一行代码检测XP/调试/多开/模拟器/root

JAVA安全SDK及编码规范

log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.

A simple FOFA client written in JavaFX. Made by WgpSec, Maintained by f1ashine.

A CAT called tabby ( Code Analysis Tool )

Analyses your Java applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy. https://eclipse.github.io/steady/

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

无回显漏洞测试辅助平台，平台使用Java编写，提供DNSLOG，HTTPLOG等功能，辅助渗透测试过程中无回显漏洞及SSRF等漏洞的验证和利用。

RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities

SecHub provides a central API to test software with different security tools.

Test and monitor your projects for vulnerabilities with Maven. This plugin is officially maintained by Snyk.

Android library to reveal or obfuscate strings and assets at runtime

Burp Extender plugin that generates a sitemap of a website using Wayback Machine

Trojan 🐍 (keylogger, take screenshots, open your webcam) 🔓

The aim of this project is to protect Java applications against CSRF attacks with the use of Synchronizer Tokens

🚿 Sanitising your documents, one threat at a time. — Content Disarm & Reconstruction Software

Fortify Jenkins plugin

A framework for defining ratings for open source projects. In particular, the framework offers a security rating for open source projects that may be used to assess the security risk that comes with open source components.

A secret manager for AWS