Skip to content
HackIndex logo

HackIndex

Tomcat / AJP

Tomcat AJP connector

:8009 6 guides 3 phases

1 min read
Updated: Apr 19, 2026

What is AJP?
AJP is a binary protocol used between a front-end proxy and an application server such as Tomcat.

Common security issues

  • AJP exposed to untrusted networks when it should be internal-only

  • Misconfiguration allowing access to internal app paths

  • Weak connector secrets or missing connector restrictions

  • Java web stack exposure that expands the reachable attack surface

Enumeration Nmap guides for AJP fingerprinting and URI enumeration on Tomcat
Exploitation Guides on deploying malicious WAR files via Tomcat Manager
Vulnerability Discovery Ghostcat file read via AJP and exposed Manager discovery