Java Web 源码 XXE (XML External Entity) 漏洞审计工具。从源码中识别所有 XML 解析操作并分析外部实体注入风险。适用于:(1) 识别 XML 解析器类型和实现方式,(2) 发现 XXE 注入漏洞,(3) 分析外部实体防护配置情况,(4) 审计 XML 输入来源与回显逻辑。支持 XMLReader、SAXBuilder、SAXReader、SAXParserFactory、DocumentBuilderFactory 五种主流解析器。**支持反编译 .class/.jar 文件提取 XML 解析逻辑**。结合 java-route-mapper 使用可实现完整的路由+XXE审计。
Key Features
- Comprehensive skill evaluation and performance tracking
- Community-driven ratings and reviews
- Easy integration with Claude Code
- Regular updates and maintenance
Quick Start
TopRank Skills install RuoJi6/java-xxe-auditchat Comments (0)
Sign in to join the discussion and leave a comment.
Skill Details
GitHub Stars
256
GitHub Forks
32
Created
Mar 2026
Last Updated
3个月前
tools
tools debugging
Related Skills
Build your own?
Join 12,000+ developers contributing to the Claude ecosystem.
No comments yet. Be the first to share your thoughts!