{"id":13843257,"url":"https://github.com/j3ers3/Hello-Java-Sec","last_synced_at":"2025-07-11T18:31:07.643Z","repository":{"id":37705941,"uuid":"382771445","full_name":"j3ers3/Hello-Java-Sec","owner":"j3ers3","description":"☕️ Java Security，安全编码和代码审计","archived":false,"fork":false,"pushed_at":"2025-03-07T06:16:56.000Z","size":9599,"stargazers_count":1555,"open_issues_count":0,"forks_count":235,"subscribers_count":11,"default_branch":"master","last_synced_at":"2025-05-28T16:26:29.748Z","etag":null,"topics":["code-audit","java-sec","java-vul"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/j3ers3.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-07-04T05:32:27.000Z","updated_at":"2025-05-28T12:08:24.000Z","dependencies_parsed_at":"2023-02-01T05:31:10.277Z","dependency_job_id":"411a88c2-b7a9-4e42-aa8b-7fe24f0cf48c","html_url":"https://github.com/j3ers3/Hello-Java-Sec","commit_stats":null,"previous_names":[],"tags_count":6,"template":false,"template_full_name":null,"purl":"pkg:github/j3ers3/Hello-Java-Sec","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/j3ers3%2FHello-Java-Sec","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/j3ers3%2FHello-Java-Sec/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/j3ers3%2FHello-Java-Sec/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/j3ers3%2FHello-Java-Sec/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/j3ers3","download_url":"https://codeload.github.com/j3ers3/Hello-Java-Sec/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/j3ers3%2FHello-Java-Sec/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":264870113,"owners_count":23676162,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["code-audit","java-sec","java-vul"],"created_at":"2024-08-04T17:01:58.196Z","updated_at":"2025-07-11T18:31:07.631Z","avatar_url":"https://github.com/j3ers3.png","language":"Java","readme":"# ☕️ Hello Java Sec ![Stage](https://img.shields.io/badge/Release-DEV-brightgreen.svg) ![Build Status](https://img.shields.io/badge/Version-1.15-red.svg)\n\n\u003e Hello Java Security 通过结合漏洞场景和安全编码，帮助安全和研发团队理解漏洞原理，从而减少漏洞的产生，代码仅供参考 :)\n\n![](media/1.png)\n\n- 默认账号：admin/admin\n\n## Vulnerability\n\n- [x] SQLi\n- [x] XSS\n- [x] RCE\n- [x] Deserialization\n- [x] SSTI\n- [x] SpEL\n- [x] SSRF\n- [x] IDOR\n- [x] Directory Traversal\n- [x] Redirect\n- [x] CSRF\n- [x] File Upload\n- [x] XXE\n- [x] Actuator\n- [x] Fastjson\n- [x] Xstream\n- [x] Log4shell\n- [x] JNDI\n- [x] Dos\n- [x] Xpath\n- [x] IPForgery\n- [x] Jwt\n- [x] Password Reset\n- [ ] more and more\n\n![](media/16304936834843.jpg)\n\n## Run\n\n### 手工部署\n配置数据库\n\n导入数据库文件 `src/main/resources/db.sql`\n配置数据库连接 `src/main/application.properties`\n\n```\nspring.datasource.url=jdbc:mysql://127.0.0.1:3306/test\nspring.datasource.username=root\nspring.datasource.password=1234567\n```\n\n编译并启动\n\n\u003e 使用JDK 1.8环境，高版本会报错\n\n```\ngit clone https://github.com/j3ers3/Hello-Java-Sec\ncd Hello-Java-Sec\nmvn clean package -DskipTests\njava -jar target/javasec-x.x.jar\n```\n\n### Docker部署\n\n```\ngit clone https://github.com/j3ers3/Hello-Java-Sec\ncd Hello-Java-Sec\nmvn clean package -DskipTests\ndocker-compose up\n```\n\n![](media/17327839424016.jpg)\n\n## 技术架构\n\n- Java 1.8\n- SpringBoot 2.4.1\n- Bootstrap 4.6.0\n- Codemirror 5.62.0\n","funding_links":[],"categories":["Java","代码审计"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fj3ers3%2FHello-Java-Sec","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fj3ers3%2FHello-Java-Sec","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fj3ers3%2FHello-Java-Sec/lists"}