273 Open source projects that are alternatives of or similar to awesome-log4shell

Log4j Vulnerability Scanner for Windows

Nmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)

Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading

Fastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excellent performance and low memory footprint.

log4j rce test environment and poc

《HackLog4j-永恒之恶龙》致敬全宇宙最无敌的Java日志库！Tribute to the most invincible Java logging library in the universe!

一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense.

Tool that runs a test to check whether one of your applications is affected by the recent vulnerabilities in log4j: CVE-2021-44228 and CVE-2021-45046

Log4j Shield - fast ⚡, scalable and easy to use Log4j vulnerability CVE-2021-44228 finder and patcher

A mitigation for CVE-2021-44228 (log4shell) that works by patching the vulnerability at runtime. (Works with any vulnerable java software, tested with java 6 and newer)

Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too!

Ansible detector scanner playbook to verify target Linux hosts using the official Red Hat Log4j detector script RHSB-2021-009 Remote Code Execution - log4j (CVE-2021-44228)

Remote command execution vulnerability scanner for Log4j.

Rapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or "that Log4j JNDI exploit" by inspecting the class paths inside files

Log4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.

CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4

This is a complete project series on implementing hacking tools available in Kali Linux into python.

OWASP Security Logging library for Java

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

🏴‍☠️ Pwn misconfigured sites running ShareX custom image uploader API through chained exploit

A collection of my quick and dirty scripts for vulnerability POC and detections

Unsigned code loader for Exynos BootROM

Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228).

Simulating Log4j Remote Code Execution (RCE) vulnerability in a flask web server using python's logging library with custom formatter that simulates lookup substitution by executing remote exploit code.

Some of my public exploits

Log annotation for logging frameworks

Cumulus is web application weakness monitoring, it would be working by add just 3 codelines

Kubernetes security and vulnerability tools and utilities.

Python toolbox to evaluate graph vulnerability and robustness (CIKM 2021)

REST API backend for Reconmap

微信小程序+微信管理后台+微信用户前台

Tenable.io SDK offers a scalable and safe way to integrate with the Tenable.io platform.

https://proandroiddev.com/logging-in-kotlin-8ecfb97a4840

A Python program implementing and exploiting the Minsky Turing machine considered in the paper "Intrinsic Propensity for Vulnerability in Computers? Arbitrary Code Execution in the Universal Turing Machine" as per CVE-2021-32471 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32471)

A collection of my public security advisories.

CVE-2020-11651: Proof of Concept

Extensible framework for analyzing publicly available information about vulnerabilities

The report and the exploit of CVE-2021-26943, the kernel-to-SMM local privilege escalation vulnerability in ASUS UX360CA BIOS version 303.

My solutions to the 2020 NSA Codebreaker Challenge

Checks Minecraft, MultiMC, Lunar and Badlion logs folder to see if you've been affected by the exploit!

Current home of rubysec.com

No description or website provided.

PHP - Automatically add an "index.php" in all directories recursively

Phantom eye——A passive business logic vulnerability auditing tool

Traditional Mitigation in GCC to defend Memory Corruption Vulnerability

大学生信息管理系统——初学路上自己摸索实践的项目

Stamp your code with a trackable digital copyright

OpenSSH 2.3 up to 7.4 Mass Username Enumeration (CVE-2018-15473).

A static binary vulnerability scanner

一些漏洞分析

Apache (Linux) CVE-2021-41773/2021-42013 Mass Vulnerability Checker

Send a Telegram message when your scripts fire an exception or when they finish their execution.

Loss modelling framework.

#INFILTRATE20 raptor's party pack

CVE-2021-43798:Grafana 任意文件读取漏洞

Behavioural driven development UI automation framework using selenium, cucumber-java, testng, maven, phantomjs

Minecraft Honeypot for Log4j exploit. CVE-2021-44228 Log4Shell LogJam

spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧

A command-line tool for exploiting stack-based buffer overflow vulnerabilities.

汽车/安卓/固件/代码安全测试工具集