Java Open Rasp(Runtime Application Self-Protection)

A Java Rasp Demo

Supported Vulnerabilites

RCE

deserialize vulnerability
danger ognl expressions
ProcessBuilder log

Sql Ingection

MySQL
SQLServer

How to use:

add "-javaagent:/path/javaopenrasp.jar" to your jvm arguments

Java Open Rasp

这是一个java rasp的验证性demo，已验证rasp的原理及实现

实现的保护点

RCE

反序列化漏洞
Ognl表达式执行
ProcessBuilder log

SQL注入

MySql注入保护
SQLServer注入保护

使用方法

编译后，将"-javaagent:/path/javaopenrasp.jar"添加至JVM的启动参数

E-Mail： xiongxbear@gmail.com

Name		Name	Last commit message	Last commit date
Latest commit History 15 Commits
src		src
.classpath		.classpath
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
pom.xml		pom.xml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

src

src

.classpath

.classpath

.gitignore

.gitignore

LICENSE

LICENSE

README.md

README.md

pom.xml

pom.xml

Repository files navigation

Java Open Rasp(Runtime Application Self-Protection)

A Java Rasp Demo

Supported Vulnerabilites

RCE

Sql Ingection

How to use:

Java Open Rasp

实现的保护点

RCE

SQL注入

使用方法

About

Releases

Packages

Languages

License

xbeark/javaopenrasp

Folders and files

Latest commit

History

Repository files navigation

Java Open Rasp(Runtime Application Self-Protection)

A Java Rasp Demo

Supported Vulnerabilites

RCE

Sql Ingection

How to use:

Java Open Rasp

实现的保护点

RCE

SQL注入

使用方法

About

Resources

License

Stars

Watchers

Forks

Languages