All Algorithms implemented in Java

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

SpringBoot 相关漏洞学习资料，利用方法和技巧合集，黑盒安全评估 check list

Java安全相关的漏洞和技术demo，原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。

Java web common vulnerabilities and security code which is base on springboot and spring security

红蓝对抗以及护网相关工具和资料，内存shellcode（cs+msf）和内存马查杀工具

Spoon is a metaprogramming library to analyze and transform Java source code. 🥄 is made with ❤️, 🍻 and ✨. It parses source files to build a well-designed AST with powerful analysis and transformati…

Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势

Solutions to Programming Exercises in Introduction to Java Programming, Comprehensive Version (10th Edition) by Y. Daniel Liang

Alibaba-Nacos-Unauthorized/ApacheDruid-RCE_CVE-2021-25646/MS-Exchange-SSRF-CVE-2021-26885/Oracle-WebLogic-CVE-2021-2109_RCE/RG-CNVD-2021-14536/RJ-SSL-VPN-UltraVires/Redis-Unauthorized-RCE/TDOA-V11.…

建议使用新版：https://github.com/jar-analyzer/jar-analyzer

关于学习java安全的一些知识,正在学习中ing,欢迎fork and star

a webshell resides in the memory of java web server

A Burp Suite Extension that try to find all sub-domain, similar-domain and related-domain of an organization automatically! 基于流量自动收集整个企业或组织的子域名、相似域名、相关域名的burp插件

Intentionally vulnerable Android application.

适用于weblogic和Tomcat的无文件的内存马(memshell)

attackRmi

fastjson bypass autotype 1.2.68 with Throwable and AutoCloseable.

清除基于java agent木马

CTF write-ups

实现进制转换和编码转换

For someone who likes learning tech and doesn't want to waste time