open detection and scanning tool for discovering and fuzzing for Log4J RCE CVE-2021-44228 vulnerability

Related tags

Security related resourcesCVE-2021-44228-log4jVulnScanner-metasploit
Overview

CVE-2021-44228-log4jVulnScanner-metasploit

open detection and scanning tool for discovering and fuzzing for Log4J RCE CVE-2021-44228 vulnerability

preparation POC

git clone https://github.com/TaroballzChen/CVE-2021-44228-log4jVulnScanner-metasploit
cd CVE-2021-44228-log4jVulnScanner-metasploit
mkdir -p ~/.msf4/modules/auxiliary/scanner/http
cp log4j2.py ~/.msf4/modules/auxiliary/scanner/http/
chmod +x ~/.msf4/modules/auxiliary/scanner/http/log4j2.py
msfconsole

POC usage

use auxiliary/scanner/http/log4j2
set url 
   
    
set dns 
    
     
set request_type 
     
      
set headers_file

result

poc1 poc2

Reference

Owner
Taroballz
Taroballz
GitHub Repository
RedTeam-Security - In this repo you will get the information of Red Team Security related links

OSINT Passive Discovery Amass - https://github.com/OWASP/Amass (Attack Surface M

Abhinav Pathak 5 May 18, 2022
A DOM-based G-Suite password sprayer and user enumerator

A DOM-based G-Suite password sprayer and user enumerator

Mayk 1 Apr 07, 2022
Domain abuse scanner covering domainsquatting and phishing keywords.

๐Ÿฆท monodon ๐Ÿ‹ Domain abuse scanner covering domainsquatting and phishing keywords. Setup Monodon is a Python 3.7+ programm. To setup on a Linux machin

2 Mar 15, 2022
A python implementation of the windows 95 product key check.

Windows 95 Product Key Check Info: This is a python implementation of the windows 95 product key check. This was just a bit of fun and a massive 5 hou

11 Aug 07, 2022
Apache OFBiz rmiๅๅบๅˆ—ๅŒ–EXP(CVE-2021-26295)

Apache OFBiz rmiๅๅบๅˆ—ๅŒ–EXP(CVE-2021-26295) ็›ฎๅ‰ไป…ๆ”ฏๆŒncๅผนshell ๅฐ†ysoserial.jarๆ”พ็ฝฎๅœจๅŒ็›ฎๅฝ•ไธ‹๏ผŒpy3่ฟ่กŒ๏ผŒๆ นๆฎๆ็คบ่พ“ๅ…ฅๆผๆดžurl๏ผŒไฝ ็š„vpsๅœฐๅ€ๅ’Œ็ซฏๅฃ ็ฌฌไบŒๆฌกไฝฟ็”จๅปบ่ฎฎๅˆ ้™คexp.ot ๆœฌๅทฅๅ…ทไป…็”จไบŽๅฎ‰ๅ…จๆต‹่ฏ•๏ผŒ็ฆๆญขๆœชๆŽˆๆƒ้žๆณ•ๆ”ปๅ‡ป็ซ™็‚น๏ผŒๅฆๅˆ™ๅŽๆžœ่‡ช่ดŸ

15 Nov 09, 2022
Windows Stack Based Auto Buffer Overflow Exploiter

Autoflow - Windows Stack Based Auto Buffer Overflow Exploiter Autoflow is a tool that exploits windows stack based buffer overflow automatically.

Himanshu Shukla 19 Dec 22, 2022
POC using subprocess lib in Python ๐Ÿ

POC subprocess โ˜ž POC using the subprocess library with Python. References: https://github.com/GuillaumeFalourd/poc-subprocess https://geekflare.com/le

Guillaume Falourd 2 Nov 28, 2022
Searches through git repositories for high entropy strings and secrets, digging deep into commit history

truffleHog Searches through git repositories for secrets, digging deep into commit history and branches. This is effective at finding secrets accident

Truffle Security 10.1k Jan 09, 2023
Credit Card And SK Checker Written In Python

๐Ÿ’ณ Credit Card Checker (CC Checker) & Mass SK Checker & Generator ๐Ÿ’ณ

Rimuru Tempest 53 Dec 31, 2022
SARA - Simple Android Ransomware Attack

SARA - Simple Android Ransomware Attack Disclaimer The author is not responsible for any issues or damage caused by this program. Features User can cu

Termux Hackers 99 Jan 04, 2023
A Python application to predict what is cooking

ez-cuisine-classifier A Python application to predict what is cooking Environment Python 3.9 Windows 10 Install python -m venv venv .\venv\Scripts\act

Zeheng Li 1 Jun 21, 2022
Polkit - Local Privilege Escalation (CVE-2021-3560)

CVE-2021-3560 Polkit - Local Privilege Escalation Original discovery by kevin_backhouse from GitHub Security Lab References https://github.blog/2021-0

Salman Asad 1 Nov 12, 2021
Generate MIPS reverse shell shellcodes easily !

MIPS-Reverse MIPS-Reverse is a tool that can generate shellcodes for the MIPS architecture that launches a reverse shell where you can specify the IP

29 Jul 27, 2021
Cookiecutter for creating open source Python packages

Cookiecutter for rapidly developing new open source Python packages. Best practices with all the modern bells and whistles included.

Wolt 177 Dec 22, 2022
Lite version of my Gatekeeper backdoor for public use.

Gatekeeper Lite Backdoor Fully functioning bind-type backdoor This backdoor is a fully functioning bind shell and lite version of my full functioning

Joe Helle 56 Mar 25, 2022
A local Socks5 server written in python, used for integrating Multi-hop

proxy-Zata proxy-Zata v1.0 This is a local Socks5 server written in python, used for integrating Multi-hop (Socks4/Socks5/HTTP) forward proxy then pro

4 Feb 24, 2022
The RDT protocol (RDT3.0,GBN,SR) implementation and performance evaluation code using socket

์†Œ์ผ“์„ ์ด์šฉํ•œ RDT protocols (RDT3.0,GBN,SR) ๊ตฌํ˜„ ๋ฐ ์„ฑ๋Šฅ ํ‰๊ฐ€ ์ฝ”๋“œ ์ž…๋‹ˆ๋‹ค. ์ฝ”๋“œ๋ฅผ ์‹คํ–‰ํ• ๋•Œ ๋ฆฌ์‹œ๋ฒ„๋ฅผ ๋จผ์ € ์‹คํ–‰ํ•˜์„ธ์š”. ์„ฑ๋Šฅ ํ‰๊ฐ€ ์ฝ”๋“œ๋Š” ํŒจํ‚ท ์ „์†ก ๊ณผ์ •์„ ์ œ์™ธํ•˜๊ณ  ์‹œ๊ฐ„๋‹น ์ „์†ก๋ฅ ์„ ์ถœ๋ ฅํ•ฉ๋‹ˆ๋‹ค. RDT3.0 GBN SR(๋ฒ„๊ทธ ๋ฐœ๊ฒฌ์œผ๋กœ ๊ตฌํ˜„์ค‘ ์ž…๋‹ˆ

kimtaeyong98 0 Dec 20, 2021
Automated tool to find & created Exploit Poc for Clickjacking Vulnerability

ClickJackPoc This tool will help you automate finding Clickjacking Vulnerability by just passing a file containing list of Targets . Once the Target i

Chirag Agrawal 24 Dec 19, 2022
An Advanced Local Network IP Scanner, made in python of course!

โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•— โ€ƒโ€ƒ โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•—โ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•”โ•โ•โ–ˆโ–ˆโ•—โ€ƒโ€ƒโ–ˆโ–ˆโ•”โ•โ•โ•โ•โ•โ–ˆโ–ˆโ•”โ•โ•โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ•”โ•โ•โ–ˆโ–ˆโ•—โ–ˆโ–ˆโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ–ˆโ–ˆโ•— โ–ˆโ–ˆโ•‘โ–ˆโ–ˆโ•”โ•โ•โ•โ•โ•โ–ˆโ–ˆโ•”โ•โ•โ–ˆโ–ˆ

Polsulpicien 2 Dec 18, 2021
Port scanning tool that uses Python3. Created by Noble Wilson

Hello There! My name is Noble Wilson and I am an aspiring IT/InfoSec coder practicing for my future. ________________________________________________

1 Nov 23, 2021