Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

j3ers3/Hello-Java-Sec

Repository files navigation

☕️ Hello Java Sec Stage Build Status

Hello Java Security 通过结合漏洞场景和安全编码,帮助安全和研发团队理解漏洞原理,从而减少漏洞的产生,代码仅供参考 :)

  • 默认账号:admin/admin

Vulnerability

  • SQLi
  • XSS
  • RCE
  • Deserialization
  • SSTI
  • SpEL
  • SSRF
  • IDOR
  • Directory Traversal
  • Redirect
  • CSRF
  • File Upload
  • XXE
  • Actuator
  • Fastjson
  • Xstream
  • Log4shell
  • JNDI
  • Dos
  • Xpath
  • IPForgery
  • Jwt
  • Password Reset
  • more and more

Run

手工部署

配置数据库

导入数据库文件 src/main/resources/db.sql 配置数据库连接 src/main/application.properties

spring.datasource.url=jdbc:mysql://127.0.0.1:3306/test
spring.datasource.username=root
spring.datasource.password=1234567

编译并启动

使用JDK 1.8环境,高版本会报错

git clone https://github.com/j3ers3/Hello-Java-Sec
cd Hello-Java-Sec
mvn clean package -DskipTests
java -jar target/javasec-x.x.jar

Docker部署

git clone https://github.com/j3ers3/Hello-Java-Sec
cd Hello-Java-Sec
mvn clean package -DskipTests
docker-compose up

技术架构

  • Java 1.8
  • SpringBoot 2.4.1
  • Bootstrap 4.6.0
  • Codemirror 5.62.0

About

☕️ Java Security,安全编码和代码审计

Topics

Resources

Stars

Watchers

Forks

Packages

No packages published

Contributors 3

AltStyle によって変換されたページ (->オリジナル) /