This website uses cookies to improve user experience. By using this website you consent to all cookies in accordance with our terms.

Dismiss

Explore


The Honerix infrastructure leverages plugin modules to mimic the behavior of different web applications, trying to push attackers into deploying their malicious payload. This page lists and describes available plugins; by clicking on the plugin name you are redirected to the results for that module.

Tag search

Popular tags

Apache Struts2 S2-032

Remote Code Execution can be performed via "method:" prefix when Dynamic Method Invocation is enabled

Ref: https://struts.apache.org/docs/s2-032.html

Plugin ID: 35eaed8dafb6344a5574db94a4e0ce45


Apache Struts2 Jakarta Multipart parser RCE

Apache Struts2 (2.3.5-2.3.31 and 2.5-2.5.10) RCE on file upload with Jakarta Multipart parser

CVE: CVE-2017-5638

Ref: https://struts.apache.org/docs/s2-045.html

Plugin ID: ffb3ec6a0a9e06a692cee5cb41a1ae77


Struts2 Prefixed Parameters OGNL Injection Vulnerability

Struts2 (v2.0.0 - 2.3.15) is vulnerable to remote OGNL injection which leads to arbitrary Java method execution on the target server.

CVE: CVE-2013-2251

Ref: https://www.intelligentexploit.com/view-details.html?id=17155

Plugin ID: fe0kao2aihoongoo6eithungeozei8wo