check_mkExtension to check for log4j2 CVE-2021-44228This Plugin wraps around logpresso/CVE-2021-44228-Scanner (Apache License 2.0)
Run in 5 steps:
META-INF/maven/org.apache.logging.log4j/log4j-core/pom.properties entry from JAR file.Log4j command generator Generate commands for CVE-2021-44228. Description The vulnerability exists due to the Log4j processor's handling of log messag
log4j-tools Quick links Click to find: Inclusions of log4j2 in compiled code Calls to log4j2 in compiled code Calls to log4j2 in source code Overview
1.Create a Sample Vulnerable Application . 2.Start a netcat listner . 3.Run the exploit . 5.Use jdk1.8.0_20 for better results . Exploit-db - https://
log4j An automated header extensive scanner for detecting log4j RCE CVE-2021-44228 Usage $ python3 log4j.py -l urls.txt --dns-log REPLACE_THIS.dnslog.
Log4j dork scanner This is an auto script to search, scrape and scan for Apache Log4j CVE-2021-44228 affected files using Google dorks. Installation:
CVE-2021-44228-log4jVulnScanner-metasploit open detection and scanning tool for discovering and fuzzing for Log4J RCE CVE-2021-44228 vulnerability pre
#1 使用说明 CVE-2021-44228 log4j 2.x rce漏洞检测工具,对目标链接发起get请求并利用dnslog探测是否有回显 $ python3 log4j-scan.py -h
yLog4j This is Y-Sec's @PortSwigger Burp Plugin for the Log4j CVE-2021-44228 vulnerability. The focus of yLog4j is to support mass-scanning of the Log
log4shell_scanner Scans all drives for log4j jar files and gets their version from the manifest. Windows and Windows Server only.
Logpresso Log4j2 Scanner version 2.6.1
Source code(tar.gz)Logpresso Log4j2 Scanner version 2.5.3
Source code(tar.gz)New functionality
Fixes:
Changes:
Logpresso Log4j2 Scanner to version 2.1.3
Source code(tar.gz)Logpresso Log4j2 Scanner to version 2.1.0
Source code(tar.gz)Logpresso Log4j2 Scanner version 1.7.0
Source code(tar.gz)Update Logpresso Log4j2 Scanner to version 1.6.3
Source code(tar.gz)Bad Blood Bad Blood is an exploit for CVE-2021-20038, a stack-based buffer overflow in the httpd binary of SMA-100 series systems using firmware versi
DeadDNS Multi-threaded DNS hijacking via dead records automation tool How it works 1) Dig provided subdomains file for dead DNS records. 2) Dig the fo
Hidden Miner Detector This tool help you to check if your Windows machine has hidden miner. Miners track when you open antivirus software or task mana
DomainMonitor is a web project that has a RESTful API to get a domain's subdomains and whois data.
SSLyze SSLyze is a fast and powerful SSL/TLS scanning tool and Python library. SSLyze can analyze the SSL/TLS configuration of a server by connecting
Detect secret in source code, scan your repo for leaks. Find secrets with GitGuardian and prevent leaked credentials. GitGuardian is an automated secrets detection & remediation service.
Opensource Project Simple Python Password Generator This repository is just for peoples who want to generate strong-passwords for there social-account
4nought3 A python script to bypass 403-forbidden. It covers methods like Host-Header Injections, Changing HTTP Requests Methods and URL-Injections. Us
passwnd Check for breached passwords with k-anonymity Usage To get prompted to enter the password securely, simply run: passwnd.py Alternatively, you
🏆 Pancakeswap BSC Sniper Bot web3 with honeypot detector (ANDROID WINDOWS MAC LINUX) 🥇 ⭐️ ⭐️ ⭐️ First SNIPER BOT for ANDROID & WINDOWS with honeypot
Vulnerability assessment for CVE-2022-22536 This repository contains a Python script that can be used to check if a SAP system is affected by CVE-2022
SonicWALL SSL-VPN Web Server Vulnerable Exploit
notForbidden Security tool to test different bypass of forbidden Usage python3 notForbidden.py URL Features Bypass with different methods (POST, OPT
TLaunch: Launch Programs on Multiple Hosts Introduction Deepmind launchpad is a library that helps writing distributed program in a simple way. But cu
pyew Pyew is a (command line) python tool to analyse malware. It does have support for hexadecimal viewing, disassembly (Intel 16, 32 and 64 bits), PE
Execution After Redirect (EAR) / Long Response Redirection Vulnerability Scanner written in python3, It Fuzzes All URLs of target website & then scan them for EAR
log4j Script checks provided domains for log4j vulnerability. A token is created with canarytokens.org and passed as header at request for a single do
CVE-2021-41773 PoC Proof of concept to check if hosts are vulnerable to CVE-2021-41773. Description (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CV
CodeTest信息收集和漏洞利用工具,可在进行渗透测试之时方便利用相关信息收集脚本进行信息的获取和验证工作,漏洞利用模块可选择需要测试的漏洞模块,或者选择所有模块测试,包含CVE-2020-14882, CVE-2020-2555等,可自己收集脚本后按照模板进行修改。
Installation $ pkg update && pkg upgrade $ pkg install python2 $ pkg install git $ git clone https://github.com/Mark-Zuck/zafi $ cd zafi $ pip2 instal
1 Jan 3, 2022
171 Dec 25, 2022
7 Aug 6, 2022
2 Dec 16, 2021
5 Dec 27, 2022
7 Nov 9, 2022
4 Jan 13, 2022
1 Jan 31, 2022
1 Dec 29, 2021
80 Dec 29, 2022
45 Dec 20, 2022
2 Oct 05, 2022
2 Feb 05, 2022
2.8k Jan 03, 2023
1.2k Dec 27, 2022
15 Dec 01, 2022
11 Aug 27, 2022
1 Feb 08, 2022
12 Jan 07, 2023
42 Dec 01, 2022
44 Nov 15, 2022
6 Sep 08, 2022
11 Nov 11, 2022
362 Nov 28, 2022
9 Dec 12, 2022
2 Dec 12, 2021
43 Nov 09, 2022
23 Mar 18, 2021
50 Dec 26, 2022