Traditional attack techniques that require file landing are often restricted. Web-based fileless attack techniques have gradually become a new research trend in Web security.
Regarding the servlet in tomcat, the filter is visible --> Tomcat execution process
Write servlet into memory, servlet code is equivalent to webshell
Singleton mode, one-time, servlet is a java file, servlet inherits a java file from httpservlet, the front-end access servlet must have a path to save to the back-end, tomcat reads tomcat and instantiates an object,
tomcat