java-sec Goto Github PK
Name: Java Security
Type: Organization
Bio: 关于Java安全的一些东西(漏洞、开发、JVM、IAST、RASP、SAST blabla),此处多为探索各种Idea做各种实验,用于为孵化更成熟的Java安全产品做技术支撑
Name: Java Security
Type: Organization
Bio: 关于Java安全的一些东西(漏洞、开发、JVM、IAST、RASP、SAST blabla),此处多为探索各种Idea做各种实验,用于为孵化更成熟的Java安全产品做技术支撑
基于ip的访问控制(ip黑名单、ip白名单)
Apache Dubbo (CVE-2023-23638)漏洞利用的工程化实践
Alibaba Java Diagnostic Tool Arthas/Alibaba Java诊断利器Arthas
attackRmi
Tomcat常见漏洞GUI利用工具。CVE-2017-12615 PUT文件上传漏洞、tomcat-pass-getshell 弱认证部署war包、弱口令爆破、CVE-2020-1938 Tomcat AJP文件读取/包含
记录自己对《代码审计》的理解和总结,对危险函数的深入分析以及在p牛的博客和代码审计圈的收获
Bistoury是去哪儿网的java应用生产问题诊断工具,提供了一站式的问题诊断方案
此仓库仅用于源码阅读学习
Bypass JVM Class ByteCode Verifier , 对抗反编译器
类版本追踪
一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense.
crackmes.one 网站上的一些crackme练习
DbVisualizer Pro Agent
Datadog APM client for Java
Datadog APM client for Java
反序列化炸弹
Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynamic hooks.
此仓库仅用于源码阅读学习
Dump classes from running JVM process.
通过JavaAgent与Javassist技术对JVM加载的类对象进行动态插桩,可以做一些破解、加密验证的绕过等操作
简单实现的 Java RASP
Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and serverless. It is derived from ByteDance's internal best practices.
邪恶计算器!
Fastjson vulnerability quickly exploits the framework(fastjson漏洞快速利用框架)
无需文件落地Agent内存马生成器
此仓库仅用于源码阅读学习
Java unlimited redefinition of classes at runtime.
HouseMD is an awesome diagnosing tool better than BTrace
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.