├── .gitignore ├── .idea ├── .gitignore ├── gradle.xml ├── misc.xml └── uiDesigner.xml ├── .run └── Run IDE with Plugin.run.xml ├── LICENSE ├── README.md ├── gradle.properties ├── gradle └── wrapper │ ├── gradle-wrapper.jar │ └── gradle-wrapper.properties ├── gradlew ├── gradlew.bat ├── settings.gradle └── src └── main ├── java └── com │ └── itkim │ └── inspector │ ├── BaseFixElementWalkingVisitor.java │ ├── BaseLocalInspectionTool.java │ ├── fix │ ├── DeleteElementQuickFix.java │ └── SetBoolArgQuickFix.java │ ├── rule │ ├── dos │ │ ├── NettyResponseSplitting.java │ │ ├── PatternDOS.java │ │ └── SystemDOS.java │ ├── fileRead │ │ └── FileRead.java │ ├── fileWrite │ │ ├── CommonsIO.java │ │ └── IOFiles.java │ ├── jdbc │ │ └── JDBCUnserialize.java │ ├── jndi │ │ ├── JNDIInjection.java │ │ └── LDAPUnserialize.java │ ├── openSAML2 │ │ └── OpenSAML2IgnoreComment.java │ ├── other │ │ ├── BroadCORSAllowOrigin.java │ │ ├── HardcodedCredentials.java │ │ ├── HardcodedIp.java │ │ ├── OutdatedEncryptionInspector.java │ │ ├── PredictableSeed.java │ │ ├── PublicControllerOnSpring.java │ │ ├── ReplacePseudorandomGenerator.java │ │ ├── SpringSecurityDebugEnabled.java │ │ ├── SpringSessionFixProtection.java │ │ └── WeakHashInspector.java │ ├── rce │ │ ├── BSHRCE.java │ │ ├── BurlapUnserialize.java │ │ ├── CastorUnserialize.java │ │ ├── ClassLoaderRCE.java │ │ ├── CompilableRCE.java │ │ ├── ELRCE.java │ │ ├── ExpressionRCE.java │ │ ├── FastjsonAutoType.java │ │ ├── FastjsonUnserialize.java │ │ ├── GroovyRCE.java │ │ ├── HessianUnserialize.java │ │ ├── JEXLRCE.java │ │ ├── JSchOSRCE.java │ │ ├── JYamlUnserialize.java │ │ ├── JacksonDatabindDefaultTyping.java │ │ ├── JsonIOUnserialize.java │ │ ├── JythonRCE.java │ │ ├── KryoUnserialize.java │ │ ├── MVELRCE.java │ │ ├── NashornScriptEngineRCE.java │ │ ├── OGNLInjectionRCE.java │ │ ├── ObjectInputStreamUnserialize.java │ │ ├── RhinoRCE.java │ │ ├── RuntimeRCE.java │ │ ├── SPELRCE.java │ │ ├── ScriptEngineRCE.java │ │ ├── SnakeYamlUnserialize.java │ │ ├── XMLDecoderUnserialize.java │ │ ├── XSLTRCE.java │ │ ├── XStreamUnserialize.java │ │ └── YamlBeansUnserialize.java │ ├── redirect │ │ ├── JakartaRedirect.java │ │ └── JavaxRedirect.java │ ├── reflect │ │ └── Reflect.java │ ├── sqli │ │ ├── BaseSQLi.java │ │ ├── MybatisAnnotationSQLi.java │ │ ├── MybatisXmlSQLi.java │ │ ├── PlaceholderStringSQLi.java │ │ ├── PolyadicExpressionSQLi.java │ │ └── SQLi.java │ ├── ssrf │ │ ├── ApacheSSRF.java │ │ ├── GoogleIOSSRF.java │ │ ├── JavaURLSSRF.java │ │ ├── JsoupSSRF.java │ │ ├── OkhttpSSRF.java │ │ └── SpringSSRF.java │ ├── ssti │ │ ├── BeetlSSTI.java │ │ ├── FreemarkeraSSTI.java │ │ ├── JinjavaSSTI.java │ │ ├── PebbleSSTI.java │ │ ├── ThymeleafSSTI.java │ │ ├── ValidationSSTI.java │ │ └── VelocitySSTI.java │ └── xxe │ │ └── XXEInspector.java │ └── utils │ ├── Constants.java │ ├── InspectionBundle.java │ ├── SQLiUtil.java │ ├── SecExpressionUtils.java │ └── Str.java └── resources ├── InspectionBundle.properties ├── InspectionBundle_zh.properties ├── META-INF ├── plugin.xml └── pluginIcon.svg └── inspectionDescriptions └── FastJsonAutoType.html /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/.gitignore -------------------------------------------------------------------------------- /.idea/.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/.idea/.gitignore -------------------------------------------------------------------------------- /.idea/gradle.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/.idea/gradle.xml -------------------------------------------------------------------------------- /.idea/misc.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/.idea/misc.xml -------------------------------------------------------------------------------- /.idea/uiDesigner.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/.idea/uiDesigner.xml -------------------------------------------------------------------------------- /.run/Run IDE with Plugin.run.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/.run/Run IDE with Plugin.run.xml -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/README.md -------------------------------------------------------------------------------- /gradle.properties: -------------------------------------------------------------------------------- 1 | org.gradle.jvmargs=-Xmx2024m -XX:MaxPermSize=512m 2 | -------------------------------------------------------------------------------- /gradle/wrapper/gradle-wrapper.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/gradle/wrapper/gradle-wrapper.jar -------------------------------------------------------------------------------- /gradle/wrapper/gradle-wrapper.properties: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/gradle/wrapper/gradle-wrapper.properties -------------------------------------------------------------------------------- /gradlew: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/gradlew -------------------------------------------------------------------------------- /gradlew.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/gradlew.bat -------------------------------------------------------------------------------- /settings.gradle: -------------------------------------------------------------------------------- 1 | rootProject.name = "inspector" -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/BaseFixElementWalkingVisitor.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/BaseFixElementWalkingVisitor.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/BaseLocalInspectionTool.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/BaseLocalInspectionTool.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/fix/DeleteElementQuickFix.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/fix/DeleteElementQuickFix.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/fix/SetBoolArgQuickFix.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/fix/SetBoolArgQuickFix.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/dos/NettyResponseSplitting.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/dos/NettyResponseSplitting.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/dos/PatternDOS.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/dos/PatternDOS.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/dos/SystemDOS.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/dos/SystemDOS.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/fileRead/FileRead.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/fileRead/FileRead.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/fileWrite/CommonsIO.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/fileWrite/CommonsIO.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/fileWrite/IOFiles.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/fileWrite/IOFiles.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/jdbc/JDBCUnserialize.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/jdbc/JDBCUnserialize.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/jndi/JNDIInjection.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/jndi/JNDIInjection.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/jndi/LDAPUnserialize.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/jndi/LDAPUnserialize.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/openSAML2/OpenSAML2IgnoreComment.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/openSAML2/OpenSAML2IgnoreComment.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/other/BroadCORSAllowOrigin.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/other/BroadCORSAllowOrigin.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/other/HardcodedCredentials.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/other/HardcodedCredentials.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/other/HardcodedIp.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/other/HardcodedIp.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/other/OutdatedEncryptionInspector.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/other/OutdatedEncryptionInspector.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/other/PredictableSeed.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/other/PredictableSeed.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/other/PublicControllerOnSpring.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/other/PublicControllerOnSpring.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/other/ReplacePseudorandomGenerator.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/other/ReplacePseudorandomGenerator.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/other/SpringSecurityDebugEnabled.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/other/SpringSecurityDebugEnabled.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/other/SpringSessionFixProtection.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/other/SpringSessionFixProtection.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/other/WeakHashInspector.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/other/WeakHashInspector.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/BSHRCE.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/BSHRCE.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/BurlapUnserialize.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/BurlapUnserialize.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/CastorUnserialize.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/CastorUnserialize.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/ClassLoaderRCE.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/ClassLoaderRCE.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/CompilableRCE.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/CompilableRCE.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/ELRCE.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/ELRCE.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/ExpressionRCE.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/ExpressionRCE.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/FastjsonAutoType.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/FastjsonAutoType.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/FastjsonUnserialize.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/FastjsonUnserialize.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/GroovyRCE.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/GroovyRCE.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/HessianUnserialize.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/HessianUnserialize.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/JEXLRCE.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/JEXLRCE.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/JSchOSRCE.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/JSchOSRCE.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/JYamlUnserialize.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/JYamlUnserialize.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/JacksonDatabindDefaultTyping.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/JacksonDatabindDefaultTyping.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/JsonIOUnserialize.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/JsonIOUnserialize.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/JythonRCE.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/JythonRCE.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/KryoUnserialize.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/KryoUnserialize.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/MVELRCE.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/MVELRCE.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/NashornScriptEngineRCE.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/NashornScriptEngineRCE.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/OGNLInjectionRCE.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/OGNLInjectionRCE.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/ObjectInputStreamUnserialize.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/ObjectInputStreamUnserialize.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/RhinoRCE.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/RhinoRCE.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/RuntimeRCE.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/RuntimeRCE.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/SPELRCE.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/SPELRCE.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/ScriptEngineRCE.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/ScriptEngineRCE.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/SnakeYamlUnserialize.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/SnakeYamlUnserialize.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/XMLDecoderUnserialize.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/XMLDecoderUnserialize.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/XSLTRCE.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/XSLTRCE.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/XStreamUnserialize.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/XStreamUnserialize.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/rce/YamlBeansUnserialize.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/rce/YamlBeansUnserialize.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/redirect/JakartaRedirect.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/redirect/JakartaRedirect.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/redirect/JavaxRedirect.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/redirect/JavaxRedirect.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/reflect/Reflect.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/reflect/Reflect.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/sqli/BaseSQLi.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/sqli/BaseSQLi.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/sqli/MybatisAnnotationSQLi.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/sqli/MybatisAnnotationSQLi.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/sqli/MybatisXmlSQLi.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/sqli/MybatisXmlSQLi.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/sqli/PlaceholderStringSQLi.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/sqli/PlaceholderStringSQLi.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/sqli/PolyadicExpressionSQLi.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/sqli/PolyadicExpressionSQLi.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/sqli/SQLi.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/sqli/SQLi.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/ssrf/ApacheSSRF.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/ssrf/ApacheSSRF.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/ssrf/GoogleIOSSRF.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/ssrf/GoogleIOSSRF.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/ssrf/JavaURLSSRF.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/ssrf/JavaURLSSRF.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/ssrf/JsoupSSRF.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/ssrf/JsoupSSRF.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/ssrf/OkhttpSSRF.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/ssrf/OkhttpSSRF.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/ssrf/SpringSSRF.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/ssrf/SpringSSRF.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/ssti/BeetlSSTI.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/ssti/BeetlSSTI.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/ssti/FreemarkeraSSTI.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/ssti/FreemarkeraSSTI.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/ssti/JinjavaSSTI.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/ssti/JinjavaSSTI.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/ssti/PebbleSSTI.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/ssti/PebbleSSTI.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/ssti/ThymeleafSSTI.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/ssti/ThymeleafSSTI.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/ssti/ValidationSSTI.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/ssti/ValidationSSTI.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/ssti/VelocitySSTI.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/ssti/VelocitySSTI.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/rule/xxe/XXEInspector.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/rule/xxe/XXEInspector.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/utils/Constants.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/utils/Constants.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/utils/InspectionBundle.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/utils/InspectionBundle.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/utils/SQLiUtil.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/utils/SQLiUtil.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/utils/SecExpressionUtils.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/utils/SecExpressionUtils.java -------------------------------------------------------------------------------- /src/main/java/com/itkim/inspector/utils/Str.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/java/com/itkim/inspector/utils/Str.java -------------------------------------------------------------------------------- /src/main/resources/InspectionBundle.properties: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/resources/InspectionBundle.properties -------------------------------------------------------------------------------- /src/main/resources/InspectionBundle_zh.properties: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/resources/InspectionBundle_zh.properties -------------------------------------------------------------------------------- /src/main/resources/META-INF/plugin.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/resources/META-INF/plugin.xml -------------------------------------------------------------------------------- /src/main/resources/META-INF/pluginIcon.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/resources/META-INF/pluginIcon.svg -------------------------------------------------------------------------------- /src/main/resources/inspectionDescriptions/FastJsonAutoType.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/KimJun1010/inspector/HEAD/src/main/resources/inspectionDescriptions/FastJsonAutoType.html --------------------------------------------------------------------------------