一行代码检测XP/调试/多开/模拟器/root

A simple FOFA client written in JavaFX. Made by WgpSec, Maintained by f1ashine.

A CAT called tabby ( Code Analysis Tool )

log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.

JAVA安全SDK及编码规范

Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.

Analyses your Java applications for open-source dependencies with known vulnerabilities, using both static analysis and testing to determine code context and usage for greater accuracy. https://eclipse.github.io/steady/

云安全利用工具-云平台AK/SK-WEB利用工具，添加AK/SK自动检测资源，无需手动执行，支持云服务器、存储桶、数据库操作

RMIScout uses wordlist and bruteforce strategies to enumerate Java RMI functions and exploit RMI parameter unmarshalling vulnerabilities

无回显漏洞测试辅助平台，平台使用Java编写，提供DNSLOG，HTTPLOG等功能，辅助渗透测试过程中无回显漏洞及SSRF等漏洞的验证和利用。

SecHub provides a central API to test software with different security tools.

Android library to reveal or obfuscate strings and assets at runtime

A secret manager for AWS

Burp Extender plugin that generates a sitemap of a website using Wayback Machine

Trojan 🐍 (keylogger, take screenshots, open your webcam) 🔓

A Cloud Security Posture Manager or CSPM with a focus on security analysis for the modern cloud stack and a focus on the emerging threat landscape such as cloud ransomware and supply chain attacks.

🚿 Sanitising your documents, one threat at a time. — Content Disarm & Reconstruction Software

一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense.

用于检测maven项目的第三方依赖组件是否存在安全漏洞。

Live logger and GUI tool for the Chameleon Mini developed for Android OS in Java.