Spring4Shell-POC is a dockerized application that is vulnerable to the Spring4Shell vulnerability (CVE-2022-22965). Full Java source for the war is provided and modifiable, the war will get re-built whenever the docker image is built. The built WAR will then be loaded by Tomcat. There is nothing special about this application, it’s a simple hello world that’s based off Spring tutorials.
docker build . -t spring4shell && docker run -p 8080:8080 spring4shellpython exploit.py --url "http://localhost:8080/helloworld/greeting"cmd GET parameter for your commands. (http://localhost:8080/shell.jsp by default)BypassAV refers to the collection of techniques and tools used to bypass antivirus (AV) and…
ComDotNetExploit is a Proof of Concept (PoC) tool designed to demonstrate the exploitation of Windows…
Trigon is a sophisticated deterministic kernel exploit targeting Apple’s iOS devices, leveraging the CVE-2023-32434 vulnerability.…
Bug bounty report templates are essential tools for streamlining the process of documenting vulnerabilities. They…
FullBypass is a tool designed to circumvent Microsoft's Antimalware Scan Interface (AMSI) and PowerShell's Constrained…
Carseat is a Python-based tool that replicates the functionality of the well-known security auditing tool,…