Update README.md

0e0w · 0e0w · commit 3a551e75dc5b · 2021-11-12T23:33:31.000+08:00
diff --git a/README.md b/README.md
@@ -21,27 +21,18 @@
 - [ ] [《Java安全漫谈笔记相关》](https://github.com/phith0n/JavaThings)@phith0n
 
 二、审计案例
-- [ ] https://github.com/proudwind/javasec_study
-- [ ] https://github.com/threedr3am/learnjavabug
-- [ ] https://github.com/SummerSec/JavaLearnVulnerability
-- [ ] https://github.com/cn-panda/JavaCodeAudit
-- [ ] https://github.com/Maskhe/javasec
-- [ ] https://github.com/anbai-inc/javaweb-sec
-- [ ] https://github.com/feihong-cs/Java-Rce-Echo
-- [ ] https://github.com/Y4er/WebLogic-Shiro-shell
-- [ ] https://github.com/feihong-cs/Java-Rce-Echo
-- [ ] https://github.com/feihong-cs/JNDIExploit
-- [ ] https://github.com/welk1n/JNDI-Injection-Exploit
-- [ ] https://github.com/March110/javaweb-sec
-- [ ] https://github.com/wh1t3p1g/ysomap
-- [ ] https://github.com/returntocorp/semgrep
-- [ ] https://github.com/MobSF/mobsfscan
-- [ ] https://github.com/huyuanzhi2/CodeReview
-- [ ] https://github.com/su18/JDBC-Attack
-- [ ] https://github.com/7hang/--Java
-- [ ] https://github.com/5huai/POC-Test
-- [ ] https://github.com/iiiusky/javaweb-codereview
-- [ ] https://github.com/Firebasky/Java
+- [ ] [《Java代码审计学习笔记》](https://github.com/proudwind/javasec_study)@proudwind
+- [ ] [《Java漏洞学习笔记》](https://github.com/SummerSec/JavaLearnVulnerability)@SummerSec
+- [ ] [《代码审计入门小项目》](https://github.com/cn-panda/JavaCodeAudit)@cn-panda
+- [ ] [《自学Java安全总结》](https://github.com/Maskhe/javasec)@Maskhe
+- [ ] [《攻击Java Web应用》](https://github.com/March110/javaweb-sec)@安百科技
+- [ ] [《Java RCE 回显测试代码》](https://github.com/feihong-cs/Java-Rce-Echo)@feihong
+- [ ] [《Java反序列化技术分享》](https://github.com/Y4er/WebLogic-Shiro-shell)@Y4er
+- [ ] [《Java代码审计总结》](https://github.com/huyuanzhi2/CodeReview)@huyuanzhi2
+- [ ] [《代码审计知识点整理-Java》](https://github.com/7hang/--Java)@7hang
+- [ ] [《Java代码审计案例》](https://github.com/5huai/POC-Test)@5huai
+- [ ] [《java安全和java框架漏洞》](https://github.com/Firebasky/Java)@Firebasky
+- [ ] [《Java安全相关的漏洞和技术demo》](https://github.com/threedr3am/learnjavabug)@threedr3am
 
 三、视频教程
 - [ ] [《MS08067安全实验室》](https://space.bilibili.com/396298765?spm_id_from=333.788.b_765f7570696e666f.2)
@@ -50,9 +41,11 @@
 
 五、审计报告
 
-五、其他资源
-- [ ] [《攻击Java Web应用》](https://appts4jvi.zhishibox.net/b/5d644b6f81cbc9e40460fe7eea3c7925)
+六、其他资源
+- [ ] [《攻击Java Web应用》](https://zhishihezi.net/b/5d644b6f81cbc9e40460fe7eea3c7925)@javasec
+- [ ] [《J2EE 渗透测试与安全开发》](https://zhishihezi.net/b/98ae566719b21536dff0c4febaa697d2)@路人甲
 - [ ] [《静态程序分析入门教程》](https://github.com/RangerNJU/Static-Program-Analysis-Book)
+- [ ] https://github.com/su18/JDBC-Attack
 
 ## 02-Java代码审计工具
 
@@ -64,16 +57,30 @@
 
 二、IDEA
 - [ ] https://github.com/XianYanTechnology/RocB
+- [ ] https://github.com/momosecurity/momo-code-sec-inspector-java
 
-三、其他
+三、JNDI工具
+- [ ] https://github.com/su18/JNDI
+- [ ] https://github.com/welk1n/JNDI-Injection-Exploit
+- [ ] https://github.com/feihong-cs/JNDIExploit
+- [ ] https://github.com/welk1n/JNDI-Injection-Exploit
+
+四、反序列化工具
+- [ ] https://github.com/wh1t3p1g/ysomap
+- [ ] https://github.com/frohoff/ysoserial
+- [ ] https://github.com/KpLi0rn/ysoserial
+- [ ] https://github.com/0range228/Gadgets
+- [ ] https://github.com/JackOfMostTrades/gadgetinspector
+
+五、其他
 - [ ] https://github.com/MobSF/mobsfscan
 - [ ] https://github.com/threedr3am/log-agent
 - [ ] https://github.com/wh1t3p1g/tabby
-- [ ] https://github.com/KpLi0rn/ysoserial
 - [ ] https://github.com/EmYiQing/XVulnFinder
 - [ ] https://github.com/EmYiQing/CodeInspector
 - [ ] https://github.com/mtxiaowangzi/CAFJE
 - [ ] https://github.com/FeeiCN/Cobra
+- [ ] https://github.com/returntocorp/semgrep
 
 ## 03-Java漏洞靶场平台
 
@@ -83,7 +90,6 @@
 - [ ] https://github.com/novysodope/mytestvul
 - [ ] https://github.com/langligelang/maobugs
 - [ ] https://github.com/ityouknow/spring-boot-examples
-- [ ] https://github.com/kevinsawicki/http-request
 - [ ] https://github.com/NanoHttpd/nanohttpd
 - [ ] https://github.com/TheKingOfDuck/MySQLMonitor
 - [ ] https://github.com/tangxiaofeng7/SecExample
@@ -98,6 +104,10 @@
 - [ ] https://github.com/bit4woo/Java_deserialize_vuln_lab
 - [ ] https://github.com/mtxiaowangzi/Java-EE-VulnWeb
 - [ ] https://github.com/j3ers3/Hello-Java-Sec
+- [ ] https://github.com/iiiusky/javaweb-codereview
+- [ ] https://github.com/yhy0/sqlilab-Jsp
+
+- [ ] https://github.com/pmiaowu/DeserializationTest
 
 ## 04-Java安全Web漏洞
 
@@ -106,19 +116,13 @@
 - 程序安装问题
 - 业务逻辑漏洞
 - SQL注入漏洞
-  - https://github.com/yhy0/sqlilab-Jsp
 - 变量覆盖漏洞
 - 任意文件上传漏洞
 - 任意文件写入漏洞
 - 任意文件删除漏洞
 - 任意文件包含漏洞
 - 任意命令执行漏洞
 - Java反序列化漏洞
-  - https://github.com/frohoff/ysoserial
-  - https://github.com/wh1t3p1g/ysomap
-  - https://github.com/JackOfMostTrades/gadgetinspector
-  - https://github.com/0range228/Gadgets
-  - https://github.com/pmiaowu/DeserializationTest
 - XSS跨站脚本攻击
 - XML外部实体攻击
 - CSRF跨站请求伪造
@@ -129,9 +133,10 @@
 ## 06-Java安全编码规范
 
 - 腾讯-Java安全编码规范
-- 奇安信-Java安全编码规范
+- 绿盟-Java安全编码规范
 - [陌陌-Java安全编码规范](https://github.com/momosecurity/rhizobia_J)
 - 华为-Java安全编码规范
+- 奇安信-Java安全编码规范
 - 软通动力-Java-Web安全开发规范
 
 ## 07-Java代码审计老师
