lunasec-io / spring-rce-vulnerable-app
Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228) and the possible Spring RCE vulnerability.
☆34Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for spring-rce-vulnerable-app
- try to determine if a host is vulnerable to SpringShell CVE‐2022‐22965 and CVE‐2022‐22963☆23Updated 2 years ago
- First iteration of ML based Feedback WAF☆57Updated 8 months ago
- Intentionally Vulnerable to Spring4Shell☆51Updated 2 years ago
- Quick WAF "paranoid" Doctor Evaluation | WAFPARAN01D3 Tool☆25Updated 3 years ago
- This is a Poc for BIGIP iControl unauth RCE☆49Updated 3 years ago
- CVE-2021-40346 PoC (HAProxy HTTP Smuggling)☆39Updated 3 years ago
- SSRF to TCP Port Scanning, Banner and Private IP Disclosure by abusing the FTP protocol/clients☆70Updated 3 years ago
- Dockerized POC for CVE-2022-42889 Text4Shell☆75Updated 2 years ago
- Looking for JAR files that are vulnerable to Log4j RCE (CVE‐2021‐44228)?☆45Updated 2 years ago
- Burp extension to filter JSON on the fly with JQ queries in the HTTP message viewer.☆45Updated 3 years ago
- RmiTaste allows security professionals to detect, enumerate, interact and exploit RMI services by calling remote methods with gadgets fro…☆106Updated 4 years ago
- ☆29Updated 6 months ago
- ☆54Updated 3 years ago
- Exploit code for Jira Mobile Rest Plugin SSRF (CVE-2022-26135)☆87Updated 2 years ago
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆74Updated 2 years ago
- ☆86Updated 2 years ago
- A Proof of concept for CVE-2021-27850 affecting Apache Tapestry and leading to unauthencticated remote code execution.☆5Updated last year
- Utility for creating ZipSlip archives☆67Updated last year
- ZAP/Burp plugin that generate script to reproduce a specific HTTP request (Intended for fuzzing or scripted attacks)☆29Updated 2 years ago
- Copy as XMLHttpRequest BurpSuite extension☆30Updated 3 years ago
- client-side prototype pullution vulnerability scanner☆46Updated 3 years ago
- A fingerprint generation helper for nuclei network templates☆72Updated 2 years ago
- PoC repository for CVE-2023-29007☆32Updated last year
- Proof of Concept Exploit for ManageEngine ServiceDesk Plus CVE-2021-44077☆31Updated 2 years ago
- A penetration testing and vulnerability management application written using the powerful django framework.☆28Updated last year
- Spring Framework RCE (CVE-2022-22965) Nmap (NSE) Checker (Non-Intrusive)☆102Updated 2 years ago
- ☆55Updated 3 years ago
- Hacking Artifactory with server side template injection☆51Updated 4 years ago
- The tool exfiltrates data from Couchbase database by exploiting N1QL injection vulnerabilities.☆73Updated 4 years ago
- ☆44Updated 2 years ago