scan4log4j
Python script that sends CVE-2021-44228 log4j payload requests to url list
[VERY BETA]
using
- Supply your url list to urls.txt
- Put your payload(s) in payloads.txt
- (Optional) add more headers in headers.txt
- Run
./scan4log4j.py
Python script that sends CVE-2021-44228 log4j payload requests to url list
Overview
This repository detects a system vulnerable to CVE-2022-21907 and protects against this vulnerability if desired
This repository detects a system vulnerable to CVE-2022-21907 and protects against this vulnerability if desired
26 Dec 26, 2022
CVE-2021-22205& GitLab CE/EE RCE
Vuln Impact An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files tha
213 Dec 30, 2022
Tool to check if your DNS comply to Polish Ministry of Finance gambling domains restrictions
dns-mf-hazard Tool to check if your DNS comply to Polish Ministry of Finance gambling domains restrictions How to use it? Installation You need python
2 Jan 01, 2022
version de mi tool de kali linux para miertuxzzzz digo, termux >:)
Msf-Tool 1.0 Termux apt install git -y apt install python apt install python3 apt install python3-pip apt install metasploit ---- ---- git clone ht
1 Feb 20, 2022
A scanner and a proof of sample exploit for log4j RCE CVE-2021-44228
1.Create a Sample Vulnerable Application . 2.Start a netcat listner . 3.Run the exploit . 5.Use jdk1.8.0_20 for better results . Exploit-db - https://
7 Aug 06, 2022
DomainMonitor is a web project that has a RESTful API to get a domain's subdomains and whois data.
DomainMonitor is a web project that has a RESTful API to get a domain's subdomains and whois data.
2 Feb 05, 2022
Consolidating and extending hosts files from several well-curated sources. You can optionally pick extensions to block pornography, social media, and other categories.
Take Note! With the exception of issues and PRs regarding changes to hosts/data/StevenBlack/hosts, all other issues regarding the content of the produ
22.1k Jan 02, 2023
Uncover the full name of a target on Linkedin.
Revealin Uncover the full name of a target on Linkedin. It's just a little PoC exploiting a design flaw. Useful for OSINT. Screenshot Usage $ git clon
129 Dec 21, 2022
adb - A tool that allows you to search for vulnerable android devices across the world and exploit them.
adb - An exploitation tool for android devices. A tool that allows you to search for vulnerable android devices across the world and exploit them. Fea
136 Jan 02, 2023
CVE-2022-22963 PoC
CVE-2022-22963 CVE-2022-22963 PoC Slight modified for English translation and detection of https://github.com/chaosec2021/Spring-cloud-function-SpEL-R
104 Dec 08, 2022
GitLab CI security tools runner
Common Security Pipeline Описание проекта: Данный проект является вариантом реализации DevSecOps практик, на базе: GitLab DefectDojo OpenSouce tools g
14 Dec 23, 2022
对naabu的端口扫描结果,调用nmap进行指纹识别
naabu2nmap 对naabu的端口扫描结果,调用nmap进行指纹识别
12 Nov 22, 2022
MainCoon - an automated recon framework
MainCoon is an automated recon framework meant for gathering information during penetration testing of web applications.
8 Aug 26, 2022
Writing and posting code throughout my new journey into python!
bootleg-productions consider this account to be a journal for me to record my progress throughout my python journey feel free to copy codes from this
1 Dec 30, 2021
💣 Bomb Crypto Bot 💣
💣 Bomb Crypto Bot 💣 ⚠️ Warning I am not responsible for any penalties incurred by those who use the bot, use it at your own risk. 📄 Documentation -
4 Apr 27, 2022
Scan your logs for CVE-2021-44228 related activity and report the attackers
jndiRep - CVE-2021-44228 Basically a bad grep on even worse drugs. search for malicious strings decode payloads print results to stdout or file report
2 Nov 24, 2022
Port scanner tool with easy installation
ort scanner tool with easy installation! Python programming language is used and The text in the program is Georgian 3
2 Mar 24, 2022
client attack remotely , this script was written for educational purposes only
client attack remotely , this script was written for educational purposes only, do not use against to any victim, which you do not have permission for it
9 Jun 05, 2022
This script checks for any possible SSRF dns/http interactions in xmlrpc.php pingback feature
rpckiller This script checks for any possible SSRF dns/http interactions in xmlrpc.php pingback feature and with that you can further try to escalate
33 Sep 23, 2022
CVE-2022-22965 - CVE-2010-1622 redux
CVE-2022-22965 - vulnerable app and PoC Trial & error $ docker rm -f rce; docker build -t rce:latest . && docker run -d -p 8080:8080 --name rce rce:la
20 Aug 25, 2022