🐞
Log4Scan
Log4scan
针对header头和fuzz参数的主动批量扫描,用于大批量黑盒检测
先配置ceye信息
self.host = ""
self.token = ""
PassiveLog4Scan
burp suite 被动扫描插件,对每个参数、header头、Cookie做扫描
先配置ceye信息
self.host = ""
self.token = ""
A simple Log4Shell Scan with python
Overview
Scout Suite - an open source multi-cloud security-auditing tool,
Description Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using t
5k Jan 05, 2023
This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.
webapp-wordlists This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version co
396 Jan 08, 2023
Cve-2021-22005-exp
cve-2021-22005-exp 0x01 漏洞简介 2021年9月21日,VMware发布安全公告,公开披露了vCenter Server中的19个安全漏洞,这些漏洞的CVSSv3评分范围为4.3-9.8。 其中,最为严重的漏洞为vCenter Server 中的任意文件上传漏洞(CVE-20
146 Dec 31, 2022
BurpSuite Extension: Log4j RCE Scanner
BurpSuite Extension: Log4j RCE Scanner
1 Dec 16, 2021
Attack SQL Server through gopher protocol
Attack SQL Server through gopher protocol
17 Nov 30, 2022
Cryptick is a stock ticker for cryptocurrency tokens, and a physical NFT.
Cryptick is a stock ticker for cryptocurrency tokens, and a physical NFT. This repository includes tools and documentation for the Cryptick device.
1 Dec 31, 2021
LinOTP - the open source solution for two factor authentication
LinOTP LinOTP - the Open Source solution for multi-factor authentication Copyright © 2010-2019 KeyIdentity GmbH Coypright © 2019- arxes-tolina GmbH In
462 Jan 02, 2023
MTBLLS Ethical Hacking Tool Announcement of v2.0
MTBLLS Ethical Hacking Tool Announcement of v2.0 MTBLLS is a Free and Open-Source Ethical Hacking Tool developed by GhostTD (SkyWtkh) The tool can onl
2 Mar 19, 2022
Searches filesystem for CVE-2021-44228 and CVE-2021-45046 vulnerable instances of log4j library, including embedded (jar/war/zip) packaged ones.
log4shell_finder Python port of https://github.com/mergebase/log4j-detector log4j-detector is copyright (c) 2021 - MergeBase Software Inc. https://mer
33 Jan 04, 2023
The Multi-Tool Web Vulnerability Scanner.
🟥 RapidScan v1.2 - The Multi-Tool Web Vulnerability Scanner RapidScan has been ported to Python3 i.e. v1.2. The Python2.7 codebase is available on v1
1.3k Dec 31, 2022
A secure password generator written in python
gruvbox-factory 🏭 "The main focus when developing gruvbox is to keep colors easily distinguishable, contrast enough and still pleasant for the eyes"
430 Dec 27, 2022
A simple password generator using Python Tkinter.
Password-Generator-using-Python A simple password generator that generates password for you. User can Copy the password to Clipboard. Project made usi
1 Nov 02, 2022
WpDisect is a wordpress hacking tool that finds vulnerabilities in wordpress.
wpdisect WpDisect is a wordpress hacking tool that finds misconfigurations in wordpress. Prerequisites You need to download wordpress in the wpdisect
3 Feb 20, 2022
Python DNS Lookup: The Domain Name System (DNS) is basically the phonebook of the Internet
-Python-DNS-Lookup- ✨ 🌟 Python DNS Lookup ✨ 🌟 The Domain Name System (DNS) is
2 Feb 14, 2022
Threat Intelligence Gathering 威胁情报收集,旨在提高蓝队拿到攻击 IP 后对其进行威胁情报信息收集的效率。
0x00 介绍 tig Threat Intelligence Gathering 威胁情报收集,旨在提高蓝队拿到攻击 IP 后对其进行威胁情报信息收集的效率,目前已集成微步、IP 域名反查、Fofa 信息收集、ICP 备案查询、IP 存活检测五个模块,现已支持以下信息的查询: ✅ 微步标签 ✅ I
698 Dec 09, 2022
A dynamic multi-STL, multi-process OpenSCAD build system with autoplating support
scad-build This is a multi-STL OpenSCAD build system based around GNU make. It supports dynamic build targets, intelligent previews with user-defined
1 Dec 21, 2021
PoC encrypted diary in Python 3
Encrypted diary Sample program to store confidential data. Provides encryption in the form of AES-256 with bcrypt KDF. Does not provide authentication
1 Dec 25, 2021
Hadoop Yan RPC unauthorized RCE
Vuln Impact On November 15, 2021, A security researcher disclosed that there was an unauthorized access vulnerability in Hadoop yarn RPC. This vulnera
25 Nov 24, 2022
Script hecho en python para sacar la informacion del numero de telefono, Hecha con el API de numverify
Script hecho en python para sacar la informacion del numero de telefono, Hecha con el API de numverify
5 Dec 03, 2022
将hw时信息收集以及简单的漏洞操作步骤简单化
Braised-vegetables 将hw时信息收集以及简单的漏洞扫描操作步骤简单化 使用subfinder(被动子域名爆破收集) subdomain(主动域名爆破) nabbu(端口扫描) httpx(探测目录浏览) crawlergo(360深度爬虫) chorme(谷歌浏览器) xray(漏
19 Nov 15, 2022