Python script that sends CVE-2021-44228 log4j payload requests to url list

Last update: Nov 09, 2022

Related tags

Security related resources scan4log4j

Overview

scan4log4j

Python script that sends CVE-2021-44228 log4j payload requests to url list

[VERY BETA]

using

Supply your url list to urls.txt
Put your payload(s) in payloads.txt
(Optional) add more headers in headers.txt
Run ./scan4log4j.py

Owner

elyesa

GitHub Repository

AutoScan 有多个目标时，调用xray+rad进行自动扫描

Usage: 在高级版Xray和rad同目录下运行 python3 X-AutoXray.py xxxx.txt 写的蛮人性化的哦，os,linux,windows通用生成的xray报告会在当前目录的/result下面 Ctrl+c 打断脚本运行时还可以结算扫描进度，生成已扫描和未扫描的进度文件，

73 Jan 01, 2023

SeaSurf is a Flask extension for preventing cross-site request forgery (CSRF).

Flask-SeaSurf SeaSurf is a Flask extension for preventing cross-site request forgery (CSRF). CSRF vulnerabilities have been found in large and popular

183 Dec 28, 2022

Uncover the full name of a target on Linkedin.

Revealin Uncover the full name of a target on Linkedin. It's just a little PoC exploiting a design flaw. Useful for OSINT. Screenshot Usage $ git clon

129 Dec 21, 2022

Scanning for CVE-2021-44228

Filesystem log4j_scanner for windows and Unix. Scanning for CVE-2021-44228, CVE-2021-45046, CVE-2019-17571 Requires a minimum of Python 2.7. Can be ex

4 Jan 09, 2022

A Modified version of TCC's Osprey poc framework......

fierce-fish fierce-fish是由TCC(斗象能力中心)出品并维护的开源漏洞检测框架osprey的改写，去掉臃肿功能的精简版本poc框架 PS：真的用不惯其它臃肿的功能，不过作为一个收集漏洞poc && exp的框架还是非常不错的！！！ osprey For beginners fr

10 Dec 30, 2022

对naabu的端口扫描结果，调用nmap进行指纹识别

naabu2nmap 对naabu的端口扫描结果，调用nmap进行指纹识别

12 Nov 22, 2022

The best Python Backdoor👌

Backdoor The best Python Backdoor Files Server file is used in all of cases If client is Windows, the client need execute EXE file If client is Linux,

13 Oct 28, 2022

A Python Scanner for log4j

log4j-Scanner scanner for log4j cat web-urls.txt | python3 log4j.py ID.burpcollaborator.net web-urls.txt http://127.0.0.1:8080 https://www.google.c

5 Jun 26, 2022

proof-of-concept running docker container from omero web

docker-from-omero-poc proof-of-concept running docker container from omero web How-to Edit test_script.py so that the BaseClient is created pointing t

2 Jan 22, 2022

Find existing email addresses by nickname using API/SMTP checking methods without user notification. Please, don't hesitate to improve cat's job! 🐱🔎 📬

mailcat The only cat who can find existing email addresses by nickname. Usage First install requirements: pip3 install -r requirements.txt Then just

282 Dec 30, 2022

CamOver is a camera exploitation tool that allows to disclosure network camera admin password.

CamOver is a camera exploitation tool that allows to disclosure network camera admin password. Features Exploits vulnerabilities in most popul

247 Jan 02, 2023

This tool help you to check if your Windows machine has hidden miner.

Hidden Miner Detector This tool help you to check if your Windows machine has hidden miner. Miners track when you open antivirus software or task mana

2 Oct 05, 2022

Python tool for exploiting CVE-2021-35616

OracleOTM Python tool for exploiting CVE-2021-35616 The script works in modules, which I implemented in the following order: ► Username enumeration ►

11 Dec 06, 2022

An auxiliary tool for iot vulnerability hunter

firmeye - IoT固件漏洞挖掘工具 firmeye 是一个 IDA 插件，基于敏感函数参数回溯来辅助漏洞挖掘。我们知道，在固件漏洞挖掘中，从敏感/危险函数出发，寻找其参数来源，是一种很有效的漏洞挖掘方法，但程序中调用敏感函数的地方非常多，人工分析耗时费力，通过该插件，可以帮助排除大部分的安全

171 Nov 28, 2022

对安卓APP注入MSF PAYLOAD，并且对手机管家进行BYPASS。

520_APK_HOOK 介绍将msf生成的payload，注入到一个正常的apk文件中，重新打包后进行加固，bypass手机安全管家的检测。项目地址: https://github.com/cleverbao/520apkhook 作者: BaoGuo 优点相比于原始的msf远控，此版本ap

368 Jan 02, 2023

A python base script from which you can hack or clone any person's facebook friendlist or followers accounts which have simple password

Hcoder This is a python base script from which you can hack or clone any person's facebook friendlist or followers accounts which have simple password

3 Dec 06, 2021

Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading

log4j-detect Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading The script

1 Dec 15, 2021

Python script that sends CVE-2021-44228 log4j payload requests to url list

Related tags

Overview

scan4log4j

using

Owner

elyesa

AutoScan 有多个目标时，调用xray+rad进行自动扫描

SeaSurf is a Flask extension for preventing cross-site request forgery (CSRF).

Uncover the full name of a target on Linkedin.

Scanning for CVE-2021-44228

A Modified version of TCC's Osprey poc framework......

对naabu的端口扫描结果，调用nmap进行指纹识别

The best Python Backdoor👌

A Python Scanner for log4j

proof-of-concept running docker container from omero web

Find existing email addresses by nickname using API/SMTP checking methods without user notification. Please, don't hesitate to improve cat's job! 🐱🔎 📬

CamOver is a camera exploitation tool that allows to disclosure network camera admin password.

This tool help you to check if your Windows machine has hidden miner.

Python tool for exploiting CVE-2021-35616

An auxiliary tool for iot vulnerability hunter

对安卓APP注入MSF PAYLOAD，并且对手机管家进行BYPASS。

A python base script from which you can hack or clone any person's facebook friendlist or followers accounts which have simple password

Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading

SPV SecurePasswordVerification

A hack for writing switch statements with type annotations in Python.

A terminal based web shell controller