1019 Open source projects that are alternatives of or similar to log4j-detector

Fastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excellent performance and low memory footprint.

Log4j Vulnerability Scanner for Windows

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

Rapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or "that Log4j JNDI exploit" by inspecting the class paths inside files

Remote command execution vulnerability scanner for Log4j.

Log4j Shield - fast ⚡, scalable and easy to use Log4j vulnerability CVE-2021-44228 finder and patcher

Tool that runs a test to check whether one of your applications is affected by the recent vulnerabilities in log4j: CVE-2021-44228 and CVE-2021-45046

log4j rce test environment and poc

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Sifter aims to be a fully loaded Op Centre for Pentesters

Nmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)

log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.

《HackLog4j-永恒之恶龙》致敬全宇宙最无敌的Java日志库！Tribute to the most invincible Java logging library in the universe!

🦄🔒 Awesome list of secrets in environment variables 🖥️

Detections for CVE-2021-44228 inside of nested binaries

Ansible detector scanner playbook to verify target Linux hosts using the official Red Hat Log4j detector script RHSB-2021-009 Remote Code Execution - log4j (CVE-2021-44228)

Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading

Log4j jndi injection fuzz tool

A mitigation for CVE-2021-44228 (log4shell) that works by patching the vulnerability at runtime. (Works with any vulnerable java software, tested with java 6 and newer)

Packer Fuzzer is a fast and efficient scanner for security detection of websites constructed by javascript module bundler such as Webpack.

🆕 The Multi-Tool Web Vulnerability Scanner.

🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

Snoop — инструмент разведки на основе открытых данных (OSINT world)

A toolkit for Security Researchers

Open source all-in-one CLI tool to semi-automate pentesting.

Argus Advanced Remote & Local Keylogger For macOS and Windows

K8Cscan大型内网渗透自定义插件化扫描神器，包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用，程序采用多线程批量扫描大型内网多个IP段C段主机，目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本，支持Cobalt Strike联动

The ONLY hacker friendly proxy for webapp pentests.

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

pentest framework

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer

Blazy is a modern login bruteforcer which also tests for CSRF, Clickjacking, Cloudflare and WAF .

Discover internet-wide misconfigurations while drinking coffee

Biu-framework🚀 Security Scan Framework For Enterprise Intranet Based Services(企业内网基础服务安全扫描框架)

🔎 Most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Address, Emails, Websites, Organizations.

scan for NTLM directories

A high performance offensive security tool for reconnaissance and vulnerability scanning

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

Log4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.

A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.

A tool that scans archives to check for vulnerable log4j versions

🖖 Fast, modern, easy-to-use network scanner

Lists of affected components and affected apps/vendors by CVE-2021-44228 (aka Log4shell or Log4j RCE). This list is meant as a resource for security responders to be able to find and address the vulnerability

Pentest: Subdomains enumeration tool for penetration testers.

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

A Proof-Of-Concept for the CVE-2021-44228 vulnerability.

A tool for detect&exploit vmware product log4j(cve-2021-44228) vulnerability.Support VMware HCX/vCenter/NSX/Horizon/vRealize Operations Manager

Search a filesystem for indicators of compromise (IoC).

Stamp your code with a trackable digital copyright

一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense.

Framework For Exploring kernel vulnerabilities, network vulnerabilities ✨

An Awesome List of Log4Shell resources to help you stay informed and secure! 🔒

OWASP WEB Directory Scanner

Mass scan IPs for vulnerable services

A list of useful payloads for Web Application Security and Pentest/CTF

A tool for generating reverse shell payloads on the fly.