LogoAISecKit
  • Search
  • Collection
  • Category
  • Tag
  • Blog
  • Pricing
  • Submit
LogoAISecKit

Newsletter

Join the Community

Subscribe to our newsletter for the latest news and updates

LogoAISecKit

Curated directory of 1700+ AI tools, models, frameworks, MCP servers, and cybersecurity resources

GitHub
Product
  • Search
  • Collection
  • Category
  • Tag
Resources
  • Blog
  • Pricing
  • Submit
Company
  • About Us
  • Privacy Policy
  • Terms of Service
  • Sitemap
Copyright © 2026 All Rights Reserved.
Sponsored Resources
  1. Home
  3. Category
  7. P4r4d1se/heapdump_shiro_vuln

P4r4d1se/heapdump_shiro_vuln

A heapdump leads to Shiro key leaks causing a remote code execution (RCE) vulnerability environment.

Visit Website
Visit Website

Introduction

Overview

The heapdump_shiro_vuln repository provides a vulnerable environment that demonstrates how heapdump can leak the Shiro key leading to RCE vulnerabilities.

Key Features
  • Vulnerability Demonstration: The environment showcases a Shiro deserialization vulnerability that can be exploited if the Shiro key is obtained.
  • Docker Support: The project can be easily run using Docker, allowing for quick setup and testing in isolated environments.
  • Heapdump Access: Users can access the /actuator/heapdump endpoint to obtain the heapdump file and extract the Shiro key.
  • Version Compatibility: Demonstrates vulnerabilities specific to Shiro version 1.8.0.
Benefits
  • Educational Tool: Ideal for security researchers and developers to understand the risks associated with Shiro key leaks.
  • Hands-On Experience: Allows users to practice exploitation techniques in a controlled setting, enhancing security skillsets.
Highlights
  • The repository is actively maintained and updated for usability and improved functionality.
Back

Information

  • Publisher
    AISecKit
  • Websitegithub.com
  • Published date2025/04/28

Categories

  • Incident Response Tools
  • Vulnerability Disclosure
  • Security Training Platforms

Tags

  • Application Security
  • Exploit Development
  • Security Auditing
  • Vulnerability Scanning
  • Red Team Operations

More Products

E
Penetration TestingSecurity Training PlatformsAI Security Monitoring
Visit Website
icon of Exploiting AI

Exploiting AI

An introductory class on understanding AI security risks and mitigation strategies.

Prompt InjectionGenerative AIRed Team TestingData Poisoning
A
Security Training PlatformsCTF ResourcesAI Security Monitoring
Visit Website
icon of AI Red Teaming Playground Labs

AI Red Teaming Playground Labs

AI Red Teaming playground labs to run AI Red Teaming trainings including infrastructure.

Red Team TestingVulnerability Scanning
C
AI Application PlatformsPenetration TestingVulnerability Disclosure
Visit Website
icon of Cybersecurity AI

Cybersecurity AI

Cybersecurity AI (CAI) is an open Bug Bounty-ready Artificial Intelligence framework for enhancing security operations.

Open SourceBug Bounty