RedTeamPentesting/CVE-2020-13935 RedTeamPentesting/CVE-2020-13935

  • Stars
    star
    163
  • Rank 231,087 (Top 5 %)
  • Language
    Go
  • License
    MIT License
  • Created almost 4 years ago
  • Updated almost 4 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
RedTeamPentesting/CVE-2020-13935
github

RedTeamPentesting

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Exploit for WebSocket Vulnerability in Apache Tomcat

Exploit for WebSocket Vulnerability in Apache Tomcat (CVE-2020-13935)

In the corresponding blog post the analysis and exploitation of the vulnerability is explained in detail.

Usage

Clone the repository, then build the tcdos binary. Run the program as follows to test whether a particular WebSocket endpoint is vulnerable:

$ git clone https://github.com/RedTeamPentesting/CVE-2020-13935
$ cd CVE-2020-13935
$ go build
$ ./tcdos [WebSocket endpoint]

More Repositories

1

pretender

Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing.
Go
946
star
2

monsoon

Fast HTTP enumerator
Go
456
star
3

resocks

mTLS-Encrypted Back-Connect SOCKS5 Proxy
Go
383
star
4

remarkable-encryption

A document encryption solution for the reMarkable 2 ePaper tablet.
Go
50
star
5

kbtls

Establishes mutually trusted TLS connections based on a pre-shared connection key.
Go
46
star
6

bitwarden-windows-hello

Tools to Exploit Bitwarden v2023.3.0 with Windows Hello
Python
29
star
7

moodle-rce-calculatedquestions

Scripts for Analysis of a RCE in Moodle Calculated Questions (CVE-2024-43425)
PHP
8
star
8

postscript_blog_examples

PostScript examples useful for attacking Ghostscript.
PostScript
3
star