Tools for investigating Log4j CVE-2021-44228

Last update: Dec 29, 2022

Related tags

Security related resources Log4jTools

Overview

Log4jTools

Tools for investigating Log4j CVE-2021-44228

FetchPayload.py (Get java payload from ldap path provided in JNDI lookup).

Example command:

Requirements: curl (system), requests (python)

python FetchPayload.py ldap://maliciouserver:1337/path

[+] getting object from ldap://maliciouserver:1337/path
[+] exploit payload: http://maliciouserver:80/Exploit.class
[+] seeing if attacker left behind un-compile payload http://maliciouserver:80/Exploit.java
[x] failed to find payload Exploit.java
[+] trying to fetch compiled payload http://maliciouserver:80/Exploit.class
[+] found payload and saved to file Exploit.class_

Owner

MalwareTech

GitHub Repository

xp_CAPTCHA(白嫖版) burp 验证码识别 burp插件

xp_CAPTCHA(白嫖版) 说明 xp_CAPTCHA (白嫖版) 验证码识别 burp插件安装需要python3 小于3.7的版本安装 muggle_ocr 模块（大概400M左右） python3 -m pip install -i http://mirrors.aliyun.com/

588 Jan 09, 2023

Official implementation of the paper "Backdoor Attacks on Self-Supervised Learning".

SSL-Backdoor Abstract Large-scale unlabeled data has allowed recent progress in self-supervised learning methods that learn rich visual representation

44 Nov 21, 2022

✨ Powerfull & Universal Link Bypasser ✨

4 Jun 03, 2022

Apache Flink 目录遍历漏洞批量检测 (CVE-2020-17519)

使用方法&免责声明该脚本为Apache Flink 目录遍历漏洞批量检测 (CVE-2020-17519)。使用方法：Python CVE-2020-17519.py urls.txt urls.txt 中每个url为一行，漏洞地址输出在vul.txt中影响版本： Apache Flink 1

45 Sep 21, 2022

Python Toolkit containing different Cyber Attacks Tools

Helikopter Python Toolkit containing different Cyber Attacks Tools. Tools in Helikopter Toolkit 1. FattyNigger (PYTHON WORM) 2. Taxes (PYTHON PASS EXT

22 Dec 04, 2022

Android Malware Behavior Deleter

Android Malware Behavior Deleter UDcide UDcide is a tool that provides alternative way to deal with Android malware. We help you to detect and remove

27 Sep 23, 2022

This is a multi-password‌ cracking tool that can help you hack facebook accounts very quickly

Pro_Crack Facebook Fast Cracking Tool This is a multi-password‌ cracking tool that can help you hack facebook accounts very quickly Installation On Te

1 Jan 16, 2022

Dlint is a tool for encouraging best coding practices and helping ensure Python code is secure.

Dlint Dlint is a tool for encouraging best coding practices and helping ensure Python code is secure. The most important thing I have done as a progra

127 Dec 27, 2022

使用golang重写开源工具wafw00f

GO-WAFW00F 介绍 WAFW00F是一款优秀的web应用防火墙识别开源工具：https://github.com/EnableSecurity/wafw00f 使用Golang重写的原因：Python环境配置不便利，Golang打包生成可执行文件直接运行目前还在开发阶段，规则解析存在小问题

80 Dec 30, 2021

⛤Keylogger Generator for Windows written in Python⛤

33 Nov 24, 2022

Script to calculate Active Directory Kerberos keys (AES256 and AES128) for an account, using its plaintext password

27 Dec 20, 2022

GitLab CI security tools runner

Common Security Pipeline Описание проекта: Данный проект является вариантом реализации DevSecOps практик, на базе: GitLab DefectDojo OpenSouce tools g

14 Dec 23, 2022

Exploit-CVE-2021-21086

CVE-2021-21086 Exploit This exploit allows to execute a shellcode in the context of the rendering process of Adobe Acrobat Reader DC 2020.013.20074 an

23 Nov 09, 2022

Threat research and reporting from IronNet's Threat Research Teams

IronNet Threat Research 🕵️ Overview This repository contains IronNet's Threat Research. Research & Reporting 📝 Project Description Cobalt Strike Res

36 Dec 02, 2022

Tools to make working the Arch Linux Security Tracker easier

This is a collection of Python scripts to make working with the Arch Linux Security Tracker easier.

6 Jul 13, 2022

Solución al reto BBVA Contigo, Hack BBVA 2021

Solution Solución propuesta para el reto BBVA Contigo del Hackathon BBVA 2021. Equipo Mexdapy. Integrantes: David Pedroza Segoviano Regina Priscila Ba

2 Dec 06, 2021

Spray365 is a password spraying tool that identifies valid credentials for Microsoft accounts (Office 365 / Azure AD).

What is Spray365? Spray365 is a password spraying tool that identifies valid credentials for Microsoft accounts (Office 365 / Azure AD). How is Spray3

246 Dec 28, 2022

Guess the password for Tik Tok accounts

Guess the password for Tik Tok accounts Tool features : You don't need proxies There is no captcha Running on a private api Combo T

32 Dec 25, 2022

Glass是一款针对资产列表的快速指纹识别工具，通过调用Fofa/ZoomEye/Shodan/360等api接口

Glass是一款针对资产列表的快速指纹识别工具，通过调用Fofa/ZoomEye/Shodan/360等api接口快速查询资产信息并识别重点资产的指纹，也可针对IP/IP段或资产列表进行快速的指纹识别。

764 Jan 05, 2023

simple python keylogger

HELLogger simple python keylogger DISCLAIMERS: DON'T DO BAD THINGS. THIS PROGRAM IS MEANT FOR PERSONAL USES ONLY. USE IT ONLY IN COMPUTERS WHERE YOU H

10 Nov 10, 2022

Tools for investigating Log4j CVE-2021-44228

Related tags

Overview

Log4jTools

FetchPayload.py (Get java payload from ldap path provided in JNDI lookup).

Owner

MalwareTech

xp_CAPTCHA(白嫖版) burp 验证码 识别 burp插件

Official implementation of the paper "Backdoor Attacks on Self-Supervised Learning".

✨ Powerfull & Universal Link Bypasser ✨

Apache Flink 目录遍历漏洞批量检测 (CVE-2020-17519)

Python Toolkit containing different Cyber Attacks Tools

Android Malware Behavior Deleter

This is a multi-password‌ cracking tool that can help you hack facebook accounts very quickly

Dlint is a tool for encouraging best coding practices and helping ensure Python code is secure.

使用golang重写开源工具wafw00f

⛤Keylogger Generator for Windows written in Python⛤

Script to calculate Active Directory Kerberos keys (AES256 and AES128) for an account, using its plaintext password

GitLab CI security tools runner

Exploit-CVE-2021-21086

Threat research and reporting from IronNet's Threat Research Teams

Tools to make working the Arch Linux Security Tracker easier

Solución al reto BBVA Contigo, Hack BBVA 2021

Spray365 is a password spraying tool that identifies valid credentials for Microsoft accounts (Office 365 / Azure AD).

Guess the password for Tik Tok accounts

Glass是一款针对资产列表的快速指纹识别工具，通过调用Fofa/ZoomEye/Shodan/360等api接口

simple python keylogger

xp_CAPTCHA(白嫖版) burp 验证码识别 burp插件