定投改变命运 —— 让时间陪你慢慢变富 https://onregularinvesting.com

安全方向知识点(包含web攻防、java攻防、企业安全、内网/域、提权、免杀)

javaeasyscanner - 富婆系列，代码审计辅助工具，致力于解放大脑，方便双手

​ JavaSecLab是一款综合型Java漏洞平台，提供相关漏洞缺陷代码、修复代码、漏洞场景、审计SINK点、安全编码规范，覆盖多种漏洞场景，友好用户交互UI……

让"WAF绕过"变得简单

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

安全服务集成化工具平台，希望能帮助你少开几个应用测试

Java web common vulnerabilities and security code which is base on springboot and spring security

✨Spark is a web-based, cross-platform and full-featured Remote Administration Tool (RAT) written in Go that allows you control all your devices anywhere. Spark是一个Go编写的，网页UI、跨平台以及多功能的远程控制和监控工具，你可以随时…

Prompt越狱手册

一站式自动下载部署常用安全工具小脚本.

后渗透

Windows inside a Docker container.

CTF-Java-Gadget专注于收集CTF中Java赛题的反序列化片段

best tool for finding SQLi,CRLF,XSS,LFi,OpenRedirect

Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.

The web version of Java Payload generation and utilization tool provides Payload generation such as Java deserialization and Hessian 1/2 deserialization, as well as JNDI, Fake MySQL, JRMPListener, etc

【Hello-CTF labs】一个想帮你收集所有RCE技巧的靶场。

一款基于Java开发的微信数据分析工具。

一款轻量级匹配Sink点的代码审计扫描器，为了帮助红队过程中快速代码审计的小工具

"chanzi" is a simple and user-friendly JAVA SAST tool that utilizes taint analysis technology, includes built-in common vulnerability rules, supports decompile, custom rule, and is compatible with …

a rep for documenting my study, may be from 0 to 0.1

chsrc 全平台通用换源工具与框架. Change Source everywhere for every software

D-Eyes为M-SEC社区一款检测与响应工具

A dynamic library tweak for WeChat macOS - 首款微信 macOS 客户端撤回拦截与多开 🔨

Java安全相关的漏洞和技术demo，原生Java、Fastjson、Jackson、Hessian2、XML反序列化漏洞利用和Spring、Dubbo、Shiro、CAS、Tomcat、RMI、Nexus等框架\中间件\功能的exploits以及Java Security Manager绕过、Dubbo-Hessian2安全加固等等实践代码。

网络安全 · 攻防对抗 · 蓝队清单，中文版

JAVA 安全靶场，IAST 测试用例，JAVA漏洞复现，代码审计，SAST测试用例，安全扫描（主动和被动），JAVA漏洞靶场，RASP测试用例 ； Java Security Testbed, IAST Test Cases, Java Vulnerability Reproduction, Code Auditing, SAST Test Cases, Security Scanning…

关于学习java安全的一些知识,正在学习中ing,欢迎fork and star

A collaborative list of great resources about RESTful API architecture, development, test, and performance