Provides script to download and format public IP lists related to the Log4j exploit.

Last update: Jan 02, 2022

Overview

Log4j-Firewall-Blacklist-Builder

Requirements:

Python3
Python3 requests module

Usage and details:

cisco_ASA_format_CriticalPathSecurity.py and cisco_ASA_format_gnremy.py

Will download a public IP List and format it to be used on a Cisco ASA.
This will create a txt file with the configuration ready to be copy-pasted into a Cisco ASA, it will create a Network Group named "Log4j_Blacklist_IP" with all IP as hosts inside of it.
Deleting the Netwrok Group will also delete all hosts.

extract_CriticalPathSecurity_list.py and extract_gnremy_list.py

Will download a public IP List and create a list with IP only, one per line in a txt file.

IP List Sources

Critical Path Security gits: https://raw.githubusercontent.com/CriticalPathSecurity/Public-Intelligence-Feeds/master/log4j.txt
gnremy gits: https://gist.githubusercontent.com/gnremy/c546c7911d5f876f263309d7161a7217

Owner

Gianluca Ulivi

23 y/o; Networking Specialist

GitHub Repository

Tool for finding PHP source code vulnerabilities.

vulnz Tool for finding php source code vulnerabilities. Scans PHP source code and prints out potentially dangerous lines. This tool is useful for secu

1 Jan 14, 2022

A honey token manager and alert system for AWS.

SpaceSiren SpaceSiren is a honey token manager and alert system for AWS. With this fully serverless application, you can create and manage honey token

287 Nov 09, 2022

Repo for The Crown: Exploratory Analysis of Nim Malware DEF CON 615 talk

Repo for "The Crown: Exploratory Analysis of Nim Malware" DEF CON 615 talk

43 Dec 03, 2022

CVE-2021-44228 log4j 2.x rce漏洞检测工具

#1 使用说明 CVE-2021-44228 log4j 2.x rce漏洞检测工具，对目标链接发起get请求并利用dnslog探测是否有回显 $ python3 log4j-scan.py -h

4 Jan 13, 2022

Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage and potential attacks.

Dependency Combobulator Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage

84 Dec 23, 2022

A python script to turn Ubuntu Desktop in a one stop security platform. The InfoSec Fortress installs the packages,tools, and resources to make Ubuntu 20.04 capable of both offensive and defensive security work.

infosec-fortress A python script to turn Ubuntu Desktop into a strong DFIR/RE System with some teeth (Purple Team Ops)! This is intended to create a s

41 Dec 30, 2022

python写的一款免杀工具（shellcode加载器）BypassAV，国内杀软全过（windows denfend）

266 Jan 02, 2023

A simple multi-threaded distributed SSH brute-forcing tool written in Python.

OrbitalDump A simple multi-threaded distributed SSH brute-forcing tool written in Python. How it Works When the script is executed without the --proxi

408 Jan 03, 2023

Apk Framework Detector

🚀🚀🚀Program helps you to detect the major framework or technology used in writing any android app. Just provide the apk 😇😇

10 Dec 07, 2022

Argument Injection in Dragonfly Ruby Gem

CVE-2021-33564 PoC Exploit script for CVE-2021-33564 (Argument Injection in Dragonfly Ruby Gem). Usage Arbitrary File Read python3 poc.py -u https://

12 Nov 09, 2022

A python based tool that executes various CVEs to gain root privileges as root on various MAC OS platforms.

MacPer A python based tool that executes various CVEs to gain root privileges as root on various MAC OS platforms. Not all of the exploits directly sp

20 Nov 30, 2022

😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.

😭 WSOB (CVE-2022-29464) 😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464. CVE-2022-29464 details:

25 Oct 14, 2022

Community Repository for Unofficial Saltbox Add-ons

Saltbox Sandbox Repo Community Repository for Unofficial Saltbox Add-ons Requirements Saltbox Documentation Undetermined Roles List of roles can be fo

31 Dec 19, 2022

对naabu的端口扫描结果，调用nmap进行指纹识别

naabu2nmap 对naabu的端口扫描结果，调用nmap进行指纹识别

12 Nov 22, 2022

Facebook Fast Cracking Tool With Python

Pro-Crack Facebook Fast Cracking Tool This is a multi-password‌ cracking tool that can help you hack facebook accounts very quickly Installation On Te

5 Feb 19, 2022

Workshop Material on VM-based Deobfuscation

Analysis of Virtualization-based Obfuscation This repository contains slides, samples and code of the 4h code deobfuscation workshop at r2con2021. We

133 Dec 18, 2022

对安卓APP注入MSF PAYLOAD，并且对手机管家进行BYPASS。

520_APK_HOOK 介绍将msf生成的payload，注入到一个正常的apk文件中，重新打包后进行加固，bypass手机安全管家的检测。项目地址: https://github.com/cleverbao/520apkhook 作者: BaoGuo 优点相比于原始的msf远控，此版本ap

368 Jan 02, 2023

Discord Region Swapping Exploit (VC Overload)

Discord-VC-Exploit Discord Region Swapping Exploit (VC Overload) aka VC Crasher How does this work? Discord has multiple servers that lets people arou

11 Sep 10, 2022

Recon is a script to perform a full recon on a target with the main tools to search for vulnerabilities.

👑 Recon 👑 The step of recognizing a target in both Bug Bounties and Pentest can be very time-consuming. Thinking about it, I decided to create my ow

171 Dec 31, 2022

A proxy server application written in python for trial purposes

python-proxy-server This is a proxy server ❤️ application written in python ❤️ for trial purposes. The purpose of the application; Connecting to Hacke

2 Dec 27, 2021