Skip to content

Instantly share code, notes, and snippets.

View seleuchel's full-sized avatar
😄

seleuchel

😄
8 followers · 15 following
  • Infosec119
View GitHub Profile
@mgeeky
mgeeky / struts-cheatsheet.md
Last active August 3, 2024 08:42
Apache Struts devMode Remote Code Execution cheatsheet

Apache Struts Remote Code Execution cheatsheet

Apacje Struts is a open source framework utilizing JavaEE web applications and encouraging to employ MVC (Model View Controller) architecture. When having the application developed in so-called devMode as set in the struts.xml file:

<constant name="struts.devMode" value="true" />

Then the middleware will be handling additional parameters passed to every function invocation.

Testing for Struts devMode enabled

@christiangalsterer
christiangalsterer / nvd_download.sh
Last active October 20, 2025 07:19
Script to download the National Vulnerability Database files from https://nvd.nist.gov
#!/bin/sh
# https://gist.github.com/christiangalsterer/5f55389b9c50c74c31b9
# Copyright 2015 Christian Galsterer
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#