Ramos's repositories
graph4code
超硬核!使用图数据技术发现软件漏洞
attackjavac
attackjavac
Android_Code_Arbiter
针对Android Studio的源码扫描工具
autoSource
Automated SonarQube
Benchmark
OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.
CVE-2020-2555
Weblogic com.tangosol.util.extractor.ReflectionExtractor RCE
dependency-track
Dependency-Track is an intelligent Software Composition Analysis (SCA) platform that allows organizations to identify and reduce risk from the use of third-party and open source components.
GraphScope
GraphScope: A One-Stop Large-Scale Graph Computing System from Alibaba
incubator-dubbo
Apache Dubbo (incubating) is a high-performance, java based, open source RPC framework.
JNDI-Injection-Bypass
Some payloads of JNDI Injection in JDK 1.8.0_191+
Maturity-Models
Node application to help managing Maturity Models like the ones created by BSIMM and OpenSAMM
owasp-threat-dragon
An open source, online threat modelling tool from OWASP
typora-note
云笔记