | 简单的教程☆62Oct 30, 2024Updated last year
- 远程创建任务计划工具☆190Apr 23, 2022Updated 3 years ago
- Marshal-EASM 攻击面管理系统-社区版☆127May 14, 2024Updated last year
- BurpCrypto officially confirms the supported JS library (BurpCrypto官方确认支持的JS库).☆12Sep 21, 2021Updated 4 years ago
- [VscanPlus内外网漏洞扫描工具]已更新HW热门漏洞检测POC。基于veo师傅的漏扫工具vscan二次开发的版本,端口扫描、指纹检测、目录fuzz、漏洞扫描功能工具,批量快速检测网站安全隐患。An open-source, cross-platform websit…☆326Mar 10, 2026Updated last week
- Java代码审计手册,关注于漏洞挖掘而非利用【持续更新】☆200Nov 21, 2024Updated last year
- 一个集合了多种语言的实战化Web靶场 | A practical Web shooting range that integrates multiple languages☆82Feb 10, 2026Updated last month
- 批量IP地址归属地爬取工具,基于javafx开发,图形化界面操作更简单。实现IP地址查询,IP地址批量查询,IP归属地批量查询功能。IP库调用的是IP318.com和纯真IP库,都是较权威的IP查询网站。☆49Jul 31, 2022Updated 3 years ago
- 内网渗透学习的一份记录 mark☆12Sep 24, 2023Updated 2 years ago
- uni_app抓包脚本☆38Jul 29, 2024Updated last year
- 是我阅读各种源码写的笔记☆72Sep 15, 2022Updated 3 years ago
- ☆24Jun 12, 2023Updated 2 years ago
- ☆29Feb 2, 2024Updated 2 years ago
- 记录一些代码审计过的源码☆182Feb 26, 2025Updated last year
- 内存马学习☆172May 29, 2022Updated 3 years ago
- Alternative Shellcode Execution Via Callbacks Rewrite In C#☆90Apr 28, 2023Updated 2 years ago
- ☆18Dec 25, 2024Updated last year
- ☆30Dec 6, 2024Updated last year
- bchecks for burpsuite☆14Oct 9, 2023Updated 2 years ago
- Java漏洞调试分析集合☆91Mar 11, 2024Updated 2 years ago
- High-performance port scanner. 高性能端口扫描器. syn scanner☆315Oct 13, 2025Updated 5 months ago