Jar Analyzer - 一个 JAR 包 GUI 分析工具，方法调用关系搜索，方法调用链 DFS 算法分析，模拟 JVM 的污点分析验证 DFS 结果，字符串搜索，Java Web 组件入口分析，CFG 程序分析，JVM 栈帧分析，自定义表达式搜索。官方文档：https://docs.qq.com/doc/DV3pKbG9GS0pJS0tk

• UpdatedOct 19, 2025
• Java

🔍 CodeAuditAssistant - IDEA代码审计插件（公测中） ⚡ 精准追踪复杂调用链 | 🚀 毫秒级方法搜索 | 🔥 内置高危漏洞检测 原生集成 | 反编译/路径分析 | 内存优化 | 安全审计利器 🔍 CodeAuditAssistant - JetBrains Code Audit Plugin (Beta) ⚡ Deep Call-Chain Tracking | 🚀 Method/Class Search | 🔥 Prebuilt Vuln Sinks Native Integration | Decompiler/Path Finder | Memory Optimized

• UpdatedAug 3, 2025

"chanzi" is a simple and user-friendly JAVA SAST tool that utilizes taint analysis technology, includes built-in common vulnerability rules, supports decompile, custom rule, and is compatible with the technology stacks of Servlet&filter, Spring,struts,Dubbo,Thrift, jax-rs,jax-ws,JFinal,Netty,MyBatis,and JSP.

• UpdatedNov 2, 2025

Java web and command line applications demonstrating various security topics

• UpdatedNov 3, 2025
• Java

Java-Web-Security - Sichere Webanwendungen mit Java entwickeln

• UpdatedNov 3, 2025
• Java

使用JNI加密字节码，通过JVMTI解密字节码以保护代码，支持自定义包名和密钥，使用魔法禁止黑客dump字节码

• UpdatedDec 4, 2024
• C

基于 RBAC 模型功能全面的 Shiro 安全集成&简化&扩展组件。Shiro integration & simplifies & Extension component based RBAC

• UpdatedAug 13, 2019
• TSQL

Demonstrate how usage of the Java Security Manager can prevent Remote Code Execution (RCE) exploits.

• UpdatedDec 3, 2023
• Java

An ongoing curated list of frameworks, books, articles, talks, screencasts, recordings, libraries, learning tutorials and resources about Java Development.

• UpdatedMar 25, 2022
• Java

Fast and powerful cryptographic functions thanks to javax.crypto and CommonCrypto.

• UpdatedApr 5, 2023
• Dart

An ongoing collection of java language tools and frameworks, software, libraries, learning tutorials, frameworks, academic and practical resources.

• UpdatedJul 4, 2022

Sample web app to demo end-to-end security w/ JavaEE, Spring Security and RBAC fine-grained authorization. All connections use SSL.

• UpdatedJul 29, 2025
• HTML

Application Intrusion Detection projects

• UpdatedAug 1, 2024
• Java

TuxCare SecureChain enhances Java supply chain security through vetted libraries, vulnerability fixes, and extended support. Ideal for enterprise-level compliance and secure development.

• UpdatedOct 13, 2025

一个为广大安全人员整合的知识框架，目前会涉及到Web安全、Java安全研究、红蓝对抗、应急响应、APP、SRC、CTF等。

• UpdatedJun 30, 2022

Tutorial on RBAC role engineering practice using Apache Fortress as the security system inside a sample Apache Wicket Java Web app. Based on this article:http://iamfortress.net/2015/03/05/the-seven-steps-of-role-engineering/

• UpdatedJul 29, 2025
• Java

Sample Apache Wicket web app to demo basic java EE security and RBAC with Apache Fortress

• UpdatedJul 29, 2025
• HTML

Automated STIG Benchmark Compliance Remediation for Tomcat 9 with Ansible

• UpdatedMar 12, 2024
• Jinja

SpringJWT is a simple project designed to help users understand JWT implementation with Spring Security, including the use of bearer tokens for secure authentication.

• UpdatedSep 24, 2024
• Java

A PGP end-to-end encrypted generic email client developed for Smart India Hackathon.

• UpdatedNov 23, 2017
• Java