lunasec-io / spring-rce-vulnerable-appLinks
Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228) and the possible Spring RCE vulnerability.
☆34Updated 3 years ago
Alternatives and similar repositories for spring-rce-vulnerable-app
Users that are interested in spring-rce-vulnerable-app are comparing it to the libraries listed below
Sorting:
- RCE for Pega Infinity >= 8.2.1, Pega Infinity <= 8.5.2☆60Updated 4 years ago
- SSRF to TCP Port Scanning, Banner and Private IP Disclosure by abusing the FTP protocol/clients☆70Updated 4 years ago
- Burp extension to filter JSON on the fly with JQ queries in the HTTP message viewer.☆48Updated 4 years ago
- CVE-2021-40346 PoC (HAProxy HTTP Smuggling)☆41Updated 4 years ago
- Everything I needed to understand what was going on with "Spring4Shell" - translated source materials, exploit, links to demo apps, and m…☆107Updated 3 years ago
- Static code analysis tool based on Elasticsearch☆129Updated 4 years ago
- Exploit code for Jira Mobile Rest Plugin SSRF (CVE-2022-26135)☆88Updated 3 years ago
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆76Updated 3 years ago
- Recurrent Neural Network SubDomain Discovery Tool☆95Updated 3 years ago
- RmiTaste allows security professionals to detect, enumerate, interact and exploit RMI services by calling remote methods with gadgets fro…☆108Updated 5 years ago
- Looking for JAR files that are vulnerable to Log4j RCE (CVE‐2021‐44228)?☆45Updated 3 years ago
- A Burp Suite extension which augments your proxy traffic by injecting log4shell payloads into headers☆42Updated 3 years ago
- A malicious LDAP server for JNDI injection attacks☆75Updated last year
- The tool exfiltrates data from Couchbase database by exploiting N1QL injection vulnerabilities.☆77Updated 5 years ago
- NSE script to detect ProxyOracle☆13Updated 4 years ago
- A Burp extension to show the Collaborator client in a tab☆24Updated 2 years ago
- ☆54Updated 4 years ago
- Compiles a list of major CDN and WAF subnets.☆66Updated this week
- Adds extensibility to Burp by using a list of payloads to pattern match on HTTP responses highlighting interesting and potentially vulner…☆15Updated 2 years ago
- ☆36Updated 9 months ago
- try to determine if a host is vulnerable to SpringShell CVE‐2022‐22965 and CVE‐2022‐22963☆23Updated 3 years ago
- Default plugins for Jaeles Scanner☆35Updated 5 years ago
- Contains all my research and content produced regarding the log4shell vulnerability☆31Updated 3 years ago
- Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.☆128Updated 2 years ago
- client-side prototype pullution vulnerability scanner☆46Updated 4 years ago
- Compiled dataset of Java deserialization CVEs☆60Updated 5 years ago
- Trickest Workflow for discovering log4j vulnerabilities and gathering the newest community payloads.☆112Updated 3 years ago
- ☆32Updated last year
- Writeup of CVE-2020-15906☆49Updated 5 years ago
- ☆84Updated last year