log4shell-finderFastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excellent performance and low memory footprint.
Stars: ✭ 22 (-59.26%)
log4jscanwinLog4j Vulnerability Scanner for Windows
Stars: ✭ 142 (+162.96%)
NSE-scriptsNSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473
Stars: ✭ 105 (+94.44%)
log4shell-toolsTool that runs a test to check whether one of your applications is affected by the recent vulnerabilities in log4j: CVE-2021-44228 and CVE-2021-45046
Stars: ✭ 55 (+1.85%)
log4j-detectorLog4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too!
Stars: ✭ 622 (+1051.85%)
VulscanAdvanced vulnerability scanning with Nmap NSE
Stars: ✭ 2,305 (+4168.52%)
log4shelldetectRapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or "that Log4j JNDI exploit" by inspecting the class paths inside files
Stars: ✭ 40 (-25.93%)
HackLog4j《HackLog4j-永恒之恶龙》致敬全宇宙最无敌的Java日志库!Tribute to the most invincible Java logging library in the universe!
Stars: ✭ 161 (+198.15%)
safelog4jSafelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading
Stars: ✭ 38 (-29.63%)
Log4jPatcherA mitigation for CVE-2021-44228 (log4shell) that works by patching the vulnerability at runtime. (Works with any vulnerable java software, tested with java 6 and newer)
Stars: ✭ 43 (-20.37%)
log4jshieldLog4j Shield - fast ⚡, scalable and easy to use Log4j vulnerability CVE-2021-44228 finder and patcher
Stars: ✭ 13 (-75.93%)
Log4j-RCE-ScannerRemote command execution vulnerability scanner for Log4j.
Stars: ✭ 200 (+270.37%)
log4j-cve-2021-44228Ansible detector scanner playbook to verify target Linux hosts using the official Red Hat Log4j detector script RHSB-2021-009 Remote Code Execution - log4j (CVE-2021-44228)
Stars: ✭ 58 (+7.41%)
cloudrasp-log4j2一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense.
Stars: ✭ 105 (+94.44%)
awesome-log4shellAn Awesome List of Log4Shell resources to help you stay informed and secure! 🔒
Stars: ✭ 194 (+259.26%)
log4jpwnlog4j rce test environment and poc
Stars: ✭ 306 (+466.67%)
ivreNetwork recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!
Stars: ✭ 2,712 (+4922.22%)
log4j-log4shell-affectedLists of affected components and affected apps/vendors by CVE-2021-44228 (aka Log4shell or Log4j RCE). This list is meant as a resource for security responders to be able to find and address the vulnerability
Stars: ✭ 49 (-9.26%)
LogMePwnA fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.
Stars: ✭ 362 (+570.37%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+607.41%)
default-http-login-hunterLogin hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.
Stars: ✭ 285 (+427.78%)
log4j-shell-pocA Proof-Of-Concept for the CVE-2021-44228 vulnerability.
Stars: ✭ 1,536 (+2744.44%)
hassh-utilshassh-utils: Nmap NSE Script and Docker image for HASSH - the SSH client/server fingerprinting method (https://github.com/salesforce/hassh)
Stars: ✭ 41 (-24.07%)
logmapLog4j jndi injection fuzz tool
Stars: ✭ 60 (+11.11%)
ObsidianSailboatNmap and NSE command line wrapper in the style of Metasploit
Stars: ✭ 36 (-33.33%)
nseNmap NSE scripts
Stars: ✭ 23 (-57.41%)
L4shLog4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.
Stars: ✭ 260 (+381.48%)
IvreNetwork recon framework, published by @cea-sec & @ANSSI-FR. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!
Stars: ✭ 2,331 (+4216.67%)
Vm4JA tool for detect&exploit vmware product log4j(cve-2021-44228) vulnerability.Support VMware HCX/vCenter/NSX/Horizon/vRealize Operations Manager
Stars: ✭ 126 (+133.33%)
Htrace.shMy simple Swiss Army knife for http/https troubleshooting and profiling.
Stars: ✭ 3,465 (+6316.67%)
python-log4rceAn All-In-One Pure Python PoC for CVE-2021-44228
Stars: ✭ 179 (+231.48%)
rest-apiREST API backend for Reconmap
Stars: ✭ 48 (-11.11%)
log4j-snifferA tool that scans archives to check for vulnerable log4j versions
Stars: ✭ 180 (+233.33%)
FaradayFaraday introduces a new concept - IPE (Integrated Penetration-Test Environment) a multiuser Penetration test IDE. Designed for distributing, indexing, and analyzing the data generated during a security audit.
Stars: ✭ 3,198 (+5822.22%)
log4j-scannerlog4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.
Stars: ✭ 1,212 (+2144.44%)
dnstakeDNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover
Stars: ✭ 723 (+1238.89%)
gradejsGradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.
Stars: ✭ 362 (+570.37%)
PTEyePhantom eye——A passive business logic vulnerability auditing tool
Stars: ✭ 55 (+1.85%)
apachrotApache (Linux) CVE-2021-41773/2021-42013 Mass Vulnerability Checker
Stars: ✭ 21 (-61.11%)
slf4j-timberSLF4J binding for Jake Wharton's Timber Android logging library
Stars: ✭ 44 (-18.52%)
rsGenrsGen is a Reverse Shell Payload Generator for hacking.
Stars: ✭ 71 (+31.48%)
telegram-logSend a Telegram message when your scripts fire an exception or when they finish their execution.
Stars: ✭ 16 (-70.37%)
sgCheckupsgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.
Stars: ✭ 77 (+42.59%)
TraditionalMitigationTraditional Mitigation in GCC to defend Memory Corruption Vulnerability
Stars: ✭ 16 (-70.37%)
selenium BDD frameworkBehavioural driven development UI automation framework using selenium, cucumber-java, testng, maven, phantomjs
Stars: ✭ 34 (-37.04%)
VulnogramVulnogram is a tool for creating and editing CVE information in CVE JSON format
Stars: ✭ 103 (+90.74%)
lunasecLunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Stars: ✭ 1,261 (+2235.19%)
nmap-formatterA tool that allows you to convert NMAP results to html, csv, json, markdown, graphviz (dot). Simply put it's nmap converter.
Stars: ✭ 129 (+138.89%)
overflowA command-line tool for exploiting stack-based buffer overflow vulnerabilities.
Stars: ✭ 66 (+22.22%)
vrt-rubyRuby library for interacting with Bugcrowd's VRT
Stars: ✭ 15 (-72.22%)
loggersAbstract logging for Golang projects. A kind of log4go in the spirit of log4j
Stars: ✭ 17 (-68.52%)
aemscanAdobe Experience Manager Vulnerability Scanner
Stars: ✭ 161 (+198.15%)
Recon-XAdvanced Reconnaissance tool to enumerate attacking surface of the target.
Stars: ✭ 27 (-50%)