Security

Libraries that handle security, authentication, authorization or session management.

Newest releases

corener JavaPassDump 背景: 红队实战中,有遇到数据库的配置信息加密的情况,有些甚至在Native层处理加解密,为简化红队流程,产生一个通用的数据库信息提取工具:JavaPassDump。
 

gredler A Java agent that disables features you don't use, before an attacker uses them against you.
 

IR0DayToday # JNDIExploit JNDIExploit v1.2 JNDIExploit v1.2 here can u downoad direct from this git Direct Download for linux wget https://download1320.mediafire
 
191

tangxiaofeng7 BurpLog4j2Scan Description BurpLog4j2Scan is a Burp Suite Extension written in JAVA which could be useful as scan log4j2rce. Screenshot start scan pro
 
845

SonarSource Code Quality and Security for Java This SonarSource project is a code analyzer for Java projects. Information about the analysis of Java features is a
 
280

whwlsfb Log4j2 RCE Passive Scanner plugin for BurpSuite
 
2.1k

YfryTchsGD Log4j impact manufacturers and components summary from the Internet community. Welcome everyone to submit mr to perfect the possible influence surface.
 

christophetd Spring Boot web application vulnerable to CVE-2021-44228, nicknamed Log4Shell.
 
219

GoSimpleLLC Nbvcxz - Password strength estimator - [] nbvcxz is java library (and standalone console program) which is heavily inspired by the work in zxcvbn. Pas
 

p0desta AutoBypass403-BurpSuite A burpsuite plugin help me automatic bypass 403. ChangeLog 2021-12-04 support multi-threaded concurrency 2021-12-02 First publ
 

valb3r Keeps LetsEncrypt certificates up-to-date for your Spring Boot Web application. Pure Java in a single file of library code. An automated embedded alternative to Certbot and docker-sidecars. No JVM restart is needed on certificate
 
1.3k

java-deobfuscator This project aims to deobfuscate most commercially-available obfuscators for Java.
 

feihong-cs JNDIExploit 一款用于 JNDI注入 利用的工具,大量参考/引用了 Rogue JNDI 项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。 使用说明 使用 java -jar JNDIExploit.jar -h 查看参数
 
1.4k

leibnitz27 This is the public repository for the CFR Java decompiler
 
248

synacktiv HopLa 💥 All the power of PayloadsAllTheThings, without the overhead. This extension adds autocompletion support and useful payloads in Burp Suite to
 

eleftherias Test-Driven Security Run tests ./gradlew test References Spring Security test support https://docs.spring.io/spring-security/site/docs/current/referen
 

zzurio A simple Anti-Dump to slow down and annoy attackers.
 
255

line FIDO (Fast IDentity Online) is an open standard for online authentication. It is designed to solve the password problems stemming from a lot of security problems as we are suffering today.
 
3.9k

spring-projects A community-driven project led by the Spring Security team and is focused on delivering Authorization Server support to the Spring community
 

su18 JavaWeb MemoryShell Inject/Scan/Killer/Protect Research & Exploring
 

hyajam JABS is a blockchain network simulator aimed at researching consensus algorithms for performance and security. it is designed to easily handel simulation of networks as large as normal public blockchain networks (~10000 nodes) in
 
114

mikepound This is a Java implementation of an Enigma machine, along with code that attempts to break the encryption. This code is associated with an upcoming Computerphile video.
 
1.6k

supertokens SuperTokens Table of Contents 🚀 What is SuperTokens? Philosophy Features + Demo app Documentation 🏗️ Architecture ☕ Why Java? 🔥 SuperTokens vs Othe
 

PositiveTechnologies GHIDRA plugin to parse, disassemble and decompile NodeJS Bytenode (JSC) binaries
 

click33 目前已集成——登录验证、权限验证、Session会话、踢人下线、分布式会话、单点登录、OAuth2.0、模拟他人账号、临时身份切换、集成Redis、多账号认证体系、前后台分离模式、注解式鉴权、路由拦截式鉴权、花式token生成
 

0Chencc CTFCrackTools 's BurpSuite Plugin - Decode and Encode
 
1.8k

JoyChou93 Java web common vulnerabilities and security code which is base on springboot and spring security
 

xcc8 this project is a checker for virus's and token loggers in java apps
 

moloch-- A Multiplayer Plugin for Burp. Sync's in-scope requests/responses, comments, and highlights in realtime.
 

ScriptKid-Beta 最近写了一个BurpSuite Extensions用来标记请求包中的一些敏感信息、JS接口和一些特殊字段,防止我们疏忽了一些数据包,我将它命名为“Unexpected information”,使用它可能会有意外的收获信息。
 
712

dromara A simple and efficient open-source security framework that focus on protection of restful api.
 
177

whwlsfb BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite).