Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings
/ Hello-Java-Sec Public
forked from j3ers3/Hello-Java-Sec

☕️ Java Security,安全编码和代码审计

0 stars 249 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Canonize/Hello-Java-Sec

BranchesTags
Open more actions menu
 
 

Repository files navigation

☕️ Hello Java Sec Stage Build Status

Hello Java Security 通过结合漏洞场景和安全编码,帮助安全和研发团队理解漏洞原理,从而减少漏洞的产生,代码仅供参考 :)

  • 默认账号:admin/admin

Vulnerability

  • SQLi
  • XSS
  • RCE
  • Deserialization
  • SSTI
  • SpEL
  • SSRF
  • IDOR
  • Directory Traversal
  • Redirect
  • CSRF
  • File Upload
  • XXE
  • Actuator
  • Fastjson
  • Xstream
  • Log4shell
  • JNDI
  • Dos
  • Xpath
  • IPForgery
  • Jwt
  • Password Reset
  • more and more

Run

手工部署

配置数据库

导入数据库文件 src/main/resources/db.sql 配置数据库连接 src/main/application.properties

spring.datasource.url=jdbc:mysql://127.0.0.1:3306/test
spring.datasource.username=root
spring.datasource.password=1234567

编译并启动

使用JDK 1.8环境,高版本会报错

git clone https://github.com/j3ers3/Hello-Java-Sec
cd Hello-Java-Sec
mvn clean package -DskipTests
java -jar target/javasec-x.x.jar

Docker部署

git clone https://github.com/j3ers3/Hello-Java-Sec
cd Hello-Java-Sec
mvn clean package -DskipTests
docker-compose up

技术架构

  • Java 1.8
  • SpringBoot 2.4.1
  • Bootstrap 4.6.0
  • Codemirror 5.62.0

About

☕️ Java Security,安全编码和代码审计

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Java 65.5%
  • HTML 31.5%
  • CSS 3.0%
Morty Proxy This is a proxified and sanitized view of the page, visit original site.