Jar Analyzer - 一个JAR包分析工具,SCA漏洞分析,批量分析JAR包,方法调用关系搜索,字符串搜索,Spring组件分析,CFG程序分析,JVM栈帧分析,进阶表达式搜索,字节码指令级的动态调试分析,反编译JAR包一键导出,一键提取序列化数据恶意代码,一键分析BCEL字节码
-
Updated
Sep 4, 2024 - Java
Jar Analyzer - 一个JAR包分析工具,SCA漏洞分析,批量分析JAR包,方法调用关系搜索,字符串搜索,Spring组件分析,CFG程序分析,JVM栈帧分析,进阶表达式搜索,字节码指令级的动态调试分析,反编译JAR包一键导出,一键提取序列化数据恶意代码,一键分析BCEL字节码
JFrog IntelliJ IDEA plugin
OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.
Vulnerability Environment Build with Dockerfile -> Docker Hub
A reinforced version of the Wavsep evaluation platform.
Example exploitable scenarios for CVE-2024-22243 affecting the Spring framework (open redirect & SSRF).
Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading
On the Coupling between Vulnerabilities and LLM-generated Mutants: A Study on Vul4J dataset, The 17th IEEE International Conference on Software Testing, Verification and Validation (ICST 2024)
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
HummerRisk 是云原生安全平台,包括混合云安全治理和云原生安全检测。
A BurpSuite extension for vulnerability Scanning
项目是根据LandGrey/SpringBootVulExploit清单编写,目的hvv期间快速利用漏洞、降低漏洞利用门槛。
The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
溯光 (TrackRay) 3 beta⚡渗透测试框架(资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap)
CVE-2023-22515
MySQL Fake Server (纯Java实现,支持GUI版和命令行版,提供Dockerfile,支持多种常见JDBC利用)
Add a description, image, and links to the vulnerability topic page so that developers can more easily learn about it.
To associate your repository with the vulnerability topic, visit your repo's landing page and select "manage topics."