Msmap is a Memory WebShell Generator. Compatible with various Containers, Components, Encoder, WebShell / Proxy / Killer and Management Clients.
*: SpringHandler only support for JDK8+
*: Default support for Linux Tomcat 8/9, more versions can be adapted according to the advanced guide.
Proxy: Neo-reGeorg, wsproxy
Killer: java-memshell-scanner, ASP.NET-Memshell-Scanner
git clone git@github.com:hosch3n/msmap.git cd msmap python generator.py
[Warning] MUST set a unique password, Options are case sensitive.
Edit config/environment.py
# Auto Compile auto_build = True # Base64 Encode Class File b64_class = True # Generate Script File generate_script = True # Compiler Absolute Path java_compiler_path = r"~/jdk1.6.0_04/bin/javac" dotnet_compiler_path = r"C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe"
Edit gist/java/container/tomcat/servlet.py
// Servlet Path Pattern private static String pattern = "*.xml";
If an encryption encoder is used in WsFilter, the password needs to be the same as the path (eg /passwd)
gist/java/container/jdk/javax.py with lib/servlet-api.jar can be replaced depending on the target container.
pip3 install pyperclip to support automatic copying to clipboard.
CMD / SH
AntSword
Behinder
Godzilla
A fresh Linux VPS may look ready to use immediately, but skipping the initial security…
If you want to host dynamic PHP websites or applications like WordPress, Laravel, or Magento,…
Java remains one of the most widely used programming platforms for servers, enterprise applications, Android…
Ubuntu users often download software directly from developer websites instead of using the default app…
Installing Ubuntu 26.04 LTS is only the first step toward building a smooth, secure, and…
What is a Software Supply Chain Attack? A software supply chain attack occurs when a…