Spring4Shell-POC
This is a dockerized application that is vulnerable to the Spring4Shell vulnerability (CVE-2022-22965). (by lunasec-io)
SpringShell
Spring4Shell - Spring Core RCE - CVE-2022-22965 (by TheGejr)
Spring4Shell-POC | SpringShell | |
---|---|---|
1 | 2 | |
103 | 128 | |
0.0% | - | |
0.0 | 1.8 | |
almost 2 years ago | about 2 years ago | |
Python | Python | |
- | - |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Spring4Shell-POC
Posts with mentions or reviews of Spring4Shell-POC.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-04-11.
-
Spring4Shell: An Application Vulnerable to RCE
The amazing group of members at Lunasec developed a Java Web Application that is vulnerable to the Spring4Shell vulnerability (CVE-2022-22965), The Application is dockerized so that it can be easily implemented, The Application was built based on the tutorials provided on the official Documentation of Spring for Form Handling. Github Link: https://github.com/lunasec-io/Spring4Shell-POC
SpringShell
Posts with mentions or reviews of SpringShell.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-03-30.
-
Spring Core on JDK9 is vulnerable to remote code execution
I'll ask my engineers to post the one he wrote. He did put more details into the article, so go check that. Here is a repo with a POC though: https://github.com/TheGejr/SpringShell
What are some alternatives?
When comparing Spring4Shell-POC and SpringShell you can also consider the following projects:
nuclei-templates - Community curated list of templates for the nuclei engine to find security vulnerabilities.
hackerone-reports - Top disclosed reports from HackerOne
UnSAFE_Bank - Vulnerable Banking Suite
Spring4Shell-POC - Spring4Shell Proof Of Concept/And vulnerable application CVE-2022-22965
apache-tomcat-8.0.26-src - Tomcat Source Code
Spring4Shell-Detection - Lazy SPL to detect Spring4Shell exploitation
PoC-CVE-2022-30190 - POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follina
VAmPI - Vulnerable REST API with OWASP top 10 vulnerabilities for security testing
spring-rce-war
Spring4Shell-POC vs nuclei-templates
SpringShell vs hackerone-reports
Spring4Shell-POC vs UnSAFE_Bank
SpringShell vs Spring4Shell-POC
Spring4Shell-POC vs Spring4Shell-POC
SpringShell vs apache-tomcat-8.0.26-src
Spring4Shell-POC vs Spring4Shell-Detection
SpringShell vs PoC-CVE-2022-30190
Spring4Shell-POC vs VAmPI
SpringShell vs spring-rce-war