Java.md
February 15, 2026 · View on GitHub
Tools Made of Java
| Type | Name | Description | Star | Tags | Badges |
|---|---|---|---|---|---|
| Army-Knife | ZAP | The ZAP core project |  | mitmproxy live-audit crawl |      |
| Army-Knife | BurpSuite | The BurpSuite Project | mitmproxy live-audit crawl |  | |
| Recon | attack-surface-detector-burp | The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters |  | endpoint url attack-surface | |
| Recon | attack-surface-detector-zap | The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters |  | endpoint url attack-surface | |
| Recon | reflected-parameters |  | param | | |
| Fuzzer | param-miner | Param Miner |  | param cache-vuln | |
| Scanner | collaborator-everywhere |  | oast | | |
| Scanner | DeepViolet | Tool for introspection of SSL\TLS sessions |  | ssl | |
| Scanner | http-request-smuggler |  | smuggle | | |
| Scanner | csp-auditor |  | csp | | |
| Scanner | BurpSuiteHTTPSmuggler |  | smuggle | | |
| Exploit | BaRMIe | Java RMI enumeration and attack tool. |  | RMI | |
| Utils | GadgetProbe | Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths. |  | deserialize | |
| Utils | Web3 Decoder | Burp Extension for Web3 |  | web3 | |
| Utils | pcap-burp | Pcap importer for Burp |  | | |
| Utils | safecopy |  | | ||
| utils | Neonmarker |  | | ||
| Utils | AWSSigner | Burp Extension for AWS Signing |  | | |
| Utils | Map Local | ZAP add-on which allows mapping of responses to content of a chosen local file. |  | | |
| Utils | BurpSuiteLoggerPlusPlus |  | | ||
| Utils | Stepper |  | | ||
| Utils | http-script-generator |  | | ||
| Utils | taborator |  | oast | | |
| Utils | SerializationDumper | A tool to dump Java serialization streams in a more human readable form. |  | deserialize | |
| Utils | BurpCustomizer | Because just a dark theme wasn't enough! |  | | |
| Utils | Berserko | Burp Suite extension to perform Kerberos authentication |  | | |
| Utils | Decoder-Improved | Improved decoder for Burp Suite |  | | |
| Utils | ysoserial | A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. |  | deserialize | |
| Utils | zap-hud |  | | ||
| Utils | knife | A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅 |  | | |
| Utils | AuthMatrix | Automated HTTP Request Repeating With Burp Suite |  | | |
| Utils | HTTPSignatures | A Burp Suite extension implementing the Signing HTTP Messages draft-ietf-httpbis-message-signatures-01 draft. |  | | |
| Utils | burp-send-to |  | | ||
| utils | owasp-zap-jwt-addon |  | jwt | |