S4S-Scanner Burp Extension
Spring4Shell Burp Scanner Extension
Passive Scanner: It scan for keywords for Spring Boot error pages. Active Scanner: It initialize Burp Collaborator and test /functionRouter path of the URL without any harmful activity for CVE-2022-22963, upload only like a text file for CVE-2022-22965.
You can use with BurpSuite Extender and Jython.
Made with bare hands by Onur Osman Gule in 31-03-2022 for CVE-2022-22963 and CVE-2022-22965 - SpringShell
Thanks @craig for CVE-2022-22965 PoC.
Modified by f0xtty based on the exploit: https://github.com/reznok/Spring4Shell-POC