open detection and scanning tool for discovering and fuzzing for Log4J RCE CVE-2021-44228 vulnerability

Last update: Nov 09, 2022

Overview

CVE-2021-44228-log4jVulnScanner-metasploit

open detection and scanning tool for discovering and fuzzing for Log4J RCE CVE-2021-44228 vulnerability

preparation POC

git clone https://github.com/TaroballzChen/CVE-2021-44228-log4jVulnScanner-metasploit
cd CVE-2021-44228-log4jVulnScanner-metasploit
mkdir -p ~/.msf4/modules/auxiliary/scanner/http
cp log4j2.py ~/.msf4/modules/auxiliary/scanner/http/
chmod +x ~/.msf4/modules/auxiliary/scanner/http/log4j2.py
msfconsole

POC usage

use auxiliary/scanner/http/log4j2
set url 
   
    
set dns 
    
     
set request_type 
     
      
set headers_file

result

Reference

https://github.com/fullhunt/log4j-scan

Owner

Taroballz

GitHub Repository

Create a secure tunnel from a custom domain to localhost using Fly and WireGuard.

Fly Dev Tunnel Developers commonly use apps like ngrok, localtunnel, or cloudflared to expose a local web service at a publicly-accessible URL. This i

170 Dec 11, 2022

md5 hash cracking with python.

Python-Md5-Cracker- md5 hash cracking with python. Original files added First create a file called word.txt then run the wordCreate.py script The task

0 Aug 31, 2022

This is a Python program that implements a vacuum cleaner as an Artificial Intelligence.

Vacuum-Cleaner Python3 This is a Python3 agent that implements a simulator for a vacuum cleaner and it is introduction to Artificial Intelligence. A s

6 Nov 14, 2022

Python tool for exploiting CVE-2021-35616

OracleOTM Python tool for exploiting CVE-2021-35616 The script works in modules, which I implemented in the following order: ► Username enumeration ►

11 Dec 06, 2022

FOSSLight Scanner performs open source analysis after downloading the source by passing a link that can be cloned by wget or git.

FOSSLight Scanner Analyze at once for Open Source Compliance. FOSSLight Scanner performs open source analysis after downloading the source by passing

8 Nov 03, 2022

这次是可可萝病毒！

可可萝病毒！事情是这样的，我又开始不干正事了。众所周知，在Python里，0x0等于0，但是不等于可可萝。这很不好，我们得把它改成可可萝！效果一般的Python—— Python 3.8.0 (tags/v3.8.0:fa919fd, Oct 14 2019, 19:37:50) [MSC

29 Jul 14, 2022

It is a very simple XSS simulator based on flask, python.

It is a very simple XSS simulator based on flask, python. The purpose of making this is for teaching the concept of XSS.

3 May 10, 2022

Bandit is a tool designed to find common security issues in Python code.

A security linter from PyCQA Free software: Apache license Documentation: https://bandit.readthedocs.io/en/latest/ Source: https://github.com/PyCQA/ba

4.8k Dec 31, 2022

A hashtag check python module

3 Aug 10, 2022

Use scrapli to retrieve security zone information from a Juniper SRX firewall

Get Security Zones with Scrapli Overview This example will show how to retrieve security zone information on Juniper's SRX firewalls. In addition to t

2 Jun 19, 2022

This a simple tool XSS Detection Suite for CTFs games

2 Nov 24, 2021

CVE-2022-23046 - SQL Injection Vulnerability on PhpIPAM v1.4.4

CVE-2022-23046 PhpIPAM v1.4.4 allows an authenticated admin user to inject SQL s

2 Feb 15, 2022

Official repository for Pyew.

pyew Pyew is a (command line) python tool to analyse malware. It does have support for hexadecimal viewing, disassembly (Intel 16, 32 and 64 bits), PE

362 Nov 28, 2022

Natas teaches the basics of serverside web-security.

over-the-wire-natas Natas teaches the basics of serverside web-security. Each level of natas consists of its own website located at http://natasX.nata

1 Nov 27, 2021

Log4jScanner is a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains.

Log4jScanner Log4jScanner is a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains. Disc

35 Dec 12, 2022

open detection and scanning tool for discovering and fuzzing for Log4J RCE CVE-2021-44228 vulnerability

Related tags

Overview

CVE-2021-44228-log4jVulnScanner-metasploit

preparation POC

POC usage

result

Reference

Owner

Taroballz

Create a secure tunnel from a custom domain to localhost using Fly and WireGuard.

md5 hash cracking with python.

This is a Python program that implements a vacuum cleaner as an Artificial Intelligence.

Python tool for exploiting CVE-2021-35616

FOSSLight Scanner performs open source analysis after downloading the source by passing a link that can be cloned by wget or git.

这次是可可萝病毒！

It is a very simple XSS simulator based on flask, python.

Bandit is a tool designed to find common security issues in Python code.

A hashtag check python module

Use scrapli to retrieve security zone information from a Juniper SRX firewall

This a simple tool XSS Detection Suite for CTFs games

CVE-2022-23046 - SQL Injection Vulnerability on PhpIPAM v1.4.4

Official repository for Pyew.

Natas teaches the basics of serverside web-security.

Log4jScanner is a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains.

Script Crack Facebook Yang Kaya Akan Teh Hijau 🚶‍♂

This is a keylogger in python for Windows, Mac and Linux!

The Decompressoin tool for Vxworks MINIFS

OpenSource Poc && Vulnerable-Target Storage Box.

Webpack自动化信息收集