Apache Tomcat Scanner v3.5 releases: scan for Apache Tomcat server vulnerabilities
Apache Tomcat Scanner
A python script to scan for Apache Tomcat server vulnerabilities.
- Multithreaded workers to search for Apache tomcat servers.
- Multiple target sources accepted:
- Retrieving list of computers from a Windows domain through an LDAP query to use them as a list of targets.
- Reading targets line by line from a file.
- Reading individual targets (IP/DNS/CIDR) from
- Custom list of ports to test.
- Tests for
- Tests for default credentials to access the Tomcat Manager.
- List the CVEs of each version with the
Change log v3.5
Added new payload in tomcat version detection.
git clone https://github.com/p0dalirius/ApacheTomcatScanner.git
You can also list the CVEs of each version with the –list-cves option: