Spring4Shell-POC is a dockerized application that is vulnerable to the Spring4Shell vulnerability (CVE-2022-22965). Full Java source for the war is provided and modifiable, the war will get re-built whenever the docker image is built. The built WAR will then be loaded by Tomcat. There is nothing special about this application, it’s a simple hello world that’s based off Spring tutorials.
docker build . -t spring4shell && docker run -p 8080:8080 spring4shellpython exploit.py --url "http://localhost:8080/helloworld/greeting"cmd GET parameter for your commands. (http://localhost:8080/shell.jsp by default)GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…
Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…
The free and open-source security platform SecHub, provides a central API to test software with…
Don't worry if there are any bugs in the tool, we will try to fix…
hrtng IDA plugin is a collection of tools, ideas and experiments from different sources I've…
A stealthy command line tool to create TCP-over-CDN(http) tunnels that keep your connections cozy and…