JavaID

java source code danger function identify prog

How does it work?

JavaID identify some dangerous functions in java source code by way of regular matching.

For further details, check out the source code on the main site, github.com/Cryin/JavaID.

What does it identify?

XXE:
   "SAXReader",
   "DocumentBuilder",
   "XMLStreamReader",
   "SAXBuilder",
   "SAXParser",
   "XMLReader",
   "SAXSource",
   "TransformerFactory",
   "SAXTransformerFactory",
   "SchemaFactory",
   "Unmarshaller",
   "XPathExpression"

JavaObjectDeserialization:
   "readObject",
   "readUnshared",
   "Yaml.load",
   "fromXML",
   "ObjectMapper.readValue",
   "JSON.parseObject"
SSRF:
   "HttpClient",
   "Socket",
   "URL",
   "ImageIO",
   "HttpURLConnection",
   "OkHttpClient" 
   "SimpleDriverDataSource.getConnection"
   "DriverManager.getConnection"
FILE:
   "MultipartFile",
   "createNewFile",
   "FileInputStream"
SPelInjection:
   "SpelExpressionParser",
   "getValue"
Autobinding:
   "@SessionAttributes",
   "@ModelAttribute"
URL-Redirect:
   "sendRedirect",
   "forward",
   "setHeader"
EXEC:
   "getRuntime.exec",
   "ProcessBuilder.start",
   "GroovyShell.evaluate"

and so on...

Also you can add function id with regexp.xml!

How do I use it?

Usage: python javaid.py -d dir

Questions?

contact me :)

Name		Name	Last commit message	Last commit date
Latest commit History 26 Commits
JAVA安全编码与代码审计.md		JAVA安全编码与代码审计.md
README.md		README.md
javaid.py		javaid.py
regexp.xml		regexp.xml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

JavaID

How does it work?

What does it identify?

How do I use it?

Questions?

About

Releases

Packages

Contributors 2

Languages

Cryin/JavaID

Folders and files

Latest commit

History

Repository files navigation

JavaID

How does it work?

What does it identify?

How do I use it?

Questions?

About

Topics

Resources

Stars

Watchers

Forks

Releases

Packages 0

Contributors 2

Languages

Packages