check_mkExtension to check for log4j2 CVE-2021-44228This Plugin wraps around logpresso/CVE-2021-44228-Scanner (Apache License 2.0)
Run in 5 steps:
META-INF/maven/org.apache.logging.log4j/log4j-core/pom.properties entry from JAR file.Log4j command generator Generate commands for CVE-2021-44228. Description The vulnerability exists due to the Log4j processor's handling of log messag
log4j-tools Quick links Click to find: Inclusions of log4j2 in compiled code Calls to log4j2 in compiled code Calls to log4j2 in source code Overview
1.Create a Sample Vulnerable Application . 2.Start a netcat listner . 3.Run the exploit . 5.Use jdk1.8.0_20 for better results . Exploit-db - https://
log4j An automated header extensive scanner for detecting log4j RCE CVE-2021-44228 Usage $ python3 log4j.py -l urls.txt --dns-log REPLACE_THIS.dnslog.
Log4j dork scanner This is an auto script to search, scrape and scan for Apache Log4j CVE-2021-44228 affected files using Google dorks. Installation:
CVE-2021-44228-log4jVulnScanner-metasploit open detection and scanning tool for discovering and fuzzing for Log4J RCE CVE-2021-44228 vulnerability pre
#1 使用说明 CVE-2021-44228 log4j 2.x rce漏洞检测工具,对目标链接发起get请求并利用dnslog探测是否有回显 $ python3 log4j-scan.py -h
yLog4j This is Y-Sec's @PortSwigger Burp Plugin for the Log4j CVE-2021-44228 vulnerability. The focus of yLog4j is to support mass-scanning of the Log
log4shell_scanner Scans all drives for log4j jar files and gets their version from the manifest. Windows and Windows Server only.
Logpresso Log4j2 Scanner version 2.6.1
Source code(tar.gz)Logpresso Log4j2 Scanner version 2.5.3
Source code(tar.gz)New functionality
Fixes:
Changes:
Logpresso Log4j2 Scanner to version 2.1.3
Source code(tar.gz)Logpresso Log4j2 Scanner to version 2.1.0
Source code(tar.gz)Logpresso Log4j2 Scanner version 1.7.0
Source code(tar.gz)Update Logpresso Log4j2 Scanner to version 1.6.3
Source code(tar.gz)All in One CRACKER911181's Tool. This Tool For Hacking and Pentesting. 🎭
Multi-Process Vulnerability Tool
Introduction expbox is an exploit code collection repository List CVE-2021-41349 Exchange XSS PoC = Exchange 2013 update 23 = Exchange 2016 update 2
CLICK-Jack It is a automatic tool to find Clickjacking Vulnerability in various
LFI-Hunter Searches for potentially vulnerable websites to local file inclusion, throughout the web and then exploits them for LFI A script written in
Pestilence - The Malware Database [] Screenshot Pestilence is a project created to make the possibility of malware analysis open and available to the
Volatile Fast and easy way to rollout on multiple GitLab project file a particular content. Why ? After looking for a tool to simply enforce a develop
pybox A proof-of-concept bare-bones container written in 50 lines of python code. Provides namespace isolation and resource limit control Usage Insta
dora Features Blazing fast as we are using ripgrep in backend Exploit/PoC steps for many of the API key, allowing to write a good report for bug bount
Zero Attacker Zero Attacker is bunch of tools which we made for people.These all tools are for purpose of ethical hacking and discord tools. Who is th
WELCOME TO LAYLA Layla is a python script that automatically performs recon on a
OSINT cli tool skeleton Template for new OSINT command-line tools. Press button "Use this template" to generate your own tool repository. See INSTALL.
Python sandbox runners for executing code in isolation aka snekbox.
DSLF DSLF stands for (D)arth (S)ide of the (L)og4j (F)orce. It is the ultimate log4j vulnerabilities assessor. It comes with four individual Python3 m
Qbot-Strings-Decrypter An IDA pro python script to decrypt Qbot malware strings.
AdminerRead Exploit tool for Adminer 1.0 up to 4.6.2 Arbitrary File Read vulnerability Installation git clone https://github.com/p0dalirius/AdminerRea
Compilation of resources and insights that helped me on my journey to data scientist
Big-Papa is a remote cookie stealer which can then be used for session hijacking and Bypassing 2 Factor Authentication
About POC of an offline server for IDA Lumina feature.
firmeye - IoT固件漏洞挖掘工具 firmeye 是一个 IDA 插件,基于敏感函数参数回溯来辅助漏洞挖掘。我们知道,在固件漏洞挖掘中,从敏感/危险函数出发,寻找其参数来源,是一种很有效的漏洞挖掘方法,但程序中调用敏感函数的地方非常多,人工分析耗时费力,通过该插件,可以帮助排除大部分的安全
1 Jan 3, 2022
171 Dec 25, 2022
7 Aug 6, 2022
2 Dec 16, 2021
5 Dec 27, 2022
7 Nov 9, 2022
4 Jan 13, 2022
1 Jan 31, 2022
1 Dec 29, 2021
331 Jan 01, 2023
1 Dec 22, 2021
263 Feb 14, 2022
4 Jan 10, 2022
6 Jan 30, 2022
47 Dec 21, 2022
4 Jan 17, 2022
5 Jun 03, 2021
243 Dec 27, 2022
300 Dec 28, 2022
68 Jan 04, 2023
36 Dec 20, 2022
164 Dec 20, 2022
1 Jan 11, 2022
6 Sep 01, 2022
58 Dec 05, 2022
1.5k Jan 02, 2023
77 Jan 03, 2023
166 Dec 30, 2022
171 Nov 28, 2022