简介 CVE-2025-24813 是一个影响 Apache Tomcat 的远程代码执行（RCE）漏洞，允许攻击者通过发送一个 PUT 请求上传恶意的序列化会话文件，并通过 GET 请求触发反序列化，从而在服务器上执行任意代码。该漏洞已在野外被利用，且其利用条件相对简单，只需 Tomcat 使用文件存储会话且支持部分 PUT 请求即可。脚本功能 CVE-2025-24813-PoC 脚本主要用于检测 Apache Tomcat 是否存在此漏洞。它支持批量检测和单个检测两种模式。批量检测：通过指定一个包含目标 URL 列表的文件（如 url.txt），脚本可以并发检测多个目标。使用方式为： bashpython poc.py -l url.txt...

SeamlessPass: Using Kerberos Tickets to Access Microsoft 365

JBDev : A Tool For Jailbreak And TrollStore Development

Kereva LLM Code Scanner : A Revolutionary Tool For Python Applications Using LLMs

Hacking Tools

SlackEnum – Mastering User Enumeration On Slack

SharpTerminator – A Guide To Automating AV/EDR Disruption With C# Port

OXO Scan Orchestration Engine – A Comprehensive Guide To Scalable Security...

MANSPIDER – Advanced SMB Crawling For Sensitive Data Detection

EDR-Antivirus-Bypass-To-Gain-Shell-Access

GShark – A Comprehensive Guide To Sensitive Information Management System Deployment

zDocker-cobaltstrike : A Comprehensive Guide To Setting Up Cobalt Strike With...

ConfuserEx2 String Decryptor – A Guide To Deobfuscating .NET Applications

Capa v7.3.0 – Enhanced Malware Analysis With VMRay Integration, Ghidra Support,...

MSSprinkler – Enhancing M365 Security Through Advanced Password Testing

APPLICATIONS

Chista | Open Source Threat Intelligence Framework – Understanding, Predicting, And Defending Against Cyber...

OFFPORT_KILLER : Tool Aims At Automating The Identification Of Potential Service Running

Commander – Secure Python C2 Framework

AnonX : An Encrypted File Transfer Via AES-256-CBC

HOT NEWS

CVE-2025-24813-PoC : Apache Tomcat 远程代码执行漏洞批量检测脚本

EVEN MORE NEWS

What is SIEM? Complete Guide to Security Information and Event Management

Website OSINT: Tools and Techniques for Reconnaissance

Top OSINT Tools to Find Emails, Usernames and Passwords

POPULAR CATEGORY