Msmap is a Memory WebShell Generator. Compatible with various Containers, Components, Encoder, WebShell / Proxy / Killer and Management Clients.
*: SpringHandler only support for JDK8+
*: Default support for Linux Tomcat 8/9, more versions can be adapted according to the advanced guide.
Proxy: Neo-reGeorg, wsproxy
Killer: java-memshell-scanner, ASP.NET-Memshell-Scanner
git clone git@github.com:hosch3n/msmap.git cd msmap python generator.py
[Warning] MUST set a unique password, Options are case sensitive.
Edit config/environment.py
# Auto Compile auto_build = True # Base64 Encode Class File b64_class = True # Generate Script File generate_script = True # Compiler Absolute Path java_compiler_path = r"~/jdk1.6.0_04/bin/javac" dotnet_compiler_path = r"C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe"
Edit gist/java/container/tomcat/servlet.py
// Servlet Path Pattern private static String pattern = "*.xml";
If an encryption encoder is used in WsFilter, the password needs to be the same as the path (eg /passwd)
gist/java/container/jdk/javax.py with lib/servlet-api.jar can be replaced depending on the target container.
pip3 install pyperclip to support automatic copying to clipboard.
CMD / SH
AntSword
Behinder
Godzilla
Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…
This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…
GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…
Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…
The free and open-source security platform SecHub, provides a central API to test software with…
Don't worry if there are any bugs in the tool, we will try to fix…