lunasec-io / Spring4Shell-POC
This is a dockerized application that is vulnerable to the Spring4Shell vulnerability (CVE-2022-22965).
☆106Updated 2 years ago
Alternatives and similar repositories for Spring4Shell-POC:
Users that are interested in Spring4Shell-POC are comparing it to the libraries listed below
- ☆281Updated 3 years ago
- Spring Framework RCE (CVE-2022-22965) Nmap (NSE) Checker (Non-Intrusive)☆102Updated 3 years ago
- This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.☆164Updated 4 years ago
- Spring4Shell Proof Of Concept/And vulnerable application CVE-2022-22965☆366Updated 2 years ago
- ☆56Updated 3 years ago
- jolokia-exploitation-toolkit☆288Updated 4 months ago
- Dockerized POC for CVE-2022-42889 Text4Shell☆75Updated 2 years ago
- Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.☆119Updated last year
- Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.☆125Updated 2 years ago
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆173Updated 5 months ago
- JMX enumeration and attacking tool.☆434Updated last month
- This repo contains all the injections mentioned in my talk and enumerators.☆125Updated last year
- RmiTaste allows security professionals to detect, enumerate, interact and exploit RMI services by calling remote methods with gadgets fro…☆107Updated 4 years ago
- Workshop given at Hack in Paris 2019☆121Updated last year
- Find CVE PoCs on GitHub☆147Updated last year
- Dockerized Spring4Shell (CVE-2022-22965) PoC application and exploit☆311Updated 2 years ago
- RCE on Kibana versions before 5.6.15 and 6.6.0 in the Timelion visualizer☆55Updated 5 years ago
- CVE-2021-40346 PoC (HAProxy HTTP Smuggling)☆40Updated 3 years ago
- That repository contains my updates to the well know java deserialization exploitation tool ysoserial.☆178Updated 2 years ago
- This repository contain any information that can be used to hack Kubernetes☆101Updated 2 years ago
- PHP binary bugs advisory☆179Updated 2 years ago
- Burp Bounty profiles compilation, feel free to contribute!☆148Updated 3 years ago
- Log4j jndi injects the Payload generator☆486Updated 3 years ago
- This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a p…☆105Updated last year
- Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228) and the possible Spring RCE vulnerability.☆34Updated 3 years ago
- Check AWS S3 instances for read/write/delete access☆121Updated 3 years ago
- Hidden parameters discovery suite☆223Updated 2 years ago
- The purpose of this project is to demonstrate the Log4Shell exploit with Log4J vulnerabilities using PDF as delivery channel☆158Updated 3 years ago
- WSO2 RCE (CVE-2022-29464) exploit and writeup.☆372Updated 2 years ago
- ☆86Updated 3 years ago