log4shell_scanner
Scans all drives for log4j jar files and gets their version from the manifest. Windows and Windows Server only.
Scans all drives for log4j jar files and gets their version from the manifest
Overview
You might also like...
Log4j-Scanner with Bind-Receipt and custom hostnames
Hrafna - Log4j-Scanner for the masses Features Scanning-system designed to check your own infra for vulnerable log4j-installations start and stop scan
18 Jan 23, 2022
Log4j rce test environment and poc
log4jpwn log4j rce test environment See: https://www.lunasec.io/docs/blog/log4j-zero-day/ Experiments to trigger in various software products mentione
307 Dec 24, 2022
Provides script to download and format public IP lists related to the Log4j exploit.
Provides script to download and format public IP lists related to the Log4j exploit. Current format includes: plain list, Cisco ASA Network Group.
1 Jan 2, 2022
This python script will automate the testing for the Log4J vulnerability for HTTP and HTTPS connections.
Log4J-Huntress-Automate-Script This python script will automate the testing for the Log4J vulnerability for HTTP and HTTPS connections. Pre-Requisits
1 Dec 16, 2021
A scanner and a proof of sample exploit for log4j RCE CVE-2021-44228
1.Create a Sample Vulnerable Application . 2.Start a netcat listner . 3.Run the exploit . 5.Use jdk1.8.0_20 for better results . Exploit-db - https://
7 Aug 6, 2022
Visibility and Mitigation for Log4J vulnerabilities
Visibility and Mitigation for Log4J vulnerabilities Several scripts for the visibility and mitigation of Log4J vulnerabilities. Static Scanner - Linux
15 May 21, 2022
A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts
log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs. Fuzzing for more
4 Aug 8, 2022
This project is all about building an amazing application that will help users manage their passwords and even generate new passwords for them
An amazing application that will help us manage our passwords and even generate new passwords for us.
1 Jan 23, 2022
Northwave Log4j CVE-2021-44228 checker
Northwave Log4j CVE-2021-44228 checker Friday 10 December 2021 a new Proof-of-Concept 1 addressing a Remote code Execution (RCE) vulnerability in the
125 Dec 9, 2022
Releases(v2.4)
-
v2.4(Dec 29, 2021)
Improved speed, added rudimentary nesting detection
Source code(tar.gz)
Source code(zip)
log4shell_scanner.exe(9.29 MB)
-
v2.3(Dec 21, 2021)
improved threading safety and speed
Full Changelog: https://github.com/louckazdenekjr/log4shell_scanner/compare/v2.21...v2.3
Source code(tar.gz)
Source code(zip)
log4shell_scanner.exe(9.29 MB)
-
v2.21(Dec 20, 2021)
added restart, visual fixes
Full Changelog: https://github.com/louckazdenekjr/log4shell_scanner/compare/v2.2...v2.21
Source code(tar.gz)
Source code(zip)
log4shell_scanner.exe(9.29 MB)
-
v2.2(Dec 19, 2021)
Source code(tar.gz)removed Please use a newer version from https://github.com/louckazdenekjr/log4shell_scanner/releases
Source code(zip)
BurpSuite Extension: Log4j2 RCE Scanner
Log4j2 RCE Scanner 作者:[email protected]元亨实验室 声明:由于传播、利用本项目所提供的信息而造成的任何直接或者间接的后果及损失,均由使用者本人负责,项目作者不为此承担任何责
87 Dec 29, 2021
Spray365 is a password spraying tool that identifies valid credentials for Microsoft accounts (Office 365 / Azure AD).
What is Spray365? Spray365 is a password spraying tool that identifies valid credentials for Microsoft accounts (Office 365 / Azure AD). How is Spray3
246 Dec 28, 2022
Rouge Spammers with a mission to disrupt the peace of the valley ? Fear not we will STOMP the Spammers
Rouge Spammers with a mission to disrupt the peace of the valley ? Fear not we will STOMP the Spammers New Update : adding 'on-review' tag on an issue
13 Sep 19, 2021
A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.
📂 Public Bug Bounty Targets Data By BugBountyResources A collection of over 5.1M sub-domains and assets belonging to bug bounty targets, all put in a
87 Dec 13, 2022
Use scrapli to retrieve security zone information from a Juniper SRX firewall
Get Security Zones with Scrapli Overview This example will show how to retrieve security zone information on Juniper's SRX firewalls. In addition to t
2 Jun 19, 2022
Mr.Holmes is a information gathering tool (OSINT)
🔍 Mr.Holmes Mr.Holmes is a information gathering tool (OSINT). Is main purpose is to gain information about domains,username and phone numbers with t
534 Jan 08, 2023
GitLab CE/EE Preauth RCE using ExifTool
CVE-2021-22205 GitLab CE/EE Preauth RCE using ExifTool This project is for learning only, if someone's rights have been violated, please contact me to
164 Dec 10, 2022
NexScanner is a tool which allows you to scan a website and find the admin login panel and sub-domains
NexScanner NexScanner is a tool which helps you scan a website for sub-domains and also to find login pages in the website like the admin login panel
8 Sep 03, 2022
A simple automatic tool for finding vulnerable log4j hosts
Log4Scan A simple automatic tool for finding vulnerable log4j hosts Installation pip3 install -r requirements.txt Usage usage: log4scan.py [-h] (-f FI
6 Mar 10, 2022
Docker is an open platform for developing, shipping, and running applications OS-level virtualization to deliver software in packages called containers However, 'security' is a top request on Docker's public roadmap This project aims at vulnerability check for such docker containers. New contributions are accepted
Docker-Vulnerability-Check Docker is an open platform for developing, shipping, and running applications OS-level virtualization to deliver software i
103 Aug 20, 2022
Exploit-CVE-2021-21086
CVE-2021-21086 Exploit This exploit allows to execute a shellcode in the context of the rendering process of Adobe Acrobat Reader DC 2020.013.20074 an
23 Nov 09, 2022
A Safer PoC for CVE-2022-22965 (Spring4Shell)
Safer_PoC_CVE-2022-22965 A Safer PoC for CVE-2022-22965 (Spring4Shell) Functionality Creates a file called CVE_2022-22965_exploited.txt in the tomcat
46 Nov 12, 2022
CVE-2021-26084 - Confluence Pre-Auth RCE OGNL injection
CVE-2021-26084 - Confluence Pre-Auth RCE OGNL injection Usage usage: cve-2021-26084_confluence_rce.py [-h] --url URL [--cmd CMD] [--shell] CVE-2021-2
92 Jul 20, 2022
DomainMonitor is a web project that has a RESTful API to get a domain's subdomains and whois data.
DomainMonitor is a web project that has a RESTful API to get a domain's subdomains and whois data.
2 Feb 05, 2022
proxyshell payload generate
Py Permutative Encoding https://docs.microsoft.com/en-us/openspecs/office_file_formats/ms-pst/5faf4800-645d-49d1-9457-2ac40eb467bd Generate proxyshell
63 Nov 15, 2022
Big-Papa Integrates Javascript and python for remote cookie stealing which then can be used for session hijacking
Big-Papa is a remote cookie stealer which can then be used for session hijacking and Bypassing 2 Factor Authentication
77 Jan 03, 2023
Auerswald COMpact 8.0B Backdoors exploit
CVE-2021-40859 Auerswald COMpact 8.0B Backdoors exploit About Backdoors were discovered in Auerswald COMpact 5500R 7.8A and 8.0B devices, that allow a
6 Sep 22, 2022
Burp Extensions
Burp Extensions This is a collection of extensions to Burp Suite that I have written. getAllParams.py - Version 1.2 This is a python extension that ru
364 Dec 30, 2022
Tinyman exploit finder - Tinyman exploit finder for python
tinyman_exploit_finder There was a big tinyman exploit. You can read about it he
9 Dec 27, 2022
Learning to compose soft prompts for compositional zero-shot learning.
Compositional Soft Prompting (CSP) Compositional soft prompting (CSP), a parameter-efficient learning technique to improve the zero-shot compositional
32 Jan 02, 2023