log4shell-finderFastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excellent performance and low memory footprint.
Stars: ✭ 22 (-42.11%)
log4jscanwinLog4j Vulnerability Scanner for Windows
Stars: ✭ 142 (+273.68%)
nmap-log4shellNmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)
Stars: ✭ 54 (+42.11%)
log4j-detectorLog4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too!
Stars: ✭ 622 (+1536.84%)
awesome-log4shellAn Awesome List of Log4Shell resources to help you stay informed and secure! 🔒
Stars: ✭ 194 (+410.53%)
cloudrasp-log4j2一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense.
Stars: ✭ 105 (+176.32%)
log4shell-toolsTool that runs a test to check whether one of your applications is affected by the recent vulnerabilities in log4j: CVE-2021-44228 and CVE-2021-45046
Stars: ✭ 55 (+44.74%)
ArissploitArissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.
Stars: ✭ 114 (+200%)
KillshotA Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner
Stars: ✭ 237 (+523.68%)
log4shelldetectRapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or "that Log4j JNDI exploit" by inspecting the class paths inside files
Stars: ✭ 40 (+5.26%)
log4j-cve-2021-44228Ansible detector scanner playbook to verify target Linux hosts using the official Red Hat Log4j detector script RHSB-2021-009 Remote Code Execution - log4j (CVE-2021-44228)
Stars: ✭ 58 (+52.63%)
log4jshieldLog4j Shield - fast ⚡, scalable and easy to use Log4j vulnerability CVE-2021-44228 finder and patcher
Stars: ✭ 13 (-65.79%)
Xray一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Stars: ✭ 6,218 (+16263.16%)
HackLog4j《HackLog4j-永恒之恶龙》致敬全宇宙最无敌的Java日志库!Tribute to the most invincible Java logging library in the universe!
Stars: ✭ 161 (+323.68%)
Log4j-RCE-ScannerRemote command execution vulnerability scanner for Log4j.
Stars: ✭ 200 (+426.32%)
log4jpwnlog4j rce test environment and poc
Stars: ✭ 306 (+705.26%)
Gopoc用cel-go重现了长亭xray的poc检测功能的轮子
Stars: ✭ 124 (+226.32%)
Log4jPatcherA mitigation for CVE-2021-44228 (log4shell) that works by patching the vulnerability at runtime. (Works with any vulnerable java software, tested with java 6 and newer)
Stars: ✭ 43 (+13.16%)
L4shLog4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.
Stars: ✭ 260 (+584.21%)
astam-correlatorVulnerability consolidation and management tool, enhances scan results by merging different findings of the same weakness across multiple static/dynamic scans
Stars: ✭ 22 (-42.11%)
ezEmuSee adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)
Stars: ✭ 89 (+134.21%)
gvm-toolsRemote control your Greenbone Community Edition or Greenbone Enterprise Appliance
Stars: ✭ 143 (+276.32%)
FIDLA sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research
Stars: ✭ 421 (+1007.89%)
Vm4JA tool for detect&exploit vmware product log4j(cve-2021-44228) vulnerability.Support VMware HCX/vCenter/NSX/Horizon/vRealize Operations Manager
Stars: ✭ 126 (+231.58%)
log4j-log4shell-affectedLists of affected components and affected apps/vendors by CVE-2021-44228 (aka Log4shell or Log4j RCE). This list is meant as a resource for security responders to be able to find and address the vulnerability
Stars: ✭ 49 (+28.95%)
log4j-snifferA tool that scans archives to check for vulnerable log4j versions
Stars: ✭ 180 (+373.68%)
dheaterD(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.
Stars: ✭ 142 (+273.68%)
gradejsGradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.
Stars: ✭ 362 (+852.63%)
cve-2016-1764Extraction of iMessage Data via XSS
Stars: ✭ 52 (+36.84%)
Links-QAСборная солянка полезных ссылок для QA/тестировщика. Ссылки будут постоянно пополняться.
Stars: ✭ 42 (+10.53%)
slf4j-timberSLF4J binding for Jake Wharton's Timber Android logging library
Stars: ✭ 44 (+15.79%)
rsGenrsGen is a Reverse Shell Payload Generator for hacking.
Stars: ✭ 71 (+86.84%)
ErRabbitRemote logging console server using Log4j. Visual exception stackTrace log view.
Stars: ✭ 48 (+26.32%)
weblogic honeypotWebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the Oracle WebLogic Server component of Oracle Fusion Middleware. This is a Remote Code Execution vulnerability.
Stars: ✭ 30 (-21.05%)
VulnogramVulnogram is a tool for creating and editing CVE information in CVE JSON format
Stars: ✭ 103 (+171.05%)
telegram-logSend a Telegram message when your scripts fire an exception or when they finish their execution.
Stars: ✭ 16 (-57.89%)
overflowA command-line tool for exploiting stack-based buffer overflow vulnerabilities.
Stars: ✭ 66 (+73.68%)
log4j-shell-pocA Proof-Of-Concept for the CVE-2021-44228 vulnerability.
Stars: ✭ 1,536 (+3942.11%)
java-reverse-tcpJAR, Java, and JSP shells that work on Linux OS, macOS, and Windows OS.
Stars: ✭ 19 (-50%)
lunasecLunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Stars: ✭ 1,261 (+3218.42%)
log4j-scannerlog4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.
Stars: ✭ 1,212 (+3089.47%)
fix4log4jNo description or website provided.
Stars: ✭ 21 (-44.74%)
akka-log4jLogging backend for Akka based on Log4j
Stars: ✭ 28 (-26.32%)
vrt-rubyRuby library for interacting with Bugcrowd's VRT
Stars: ✭ 15 (-60.53%)
TerminalConsoleAppenderJLine 3 appender for Log4j2, allows extending command line apps using colors and command completion
Stars: ✭ 49 (+28.95%)
NIST-to-TechAn open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Stars: ✭ 61 (+60.53%)
cdCloudDefense.ai is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross-site scripting and other exploitable vulnerabilities.
Stars: ✭ 33 (-13.16%)
loggersAbstract logging for Golang projects. A kind of log4go in the spirit of log4j
Stars: ✭ 17 (-55.26%)
ldap-log一个LDAP请求监听器,摆脱dnslog平台和java
Stars: ✭ 33 (-13.16%)
log4khttps://proandroiddev.com/logging-in-kotlin-8ecfb97a4840
Stars: ✭ 12 (-68.42%)