Searches filesystem for CVE-2021-44228 and CVE-2021-45046 vulnerable instances of log4j library, including embedded (jar/war/zip) packaged ones.

Related tags

Security related resourceslog4jcve-2021-44228log4shellcve-2021-45046
Overview

log4shell_finder

Python port of https://github.com/mergebase/log4j-detector log4j-detector is copyright (c) 2021 - MergeBase Software Inc. https://mergebase.com/

Detects Log4J versions on your file-system within any application that are vulnerable to CVE-2021-44228 and CVE-2021-45046. It is able to even find instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Python runs, too!

Currently reports log4j-core versions 2.12.2 and 2.17.0 as SAFE, 2.16.0 as NOTOKAY and all other versions as VULNERABLE (although it does report pre-2.0-beta9 as "MAYBESAFE").

log4j v1.x may appear in the log either as OLDUNSAFE or OLDSAFE depending on presence of JMSAppender.class.

Can correctly detect log4j inside executable spring-boot jars/wars, dependencies blended into uber jars, shaded jars, and even exploded jar files just sitting uncompressed on the file-system (aka *.class).

It can also handle shaded class files - extensions .esclazz (elastic) and .classdata (Azure).

Changelog

Version 1.6-20211221

  • added checks for JMSAppender.class within log4j v1.x instances

Version 1.5-20211220

  • fixed bug where --exclude-dirs skipped the given directory, but not it's subdirectories

Version 1.4-20211220

  • added option --same-fs to skip mounted volumes while scanning.
  • findings can be saved in json format with --json-out <filename>
  • skip folder with --exclude-dirs DIR [DIR ...] parameter
  • use - as folder name to source folder names from stdin, e.g. echo "/home" | test_log4shell.py -

Version 1.3-20211219

  • handle elastic's SHADED_CLASS_EXTENSION ".esclazz"

Version 1.2-20211219

  • get exact log4j version from pom.properties

Usage

Either run from a python interpreter or use the Windows/Linux binaries from the dist folder.

# ./test_log4shell.py --help
usage:  Type "test_log4shell.py --help" for more information
        On Windows "test_log4shell.py c:\ d:\"
        On Linux "test_log4shell.py /"

Searches file system for vulnerable log4j version.

positional arguments:
  folders               List of folders or files to scan. Use "-" to read list of files from stdin.

optional arguments:
  -h, --help            show this help message and exit
  --exclude-dirs DIR [DIR ...]
                        Don't search directories containing these strings (multiple supported)
  --same-fs             Don't scan mounted volumens.
  --json-out [FILENAME]
                        Save results to json file.
  -d, --debug           Increase verbosity, mainly for debugging purposes.

Does not require any extra python libraries.

Compile binaries

The binaries were produces with:

pip install pyinstaller
pyinstaller -F ./test_log4shell.py

Sample run

# ./test_log4shell.py ../war/ --exclude-dirs /mnt --same-fs
[2021-12-21 11:16:43,373] [INFO] [I] Starting ./test_log4shell.py ver. 1.6-20211220
[2021-12-21 11:16:43,408] [INFO] [I] Parameters: ./test_log4shell.py ../war/ --exclude-dirs /mnt --same-fs
[2021-12-21 11:16:43,416] [INFO] [I] 'hostname': '<redacted>', 'fqdn': '<redacted>', 'ip': '<redacted>', 'system': 'Linux', 'release': '5.4.0-58-generic', 'version': '#64-Ubuntu SMP Wed Dec 9 08:16:25 UTC 2020', 'machine': 'x86_64', 'cpu': 'x86_64'
[2021-12-21 11:16:43,416] [INFO] [I] Analyzing paths (could take a long time).
[2021-12-21 11:16:43,776] [INFO] [*] [MAYBESAFE] Package /home/hynek/war/elastic-apm-java-aws-lambda-layer-1.28.1.zip:elastic-apm-agent-1.28.1.jar contains Log4J-2.12.1 <= 2.0-beta8 (JndiLookup.class not present)
[2021-12-21 11:16:43,850] [INFO] [*] [MAYBESAFE] Package /home/hynek/war/elastic-apm-agent-1.28.1.jar contains Log4J-2.12.1 <= 2.0-beta8 (JndiLookup.class not present)
[2021-12-21 11:16:43,916] [INFO] [+] [VULNERABLE] Package /home/hynek/war/spring-boot-application.jar:BOOT-INF/lib/log4j-core-2.14.1.jar contains Log4J-2.14.1 >= 2.10.0
[2021-12-21 11:16:44,288] [INFO] [+] [VULNERABLE] Package /home/hynek/war/apache-log4j-2.14.0-bin.zip:apache-log4j-2.14.0-bin/log4j-core-2.14.0.jar contains Log4J-2.14.0 >= 2.10.0
[2021-12-21 11:16:44,335] [INFO] [*] [STRANGE] Package /home/hynek/war/apache-log4j-2.14.0-bin.zip:apache-log4j-2.14.0-bin/log4j-core-2.14.0-sources.jar contains pom.properties for Log4J-2.14.0, but classes missing
[2021-12-21 11:16:44,557] [INFO] [*] [STRANGE] Package /home/hynek/war/apache-log4j-2.14.0-bin.zip:apache-log4j-2.14.0-bin/log4j-core-2.14.0-tests.jar contains pom.properties for Log4J-2.14.0, but classes missing
[2021-12-21 11:16:44,659] [INFO] [+] [OLDUNSAFE] Package /home/hynek/war/log4j-samples/old-hits/log4j-1.1.3.jar contains Log4J-1.x <= 1.2.17, JMSAppender.class found
[2021-12-21 11:16:44,664] [INFO] [+] [OLDUNSAFE] Package /home/hynek/war/log4j-samples/old-hits/log4j-1.2.17.jar contains Log4J-1.2.17 <= 1.2.17, JMSAppender.class found
[2021-12-21 11:16:44,668] [INFO] [*] [MAYBESAFE] Package /home/hynek/war/log4j-samples/old-hits/log4j-core-2.0-beta2.jar contains Log4J-2.0-beta2 <= 2.0-beta8 (JndiLookup.class not present)
[2021-12-21 11:16:44,670] [INFO] [+] [OLDUNSAFE] Folder /home/hynek/war/log4j-samples/old-hits/log4j-1.2.17/org/apache/log4j contains Log4J-1.x <= 1.2.17, JMSAppender.class found
[2021-12-21 11:16:44,694] [INFO] [+] [VULNERABLE] Package /home/hynek/war/log4j-samples/true-hits/log4j-core-2.15.0.jar contains Log4J-2.15.0 == 2.15.0
[2021-12-21 11:16:44,706] [INFO] [+] [VULNERABLE] Package /home/hynek/war/log4j-samples/true-hits/log4j-core-2.9.1.jar contains Log4J-2.9.1 >= 2.0-beta9 (< 2.10.0)
[2021-12-21 11:16:44,718] [INFO] [+] [VULNERABLE] Package /home/hynek/war/log4j-samples/true-hits/log4j-core-2.10.0.zip contains Log4J-2.10.0 >= 2.10.0
[2021-12-21 11:16:44,725] [INFO] [+] [VULNERABLE] Package /home/hynek/war/log4j-samples/true-hits/log4j-core-2.0-beta9.jar contains Log4J-2.0-beta9 >= 2.0-beta9 (< 2.10.0)
[2021-12-21 11:16:44,737] [INFO] [+] [VULNERABLE] Package /home/hynek/war/log4j-samples/true-hits/log4j-core-2.10.0.jar contains Log4J-2.10.0 >= 2.10.0
[2021-12-21 11:16:44,818] [INFO] [+] [VULNERABLE] Package /home/hynek/war/log4j-samples/true-hits/uber/infinispan-embedded-query-8.2.12.Final.jar contains Log4J-2.5 >= 2.0-beta9 (< 2.10.0)
[2021-12-21 11:16:44,966] [INFO] [+] [VULNERABLE] Folder /home/hynek/war/log4j-samples/true-hits/uber/expanded/org/apache/logging/log4j/core contains Log4J-2.x >= 2.0-beta9 (< 2.10.0)
[2021-12-21 11:16:45,094] [INFO] [+] [VULNERABLE] Package /home/hynek/war/log4j-samples/true-hits/shaded/clt-1.0-SNAPSHOT.jar contains Log4J-2.14.1 >= 2.10.0
[2021-12-21 11:16:45,108] [INFO] [+] [VULNERABLE] Folder /home/hynek/war/log4j-samples/true-hits/shaded/expanded/clt/shaded/l/core contains Log4J-2.x >= 2.10.0
[2021-12-21 11:16:45,150] [INFO] [+] [VULNERABLE] Folder /home/hynek/war/log4j-samples/true-hits/exploded/2.12.1/org/apache/logging/log4j/core contains Log4J-2.x >= 2.10.0
[2021-12-21 11:16:46,054] [INFO] [+] [VULNERABLE] Package /home/hynek/war/log4j-samples/true-hits/springboot-executable/spiff-0.0.1-SNAPSHOT.zip:WEB-INF/lib/log4j-core-2.10.0.jar contains Log4J-2.10.0 >= 2.10.0
[2021-12-21 11:16:47,528] [INFO] [+] [VULNERABLE] Package /home/hynek/war/log4j-samples/true-hits/springboot-executable/spiff-0.0.1-SNAPSHOT.jar:WEB-INF/lib/log4j-core-2.10.0.jar contains Log4J-2.10.0 >= 2.10.0
[2021-12-21 11:16:48,999] [INFO] [+] [VULNERABLE] Package /home/hynek/war/log4j-samples/true-hits/springboot-executable/spiff-0.0.1-SNAPSHOT.ear:WEB-INF/lib/log4j-core-2.10.0.jar contains Log4J-2.10.0 >= 2.10.0
[2021-12-21 11:16:50,449] [INFO] [+] [VULNERABLE] Package /home/hynek/war/log4j-samples/true-hits/springboot-executable/spiff-0.0.1-SNAPSHOT.war:WEB-INF/lib/log4j-core-2.10.0.jar contains Log4J-2.10.0 >= 2.10.0
[2021-12-21 11:16:51,044] [INFO] [+] [NOTOKAY] Package /home/hynek/war/log4j-samples/false-hits/log4j-core-2.16.0.jar contains Log4J-2.16.0 == 2.16.0
[2021-12-21 11:16:51,058] [INFO] [-] [SAFE] Package /home/hynek/war/log4j-samples/false-hits/log4j-core-2.12.2.jar contains Log4J-2.12.2 == 2.12.2
[2021-12-21 11:16:51,223] [INFO] [-] [SAFE] Package /home/hynek/war/log4j-samples/false-hits/apache-log4j-2.17.0-bin.zip:apache-log4j-2.17.0-bin/log4j-core-2.17.0.jar contains Log4J-2.17.0 >= 2.17.0
[2021-12-21 11:16:51,266] [INFO] [*] [STRANGE] Package /home/hynek/war/log4j-samples/false-hits/apache-log4j-2.17.0-bin.zip:apache-log4j-2.17.0-bin/log4j-core-2.17.0-sources.jar contains pom.properties for Log4J-2.17.0, but classes missing
[2021-12-21 11:16:51,477] [INFO] [*] [STRANGE] Package /home/hynek/war/log4j-samples/false-hits/apache-log4j-2.17.0-bin.zip:apache-log4j-2.17.0-bin/log4j-core-2.17.0-tests.jar contains pom.properties for Log4J-2.17.0, but classes missing
[2021-12-21 11:16:51,658] [INFO] [*] [STRANGE] Package /home/hynek/war/log4j-samples/false-hits/apache-log4j-2.17.0-bin/log4j-core-2.17.0-tests.jar contains pom.properties for Log4J-2.17.0, but classes missing
[2021-12-21 11:16:51,681] [INFO] [-] [SAFE] Package /home/hynek/war/log4j-samples/false-hits/apache-log4j-2.17.0-bin/log4j-core-2.17.0.jar contains Log4J-2.17.0 >= 2.17.0
[2021-12-21 11:16:51,691] [INFO] [*] [STRANGE] Package /home/hynek/war/log4j-samples/false-hits/apache-log4j-2.17.0-bin/log4j-core-2.17.0-sources.jar contains pom.properties for Log4J-2.17.0, but classes missing
[2021-12-21 11:16:51,702] [INFO] [-] [SAFE] Folder /home/hynek/war/log4j-samples/false-hits/apache-log4j-2.17.0-bin/exploded/org/apache/logging/log4j/core contains Log4J-2.x >= 2.17.0
[2021-12-21 11:16:51,747] [INFO] [-] [SAFE] Folder /home/hynek/war/log4j-samples/false-hits/exploded/2.12.2/org/apache/logging/log4j/core contains Log4J-2.x == 2.12.2
[2021-12-21 11:16:51,813] [INFO] [+] [VULNERABLE] Package /home/hynek/war/BOOT-INF/lib/log4j-core-2.14.1.jar contains Log4J-2.14.1 >= 2.10.0
[2021-12-21 11:16:51,916] [INFO] [+] [VULNERABLE] Folder /home/hynek/war/BOOT-INF/lib/org/apache/logging/log4j/core contains Log4J-2.x >= 2.10.0
[2021-12-21 11:16:52,013] [INFO] [+] [VULNERABLE] Package /home/hynek/war/app/spring-boot-application.jar:BOOT-INF/lib/log4j-core-2.14.1.jar contains Log4J-2.14.1 >= 2.10.0
[2021-12-21 11:16:52,478] [INFO] [*] [STRANGE] Package /home/hynek/war/apache-log4j-2.14.0-bin/log4j-core-2.14.0-tests.jar contains pom.properties for Log4J-2.14.0, but classes missing
[2021-12-21 11:16:52,507] [INFO] [+] [VULNERABLE] Package /home/hynek/war/apache-log4j-2.14.0-bin/log4j-core-2.14.0.jar contains Log4J-2.14.0 >= 2.10.0
[2021-12-21 11:16:52,530] [INFO] [*] [STRANGE] Package /home/hynek/war/apache-log4j-2.14.0-bin/log4j-core-2.14.0-sources.jar contains pom.properties for Log4J-2.14.0, but classes missing
[2021-12-21 11:16:52,555] [INFO] [+] [OLDUNSAFE] Package /home/hynek/war/HelloLogging/target/whoiscrawler/WEB-INF/lib/log4j-1.2.17.jar contains Log4J-1.2.17 <= 1.2.17, JMSAppender.class found
[2021-12-21 11:16:52,556] [INFO] [I] Finished, found 18 vulnerable or unsafe log4j instances.
Comments
  • Several improvements to the scanner

    Several improvements to the scanner

    Thanks for the scanner, it's great. As part of our use, we have made a few minor improvements to it, maybe they will be useful to everyone.

    1. CVSS score change according to nvd.nist.gov
    2. UTF8 patch, fixes problems on Windows systems with a non-UTF 8 locale installed in path
    3. all new argument, for windows version (close to similar --same-fs on Linux) remove header to --cvs-out, it is not needed when you do multiple system scans, and then combine the file into one. For example, running on a host group (Windows) from a network drive with the parameter log4shell.exe all --csv-out and after scanning the collection to 1 report type *.csv > all.csv (for Windows) cat .csv > all.csv(for Linux)
    4. some changes to cvs output, it becomes more convenient log4shell_1.22.2.6.zip
    opened by trust1345 8
  • Doesn't scale well to multiple CPU cores

    Doesn't scale well to multiple CPU cores

    I've been running this on our AMD Threadripper 2990WX machine and since it took more than 5 minutes, I started to investigate why.

    It looks like the disk is bored and only one CPU core is loaded with 100%, all other cores are also idling.

    I didn't have a look at the source code but maybe a two-pass approach might speed things up:

    • Build a list of all files to be scanned. This probably cannot be parallelized much
    • Go through the list in several threads so it's not just one CPU core doing all the work
    opened by jachstet-sea 5
  • Thanks for implementing --csv-stats. It works a little differently than I expected. Is it possible to correct this.

    Thanks for implementing --csv-stats. It works a little differently than I expected. Is it possible to correct this.

    Thanks for implementing --csv-stats. It works a little differently than I expected. Is it possible to correct this. I liked the proposed implementation. 1 separate row for each host, instead of adding statistics to each row by adding extra columns (when the --csv-stats argument is specified). This approach is better than I originally suggested.

    launched on https://github.com/HynekPetrak/log4shell-finder/commit/75cb4f129110f5da8e8132698ed2b52ad34c405c test_log4shell_1.2120220126.py all --csv-out --no-csv-header --no-error --csv-clean --csv-stats output2.csv output1.csv

    Proposed format output1-expected.csv output2-expected.csv Also in the proposed output, I propose to slightly change the output of --csv-clean, for unification

    thank you in advance.

    opened by trust1345 4
  • Windows:

    Windows: "all" argument to scan all local drives doesn't work on pre-build binary

    Hi,

    I tried the pre-build windows binary from the dist Folder and realized that the all option to scan all local drives (https://github.com/HynekPetrak/log4shell-finder/commit/a5cfac0a1fd5678a8c144e59d0e862d274d08965) doesn't work, no drives where found, so nothing was scanned until I had to defined c:\ d:\ instead.

    I tried to build the binary on my own with pyinstaller and was running into the same issue, by checking the code I assumed that there might be a problem with the win32api and win32file import so drives will become none.

    At least for me it was necessary to run pyinstaller --hidden-import win32api --hidden-import win32file -F ./test_log4shell.py to enforce that those modules will be included in the binary. Afterwards the all option was working as expected, every available drives was found and scanned.

    Cheers Dominik

    opened by wombelix 3
  • CVE-2022-23307 (chainsaw) detection shouldn't depend on CVE-2022-23302 (jmssink)?

    CVE-2022-23307 (chainsaw) detection shouldn't depend on CVE-2022-23302 (jmssink)?

    Hi,

    the detection for CVE-2022-23307 was introduced in commit https://github.com/HynekPetrak/log4shell-finder/commit/b271f275547f2879ca21e57c38150c1fb1bf2c92 and later changed in commit https://github.com/HynekPetrak/log4shell-finder/commit/b04487e92dd361a9cbc98350f42878e884b2c735.

    In the first commit, there was no dependency to any other CVE, in the second one the dependency to JMSSINK was added. As far I understand CVE-2022-23307 and based on my tests, this change / dependency avoids the detection in most cases and therefore should be reverted to the initial state?

    Cheers Dominik

    opened by wombelix 3
  • Please add support argument, for line in the csv report when nothing is found on host

    Please add support argument, for line in the csv report when nothing is found on host

    1 line from the host with the verdict for example CLEAN. It will help for mass rolling scanning of hosts to have also a list of scanned hosts.

    "2022-01-25 00:00:00","1.2120220125","192.192.192.192","localhost.localdomain","Linux","6.x86_64","x86_64","Package","CLEAN","","",""

    opened by trust1345 3
  • Automatic generation of the output file name using the hostname_ip.csv template

    Automatic generation of the output file name using the hostname_ip.csv template

    FR For mass scanning of a host group by a scanner, it would be great if the name of the output file (when using some key) was generated automatically using the hostname_ip.csv template. This will allow you to collect all the received files into one directory (without thinking about the coincidence of file names) and executing, for example cat ./*.csv > report_all.csv to get a general report.

    Thanks for the scanner.

    opened by trust1345 3
  • FR add CSV output for massive scan

    FR add CSV output for massive scan

    FR IIt would be great if there was a -c (csv output) option so that you could wrap the scanner in ansible wrapper and use it on a group of machines. Earlier we wrapped the scanner https://github.com/mergebase/log4j-detector but it doesn't keep up with updates a bit and runs slower (there are also problems with memory consumption). As a result, looks like this. Снимок экрана от 2021-12-21 17-33-27 This output is quite convenient for fast processing of a large group of hosts. I have attached an example file. In the attached file, the separator is "@", but you can use for example "," role1.4-output.csv

    PS. I think it would also be a good idea to make an exception on all Linux hosts /proc by default, this will reduce the speed of scanning (and accessing swap, when touching /proc), but will not worsen its results.

    Thanks for the scanner, it's the best.

    opened by trust1345 3
  • Single binary for windows

    Single binary for windows

    For all versions of windows, you can make one common binary file. All versions of windows contain 32 subsystems, so such a binary file will work on all Windows systems.

    In order to support all versions of windows from windows 7, you need to use version 3.7.9 to build with pyinstaller

    opened by trust1345 2
  • Please add an argument, that will add to each line of the csv output ( --csv-out ) additional information

    Please add an argument, that will add to each line of the csv output ( --csv-out ) additional information

    Please add an argument, that will add to each line of the csv output ( --csv-out ) information about the passed path argument, when the scanner starts, exclude path, and the time spent on scanning the host (even when the verdict is CLEAN), total scanned files and folders.

    This information will be useful for analyzing the scanner's work statistics.

    Example in attach. localhost_10.10.10.10.csv

    opened by trust1345 1
  • Please add verdict for Log4J-1.1.1

    Please add verdict for Log4J-1.1.1

    When the scanner finds Log4J-1.1.1 the verdict turns out to be just an empty space. I think that you need to add a status that would indicate in such cases the need for manual verification, for example manual or add an existing CVE.

    2019-06-19 10:10:10 1.2120220117 333.333.333.333 server.com Windows 2022 AMD64 Package ...\lib\log4j-core.jar contains Log4J-1.1.1 <= 1.2.17, JMSAppender.class not found 1.1.1

    opened by trust1345 1
  • Skip reparse points on Windows

    Skip reparse points on Windows 

    import ctypes
def isLink(path):
    if os.path.exists(path):
        if os.path.isdir(path):
            FILE_ATTRIBUTE_REPARSE_POINT = 0x0400
            attributes = ctypes.windll.kernel32.GetFileAttributesW(unicode(path))
            return (attributes & FILE_ATTRIBUTE_REPARSE_POINT) > 0
    return False
    opened by HynekPetrak 0
  • Current scaner binary builds, using pyinstaller

    Current scaner binary builds, using pyinstaller

    Built a scanner of the current version (1c14e73) using pyInstaller (one binary file, does not require python to run)

    1. Windows 32 bit version, should work on all versions of Windows OS (32-bit and 64-bit) both client and server, starting from w7 and above
    2. Linux 32 bit version, (one binary file, does not require python to run) but there is a dependency on the glibc version on the system.
    3. Linux 64 bit version, (one binary file, does not require python to run) but there is a dependency on the glibc version on the system.

    It may be useful to anyone.

    Windows run example: test_log4shell_1.2120220209.exe all --csv-out --no-csv-header --csv-clean

    Linux 32 bit run example: test_log4shell_1.2120220209.bin32 / --exclude-dirs /proc --csv-out --no-csv-header --csv-clean

    Linux 64 bit run example: test_log4shell_1.2120220209.bin64 / --exclude-dirs /proc --csv-out --no-csv-header --csv-clean

    After the work is completed, a short-hostname_ip.csv file with the scan results will appear in the directory from which the file was run.

    test_log4shell_1.2120220209_32.zip test_log4shell_1.2120220209_64.zip test_log4shell_1.2120220209_exe.zip

    opened by trust1345 0
  • Please add support 3 CVE (log4j)

    Please add support 3 CVE (log4j)

    1. CVE-2017-5645
    2. CVE-2021-42550
    3. CVE-2020-9488

    It is especially important to detect CVE-2021-42550

    Maybe in the documentation (readme) such a table will be useful

    | Detect | CVE | CVSSv3 | Severity | java | lib from | lib to | lib fix | | | :----- | :------------- | :----- | :------- | :---- | :--------- | :----------------------------- | :------------------ | :-- | | x | CVE-2021-44228 | 10,0 | Critical | 8 | 2.0-beta9 | 2.14.1 | 2.15.0 | | | - | CVE-2017-5645 | 9,8 | Critical | 7 | 2.0-alpha1 | 2.8.1 | 2.8.2 | | | x | CVE-2021-45046 | 9,0 | Critical | 7/8 | 2.0-beta9 | 2.15.0 excluding 2.12.2 | 2.12.2/2.16.0 | | | x | CVE-2021-4104 | 7,5 | High | - | 1.0 | 1.x | nofix | | | x | CVE-2021-44832 | 6,6 | Medium | 6/7/8 | 2.0-alpha7 | 2.17.0, excluding 2.3.2/2.12.4 | 2.3.2/2.12.4/2.17.1 | | | - | CVE-2021-42550 | 6,6 | Medium | - | 1.0 | 1.2.7 | 1.2.8 | | | x | CVE-2021-45105 | 5,9 | Medium | 6/7/8 | 2.0-beta9 | 2.16.0, excluding 2.12.3 | 2.3.1/2.12.3/2.17.0 | | | - | CVE-2020-9488 | 3,7 | Low | 7/8 | 2.0-alpha1 | 2.13.1 | 2.12.3/2.13.2 | |

    opened by trust1345 29
Releases(v1.22)
Owner
Hynek Petrak
Hynek Petrak
GitHub Repository
Dome - Subdomain Enumeration Tool. Fast and reliable python script that makes active and/or passive scan to obtain subdomains and search for open ports.

DOME - A subdomain enumeration tool Check the Spanish Version Dome is a fast and reliable python script that makes active and/or passive scan to obtai

Vadi 329 Jan 01, 2023
Security System using OpenCV

Security-System Security System using OpenCV Files in this Repository: email_send.py - This file contains python code to send an email when something

Mehul Patwari 1 Oct 28, 2021
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

About Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user Changed from sam-the-admin. Usage SAM THE ADMIN CVE-202

Evi1cg 500 Jan 06, 2023
Quickstart resources for the WiFi Nugget, a cat themed WiFi Security platform for beginners.

Quickstart resources for the WiFi Nugget, a cat themed WiFi Security platform for beginners.

HakCat 62 Jan 08, 2023
A simple tool to audit Unix/*BSD/Linux system libraries to find public security vulnerabilities

master_librarian A simple tool to audit Unix/*BSD/Linux system libraries to find public security vulnerabilities. To install requirements: $ sudo pyth

CoolerVoid 167 Dec 19, 2022
A simple linux keylogger project.

The project This project is a simple linux keylogger. When activated, it registers all the actions made with the keyboard. The log files are registere

1 Oct 24, 2021
Hammer-DDos - Hammer DDos With Python

Hammer-DDos $ apt update $ apt upgrade $ apt install python $ apt install git $

1 Jan 24, 2022
Visibility and Mitigation for Log4J vulnerabilities

Visibility and Mitigation for Log4J vulnerabilities Several scripts for the visibility and mitigation of Log4J vulnerabilities. Static Scanner - Linux

SentinelLabs 15 May 21, 2022
Security system to prevent Shoulder Surfing Attacks

Surf_Sec Security system to prevent Shoulder Surfing Attacks. REQUIREMENTS: Python 3.6+ XAMPP INSTALLED METHOD TO CONFIGURE PROJECT: Clone the repo to

Aman Anand 1 Jan 27, 2022
Automated tool to exploit basic buffer overflow remotely and locally & x32 and x64

Automated tool to exploit basic buffer overflow (remotely or locally) & (x32 or x64)

5 Oct 09, 2022
Vulnerability Exploitation Code Collection Repository

Introduction expbox is an exploit code collection repository List CVE-2021-41349 Exchange XSS PoC = Exchange 2013 update 23 = Exchange 2016 update 2

0x0021h 263 Feb 14, 2022
Python decompiler for Python 1.5-2.4 (for historical archive)

This preserves the early code of a Python decompiler for Python versions 1.5 to 2.4. I have been able to install this using pyenv using Python 2.3.7 u

R. Bernstein 2 Jan 04, 2022
Automatically download all 10,000 CryptoPunk NFTs.

CryptoPunk Stealer The sole purpose of this script is to download the entire CryptoPunk NFT collection. How does it work? Basically, the website where

Dan 7 Oct 22, 2022
Workshop Material on VM-based Deobfuscation

Analysis of Virtualization-based Obfuscation This repository contains slides, samples and code of the 4h code deobfuscation workshop at r2con2021. We

Tim Blazytko 133 Dec 18, 2022
PoC for CVE-2021-26855 -Just a checker-

CVE-2021-26855 PoC for CVE-2021-26855 -Just a checker- Usage python3 CVE-2021-26855.py -u https://mail.example.com -c example.burpcollaborator.net # C

Abdullah AlZahrani 17 Dec 22, 2022
🔐 A simple command-line password manager.

PassVault What Is It? It is a command-line password manager, for educational purposes, that stores localy, in AES encryption, your sensitives datas in

5 Aug 15, 2022
This python script will automate the testing for the Log4J vulnerability for HTTP and HTTPS connections.

Log4J-Huntress-Automate-Script This python script will automate the testing for the Log4J vulnerability for HTTP and HTTPS connections. Pre-Requisits

1 Dec 16, 2021
GitHub Advance Security Compliance Action

advanced-security-compliance This Action was designed to allow users to configure their Risk threshold for security issues reported by GitHub Code Sca

Mathew Payne 121 Dec 14, 2022
Gmail Accounts Hacking

gmail-hack Gmail Accounts Hacking Gemail-Hack python script for Hack gmail account brute force What is brute force attack? In brute force attack,scrip

Aryan 25 Nov 10, 2022
Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.

RedTeam Toolkit Note: Only legal activities should be conducted with this project. Red Team Toolkit is an Open-Source Django Offensive Web-App contain

Mohammadreza Sarayloo 382 Jan 01, 2023