Repository navigation
java-security
- Website
- Wikipedia
Jar Analyzer - 一个 JAR 包分析工具,完善美观的 GUI 支持,方法调用关系搜索,方法调用链 DFS 算法分析,字符串搜索,Java Web 组件入口分析,CFG 程序分析,JVM 栈帧分析,自定义表达式搜索。官方文档:https://docs.qq.com/doc/DV3pKbG9GS0pJS0tk
🔍 CodeAuditAssistant - IDEA代码审计插件(公测中) ⚡ 精准追踪复杂调用链 | 🚀 毫秒级方法搜索 | 🔥 内置高危漏洞检测 原生集成 | 反编译/路径分析 | 内存优化 | 安全审计利器 🔍 CodeAuditAssistant - JetBrains Code Audit Plugin (Beta) ⚡ Deep Call-Chain Tracking | 🚀 Method/Class Search | 🔥 Prebuilt Vuln Sinks Native Integration | Decompiler/Path Finder | Memory Optimized
打造最强的Java安全研究与安全开发面试题库,包含问题和详细的答案,帮助师傅们找到满意的工作
"chanzi" is a simple and user-friendly JAVA SAST tool that utilizes taint analysis technology, includes built-in common vulnerability rules, supports decompile, custom rule, and is compatible with the technology stacks of Servlet&filter, Spring,struts,Dubbo,Thrift, jax-rs,jax-ws,JFinal,Netty,MyBatis,and JSP.
Java web and command line applications demonstrating various security topics
Java-Web-Security - Sichere Webanwendungen mit Java entwickeln
使用JNI加密字节码,通过JVMTI解密字节码以保护代码,支持自定义包名和密钥,使用魔法禁止黑客dump字节码
基于 RBAC 模型功能全面的 Shiro 安全集成&简化&扩展组件。Shiro integration & simplifies & Extension component based RBAC
Demonstrate how usage of the Java Security Manager can prevent Remote Code Execution (RCE) exploits.
An ongoing collection of java language tools and frameworks, software, libraries, learning tutorials, frameworks, academic and practical resources.
Fast and powerful cryptographic functions thanks to javax.crypto and CommonCrypto.
An ongoing curated list of frameworks, books, articles, talks, screencasts, recordings, libraries, learning tutorials and resources about Java Development.
Application Intrusion Detection projects
Sample web app to demo end-to-end security w/ JavaEE, Spring Security and RBAC fine-grained authorization. All connections use SSL.
TuxCare SecureChain enhances Java supply chain security through vetted libraries, vulnerability fixes, and extended support. Ideal for enterprise-level compliance and secure development.
一个为广大安全人员整合的知识框架,目前会涉及到Web安全、Java安全研究、红蓝对抗、应急响应、APP、SRC、CTF等。
Sample Apache Wicket web app to demo basic java EE security and RBAC with Apache Fortress
Tutorial on RBAC role engineering practice using Apache Fortress as the security system inside a sample Apache Wicket Java Web app. Based on this article: http://iamfortress.net/2015/03/05/the-seven-steps-of-role-engineering/
SpringJWT is a simple project designed to help users understand JWT implementation with Spring Security, including the use of bearer tokens for secure authentication.
A PGP end-to-end encrypted generic email client developed for Smart India Hackathon.