NCSC-NL/spring4shell

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/NCSC-NL/spring4shell)

NCSC-NL / spring4shell

Operational information regarding the Spring4Shell vulnerability in the Spring Core Framework

☆175

Alternatives and similar repositories for spring4shell

Users that are interested in spring4shell are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

krisnova / boopkit
View on GitHub
Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.
☆1,665Oct 19, 2023Updated 2 years ago
s0md3v / Smap
View on GitHub
a drop-in replacement for Nmap powered by shodan.io
☆3,203May 1, 2025Updated 10 months ago
mytechnotalent / Hacking-Windows
View on GitHub
A FREE Windows C development course where we will learn the Win32API and reverse engineer each step utilizing IDA Free in both an x86 and…
☆1,565Updated this week
trufflesecurity / trufflehog
View on GitHub
Find, verify, and analyze leaked credentials
☆25,121Updated this week
jfrog / jfrog-spring-tools
View on GitHub
☆79Apr 6, 2022Updated 3 years ago
DigitalOcean Gradient AI Platform • Ad
Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
as0ler / vecna
View on GitHub
Automatic tool to find arbitrary Intent that gets reflected back vulnerabilities on Android apps.
☆12Nov 15, 2022Updated 3 years ago
ethicalhackingplayground / crlfmap
View on GitHub
CRLFMap is a tool to find HTTP Splitting vulnerabilities
☆25Jul 31, 2020Updated 5 years ago
shriyanss / Log-Venom
View on GitHub
Inject different payloads in the log of your target
☆18Apr 3, 2022Updated 3 years ago
slyd0g / SharpCryptUnprotectData
View on GitHub
☆15Feb 9, 2022Updated 4 years ago
pry0cc / pscan
View on GitHub
A parallel scanner that utilises axiom to spin up servers and parallel scan using masscan.
☆16Jul 1, 2020Updated 5 years ago
P4x1s / CVE-2024-23897
View on GitHub
CVE-2024-23897 jenkins-cli
☆15Jan 27, 2024Updated 2 years ago
cygenta / CVE-2020-3452
View on GitHub
☆26Jun 2, 2022Updated 3 years ago
RiccardoAncarani / DirSync-Poc
View on GitHub
A PoC that uses the DirSync protocol to poll Active Directory for changes
☆13Aug 16, 2020Updated 5 years ago
ninoseki / fanger
View on GitHub
An npm package to defang and refang IoC
☆13Sep 7, 2025Updated 6 months ago
DigitalOcean Gradient AI Platform • Ad
Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
PwnDefend / cyber_leadership_slide_examples
View on GitHub
☆18Apr 16, 2022Updated 3 years ago
shubham-rooter / Xss-automation
View on GitHub
☆11Apr 8, 2024Updated last year
eCrimeLabs / cratos-fastapi
View on GitHub
The CRATOS proxy API integrates with your MISP instance and allows to extract indicators that can be consumed by security components such…
☆13Sep 21, 2025Updated 6 months ago
ac0d3r / cslauncher
View on GitHub
Cobalt Strike Launcher on macOS
☆12Nov 28, 2022Updated 3 years ago
shupp / VegaDNS-API
View on GitHub
A successor to VegaDNS, this is a REST API for managing DNS records in MySQL for use with tinydns.
☆18Dec 8, 2022Updated 3 years ago
nirsarkar / vscan
View on GitHub
☆36Jun 23, 2022Updated 3 years ago
romanrounkle / burp_extensions
View on GitHub
Burp Suite Extensions
☆12Oct 19, 2021Updated 4 years ago
warp682 / SubdomainEnumeration
View on GitHub
All about subdomain enumeration
☆16Feb 5, 2019Updated 7 years ago
PwnDefend / AzureAuditPrep
View on GitHub
☆13Dec 29, 2020Updated 5 years ago
Managed Kubernetes at scale on DigitalOcean • Ad
DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
SentineLabs / log4j_response
View on GitHub
☆15Dec 22, 2021Updated 4 years ago
LeakIX / l9fuzz
View on GitHub
Help fuzz various protocols and waits for ping backs Integrates LDAP server and JNDI payload
☆11Dec 27, 2021Updated 4 years ago
2igosha / sunburst_dga
View on GitHub
☆22Dec 22, 2020Updated 5 years ago
smokeme / ProxyNotShell
View on GitHub
☆19Oct 2, 2022Updated 3 years ago
jackrichardzon / s4p0
View on GitHub
☆14Jul 13, 2020Updated 5 years ago
MISP / misp-grafana
View on GitHub
A real-time Grafana dashboard using MISP ZeroMQ message queue and InfluxDB
☆19Mar 15, 2024Updated 2 years ago
1ultimat3 / tld-scan
View on GitHub
Top level domain scanner in Go
☆30Sep 24, 2023Updated 2 years ago
darkquasar / AzureHunter
View on GitHub
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
☆790Oct 29, 2022Updated 3 years ago
klaammer / AbuseCH-to-MISP
View on GitHub
Import AbuseCH IOC Feeds into MISP
☆12Feb 17, 2021Updated 5 years ago
Managed Database hosting by DigitalOcean • Ad
PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
momika233 / Oracle-E-Business_Login
View on GitHub
☆17May 21, 2022Updated 3 years ago
jbaines-r7 / staystaystay
View on GitHub
Proof of Concept for CVE-2021-1585: Cisco ASA Device Manager RCE
☆13Aug 15, 2022Updated 3 years ago
blackhatethicalhacking / malicious-pdf
View on GitHub
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
☆33May 1, 2022Updated 3 years ago
Scoubi / Cypher-Workshop
View on GitHub
Cypher for Defenders: Leveraging Bloodhound Data Beyond the UI
☆26Feb 8, 2024Updated 2 years ago
dinosn / CVE-2022-22963
View on GitHub
CVE-2022-22963 PoC
☆117Mar 30, 2022Updated 3 years ago
jfmaes / Red-Route53-Interactive
View on GitHub
☆19Aug 26, 2020Updated 5 years ago
fullhunt / spring4shell-scan
View on GitHub
A fully automated, reliable, and accurate scanner for finding Spring4Shell and Spring Cloud RCE vulnerabilities
☆657Apr 7, 2022Updated 3 years ago