This is Y-Sec's @PortSwigger Burp Plugin for the Log4j CVE-2021-44228 vulnerability. The focus of yLog4j is to support mass-scanning of the Log4j vulnerability CVE-2021-44228.
Please see our Blog post for details and backgrounds.
It is recommended, but not required, to use a dedicated Scanning Profile. See Y-Security-Log4j-Scan.json as an example.
Take Note! With the exception of issues and PRs regarding changes to hosts/data/StevenBlack/hosts, all other issues regarding the content of the produ
proxyshell-auto usage: proxyshell.py [-h] -t T Automatic Exploit ProxyShell optional arguments: -h, --help show this help message and exit -t T
📂 Public Bug Bounty Targets Data By BugBountyResources A collection of over 5.1M sub-domains and assets belonging to bug bounty targets, all put in a
CVE-2021-40870 Exploitation An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous ty
✭ DMBF CRACK Dibuat Dengan ❤️ Oleh Dapunta Author: - Dapunta Khurayra X ⇨ Fitur Login [✯] Login Token ⇨ Fitur Crack [✯] Crack Dari Teman, Public,
PocOrExp in Github 聚合Github上已有的Poc或者Exp,CVE信息来自CVE官网 注意:只通过通用的CVE号聚合,因此对于MS17-010等Windows编号漏洞以及著名的有绰号的漏洞,还是自己检索一下比较好 Usage python3 exp.py -h usage: ex
HELLogger simple python keylogger DISCLAIMERS: DON'T DO BAD THINGS. THIS PROGRAM IS MEANT FOR PERSONAL USES ONLY. USE IT ONLY IN COMPUTERS WHERE YOU H
GetMail 利用NTLM Hash读取Exchange邮件:在进行内网渗透时候,我们经常拿到的是账号的Hash凭据而不是明文口令。在这种情况下采用邮件客户端或者WEBMAIL的方式读取邮件就很麻烦,需要进行破解,NTLM的破解主要依靠字典强度,破解概率并不是很大。
Inspektur Cari informasi mengenai email dan nomor telepon dengan mudah. Inspektur adalah aplikasi OSINT yang berguna untuk mencari informasi berdasark
Attack SQL Server through gopher protocol
naabu2nmap 对naabu的端口扫描结果,调用nmap进行指纹识别
python-proxy-server This is a proxy server ❤️ application written in python ❤️ for trial purposes. The purpose of the application; Connecting to Hacke
client attack remotely , this script was written for educational purposes only, do not use against to any victim, which you do not have permission for it
Implementation of an attack on a tropical algebra discrete logarithm based protocol This code implements the attack detailed in the paper: On the trop
Fly Dev Tunnel Developers commonly use apps like ngrok, localtunnel, or cloudflared to expose a local web service at a publicly-accessible URL. This i
BloodyAD Framework BloodyAD is an Active Directory Privilege Escalation Framework, it can be used manually using bloodyAD.py or automatically by combi
xp_CAPTCHA(白嫖版) 说明 xp_CAPTCHA (白嫖版) 验证码识别 burp插件 安装 需要python3 小于3.7的版本 安装 muggle_ocr 模块(大概400M左右) python3 -m pip install -i http://mirrors.aliyun.com/
DataExtractor A simple Burp Suite extension to extract datas from source code. Features in scope parsing file extensions to ignore files exclusion bas
finitevolume2-python Finite Volume simulation of the Raleigh-Taylor Instability Create Your Own Finite Volume Fluid Simulation (With Python): Part 2 B
HatSploit collection of generic payloads designed to provide a wide range of attacks without having to spend time writing new ones.
22.1k Jan 02, 2023
93 Jan 05, 2023
87 Dec 13, 2022
16 Nov 15, 2022
10 Oct 19, 2022
567 Dec 30, 2022
10 Nov 10, 2022
[email protected]">
388 Dec 27, 2022
36 Dec 04, 2022
17 Nov 30, 2022
12 Nov 22, 2022
2 Dec 27, 2021
9 Jun 05, 2022
3 Dec 30, 2021
170 Dec 11, 2022
757 Jan 07, 2023
588 Jan 09, 2023
86 Dec 31, 2022
12 Sep 01, 2022
5 May 10, 2022