coffeehb/Spring4Shell external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

coffeehb/Spring4Shell

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/coffeehb/Spring4Shell)

Close

coffeehb / Spring4ShellView on GitHubMore

• External links
• Readme badge

一个Spring4Shell 被动式检测的Burp插件

☆93Apr 8, 2022Updated 3 years ago

Alternatives and similar repositories for Spring4Shell

Users that are interested in Spring4Shell are comparing it to the libraries listed below

• achuna33 / MYJNDIExploit

  View on GitHub
  自己的JNDI 利用工具，添加一些人性化功能
  ☆131Sep 4, 2022Updated 3 years ago
• metaStor / SpringScan

  View on GitHub
  SpringScan 漏洞检测 Burp插件
  ☆605Nov 14, 2023Updated 2 years ago
• passer-W / snakeyaml-memshell

  View on GitHub
  springboot跨线程注入内存马
  ☆123Apr 10, 2022Updated 3 years ago
• Wrin9 / weaverOA_v9_ALL_upload_RCE

  View on GitHub
  泛微OA_V9全版本前台任意文件上传漏洞
  ☆29Apr 26, 2022Updated 3 years ago
• SummerSec / AgentInjectTool

  View on GitHub
  改造BeichenDream/InjectJDBC加入shiro获取key和修改key功能
  ☆279Nov 28, 2023Updated 2 years ago
• z1un / TongdaOA-exp

  View on GitHub
  TongdaOA 11.7 ~11.8 通达OA，任意用户登录+后台getshell
  ☆86Jul 16, 2021Updated 4 years ago
• canc3s / cIPR

  View on GitHub
  将域名转为ip段权重
  ☆215Mar 14, 2023Updated 2 years ago
• zilong3033 / fastjsonScan

  View on GitHub
  fastjson漏洞burp插件，检测fastjson<1.2.68基于dnslog，fastjson<=1.2.24和1.2.33<=fatjson<=1.2.47的不出网检测和TomcatEcho,SpringEcho回显方案。
  ☆124May 14, 2021Updated 4 years ago
• ce-automne / SunloginRCE

  View on GitHub
  向日葵RCE，网段扫描/中文显示
  ☆130Mar 4, 2022Updated 3 years ago
• pmiaowu / log4j2Scan

  View on GitHub
  用于帮助企业内部快速扫描log4j2的jndi漏洞的burp插件
  ☆213Apr 18, 2023Updated 2 years ago
• Firebasky / ScanShiro

  View on GitHub
  一个批量扫描shiro漏洞的工具,支持AES/CMG
  ☆79Jan 18, 2023Updated 3 years ago
• Wrin9 / weaverOA_sql_RCE

  View on GitHub
  泛微OA_V9全版本的SQL远程代码执行漏洞
  ☆157Apr 20, 2022Updated 3 years ago
• LandGrey / spring-boot-upload-file-lead-to-rce-tricks

  View on GitHub
  spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧
  ☆754Apr 14, 2021Updated 4 years ago
• Rvn0xsy / PassDecode-jar

  View on GitHub
  帆软/致远密码解密工具
  ☆360Jul 29, 2021Updated 4 years ago
• f0ng / log4j2burpscanner

  View on GitHub
  CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks
  ☆840Jun 13, 2023Updated 2 years ago
• Ch1ngg / JCE

  View on GitHub
  JCE - JSP/JPSX CodeEncode - 用于 Webshell 逃避静态查杀的辅助脚本
  ☆258Oct 29, 2021Updated 4 years ago
• wafinfo / Sunflower_get_Password

  View on GitHub
  一款针对向日葵的识别码和验证码提取工具
  ☆922Nov 1, 2021Updated 4 years ago
• Yihsiwei / GetOut360

  View on GitHub
  强制关闭360 需要管理员权限
  ☆171Feb 6, 2022Updated 4 years ago
• Ryze-T / Sylas

  View on GitHub
  数据库综合利用工具
  ☆544Feb 16, 2022Updated 4 years ago
• yuyan-sec / druid_sessions

  View on GitHub
  获取 alibaba druid 一些 sessions , sql , urls
  ☆292Apr 4, 2025Updated 10 months ago
• LFYSec / ActuatorExploit

  View on GitHub
  SpringBoot Actuator未授权自动化利用，支持信息泄漏/RCE
  ☆230Dec 5, 2020Updated 5 years ago
• safe6Sec / PentestDB

  View on GitHub
  各种数据库的利用姿势
  ☆1,034Jan 3, 2025Updated last year
• Daybr4ak / C2ReverseProxy

  View on GitHub
  一款可以在不出网的环境下进行反向代理及cs上线的工具
  ☆491Apr 26, 2023Updated 2 years ago
• broken5 / FofaScan

  View on GitHub
  ☆14Dec 8, 2022Updated 3 years ago
• Peony2022 / shiro_killer

  View on GitHub
  批量ShiroKey检测爆破工具
  ☆308Jan 4, 2023Updated 3 years ago
• 0671 / RabR

  View on GitHub
  Redis-Attack By Replication (通过主从复制攻击Redis)
  ☆356Nov 25, 2022Updated 3 years ago
• r0eXpeR / fingerprint

  View on GitHub
  各种工具指纹收集分享
  ☆529Nov 3, 2021Updated 4 years ago
• linshaoSec / SeeyonExploit-GUI

  View on GitHub
  致远OA综合利用工具
  ☆231Dec 31, 2021Updated 4 years ago
• whwlsfb / SpringSpider

  View on GitHub
  Spring Actuator端点的BurpSuite被动扫描插件。
  ☆202Nov 2, 2022Updated 3 years ago
• safe6Sec / ShellManageTool

  View on GitHub
  在网传的哥斯拉&冰蝎源码基础上加了一点注释
  ☆258May 16, 2022Updated 3 years ago
• whwlsfb / Log4j2Scan

  View on GitHub
  Log4j2 RCE Passive Scanner plugin for BurpSuite
  ☆827Aug 4, 2023Updated 2 years ago
• sp4zcmd / WeblogicExploit-GUI

  View on GitHub
  Weblogic漏洞利用图形化工具 支持注入内存马、一键上传webshell、命令执行
  ☆775Apr 20, 2022Updated 3 years ago
• keven1z / weblogic_memshell

  View on GitHub
  适用于weblogic和Tomcat的无文件的内存马(memshell)
  ☆269Mar 4, 2022Updated 3 years ago
• kezibei / yongyou_nc_poc

  View on GitHub
  ☆117Sep 13, 2023Updated 2 years ago
• exp1orer / JNDI-Inject-Exploit

  View on GitHub
  解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用，探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入
  ☆770Jan 26, 2022Updated 4 years ago
• yuyan-sec / Doraemon

  View on GitHub
  渗透辅助 BurpSuite 小插件
  ☆232Nov 26, 2025Updated 3 months ago
• test502git / log4j-fuzz-head-poc

  View on GitHub
  批量检测log4j漏洞，主要还是批量fuzzz 头
  ☆33Dec 12, 2021Updated 4 years ago
• Tas9er / ByPassBehinder4J

  View on GitHub
  冰蝎Java WebShell自动化免杀生成
  ☆783Mar 15, 2022Updated 3 years ago
• dr0op / shiro-550-with-NoCC

  View on GitHub
  Shiro-550 不依赖CC链利用工具
  ☆451Jun 19, 2024Updated last year