Ghidra is a software reverse engineering (SRE) framework

The ZAP by Checkmarx Core project

Cryptomator for Windows, macOS, and Linux: Secure client-side encryption for your cloud storage, ensuring privacy and control over your data.

jsoup: the Java HTML parser, built for HTML editing, cleaning, scraping, and XSS safety.

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Java web common vulnerabilities and security code which is base on springboot and spring security

APIKit：Discovery, Scan and Audit APIs Toolkit All In One.

domain_hunter的高级版本，SRC挖洞、HW打点之必备！自动化资产收集；快速Title获取；外部工具联动；等等

BinAbsInspector: Vulnerability Scanner for Binaries

jSQL Injection is a Java application for automatic SQL database injection.

iOS and macOS Decompiler

log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.

Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure

RiskScanner 是开源的多云安全合规扫描平台，基于 Cloud Custodian 和 Nuclei 引擎，实现对主流公(私)有云资源的安全合规扫描和漏洞扫描。

🔐 A CLI tool to extract server certificates

80+ Gadgets(30 More than ysoserial). JNDI-Injection-Exploit-Plus is a tool for generating workable JNDI links and provide background services by starting RMI server,LDAP server and HTTP server.

JADX-gui scripting plugin for dynamic decompiler manipulation

Source code for Uyuni

JMX enumeration and attacking tool.

Collection of bypass gadgets to extend and wrap ysoserial payloads

Code Coverage Exploration Plugin for Ghidra

JavaWeb漏洞审计工具，构建方法调用链并模拟栈帧进行分析

Cryptomator Command-Line Interface

A collection of Semgrep rules derived from the OWASP MASTG specifically for Android applications.

A static byte code analyzer for Java deserialization gadget research

This Burp Suite extension allows for the automatic creation and deletion of an upstream SOCKS5 proxy on popular cloud services.

Java Decompiler GUI

Der Spam-Filter für die Fritz!Box

PETEP (PEnetration TEsting Proxy) is an open-source Java application for traffic analysis & modification using TCP/UDP proxies. PETEP is a useful tool for performing penetration tests of applicatio…