Libraries that handle security, authentication, authorization or session management.

Newest releases

supertokens SuperTokens Table of Contents 🚀 What is SuperTokens? Philosophy Features + Demo app Documentation 🏗️ Architecture ☕ Why Java? 🔥 SuperTokens vs Othe

PositiveTechnologies GHIDRA plugin to parse, disassemble and decompile NodeJS Bytenode (JSC) binaries

click33 目前已集成——登录验证、权限验证、Session会话、踢人下线、分布式会话、单点登录、OAuth2.0、模拟他人账号、临时身份切换、集成Redis、多账号认证体系、前后台分离模式、注解式鉴权、路由拦截式鉴权、花式token生成

0Chencc CTFCrackTools 's BurpSuite Plugin - Decode and Encode

JoyChou93 Java web common vulnerabilities and security code which is base on springboot and spring security

xcc8 this project is a checker for virus's and token loggers in java apps

moloch-- A Multiplayer Plugin for Burp. Sync's in-scope requests/responses, comments, and highlights in realtime.

ScriptKid-Beta 最近写了一个BurpSuite Extensions用来标记请求包中的一些敏感信息、JS接口和一些特殊字段,防止我们疏忽了一些数据包,我将它命名为“Unexpected information”,使用它可能会有意外的收获信息。

usthe A simple and efficient open-source security framework that focus on protection of restful api.

whwlsfb BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite).

Y4er Weblogic CVE-2020-14645 UniversalExtractor JNDI injection getDatabaseMetaData()

GraxCode Cafecompare is a GUI application for analysis and comparison of java archives and class files.

vzhemevko Spring Social Login is a demo application of how to build authentication and authorization into your Spring Boot application based on OAuth2 identity providers, such as Facebook, GitHub, Google, and others.

google This project aims to provide a central repository for many useful Tsunami Security Scanner plugins.

jas502n CVE-2020-5902 BIG-IP RCE

jas502n Burpsuite Plugin For AES Crack

pyn3rd Apache Tomcat + MongoDB Remote Code Execution

osamahamad CVE-2020-5410 Spring Cloud Config directory traversal vulnerability

MiragePV OptimizedJCAlgs Collection of open-source JavaCard crypto algorithms. Optimized for memory and speed with unified interface (where possible). See each algorithm's own readme file for more details. Featured al

mikepound SSL/TLS Exercises These exercises are associated with my course on Transport Layer Security (TLS). This course is delivered via O'Reilly Live Training. When not teaching online I am a lecturer at the University of Notti

desmondyeung Scala-Hashing Overview Fast non-cryptographic hash functions for Scala. This library provides APIs for computing 32-bit and 64-bit hashes. Currently implemented hash functions MurmurHash3 (32-bit)

eclipse Open-source vulnerability assessment tool Discover, assess and mitigate known vulnerabilities in your Java and Python projects. The open-source vulnerability assessment tool supports software development org

nccgroup Burp Suite HTTP Smuggler A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques. This extension has been developed by Soroush Dalili (@irsdl) from NCC Group. T

auth0 Java JWT A Java implementation of JSON Web Tokens (draft-ietf-oauth-json-web-token-08). If you're looking for an Android version of the JWT Decoder take a look at our JWTDecode.Android library.

jcasbin jcasbin-springboot-plugin jcasbin-springboot-plugin is an authorization middleware for Spring Boot, it's based on It is developed under the latest Spring Boot 2.0.1 and Java 8.

okayrunner Spring Boot Starter ACME A Spring Boot module that is meant to ease the pain of generating a valid SSL Certificate using the Automatic Certificate Management Environment (ACME) protocol. This project depends on the acm

GraxCode What is this project about? The ReverseCrypter can extract jar archives crypted by various java-crypters. The extractors (and their keys!) are hard-coded and may not work for newer versions. Supported Crypter

casbin jCasbin News: still worry about how to write the correct jCasbin policy? Casbin online editor is coming to help! Try it at: jCasbin is a powerful and efficient open-source access cont

baidu OpenRASP Introduction Unlike perimeter control solutions like WAF, OpenRASP directly integrates its protection engine into the application server by instrumentation. It can monitor various events including

bisq-network Bisq What is Bisq? Bisq is a safe, private and decentralized way to exchange bitcoin for national currencies and other digital assets. Bisq uses peer-to-peer networking and multi-signature escrow to facilit

google Tink A multi-language, cross-platform library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse. Ubuntu macOS In

zhuinfo seawaf-agent An open source web application firewall component why Applications should not be delegating most of their runtime protection to the external devices. Applica-tions should be capable of self-

google Project Wycheproof Project Wycheproof is named after Mount Wycheproof, the smallest mountain in the world. The main motivation for the project is to have a goal that is achievable.