check_mkExtension to check for log4j2 CVE-2021-44228This Plugin wraps around logpresso/CVE-2021-44228-Scanner (Apache License 2.0)
Run in 5 steps:
META-INF/maven/org.apache.logging.log4j/log4j-core/pom.properties entry from JAR file.Log4j command generator Generate commands for CVE-2021-44228. Description The vulnerability exists due to the Log4j processor's handling of log messag
log4j-tools Quick links Click to find: Inclusions of log4j2 in compiled code Calls to log4j2 in compiled code Calls to log4j2 in source code Overview
1.Create a Sample Vulnerable Application . 2.Start a netcat listner . 3.Run the exploit . 5.Use jdk1.8.0_20 for better results . Exploit-db - https://
log4j An automated header extensive scanner for detecting log4j RCE CVE-2021-44228 Usage $ python3 log4j.py -l urls.txt --dns-log REPLACE_THIS.dnslog.
Log4j dork scanner This is an auto script to search, scrape and scan for Apache Log4j CVE-2021-44228 affected files using Google dorks. Installation:
CVE-2021-44228-log4jVulnScanner-metasploit open detection and scanning tool for discovering and fuzzing for Log4J RCE CVE-2021-44228 vulnerability pre
#1 使用说明 CVE-2021-44228 log4j 2.x rce漏洞检测工具,对目标链接发起get请求并利用dnslog探测是否有回显 $ python3 log4j-scan.py -h
yLog4j This is Y-Sec's @PortSwigger Burp Plugin for the Log4j CVE-2021-44228 vulnerability. The focus of yLog4j is to support mass-scanning of the Log
log4shell_scanner Scans all drives for log4j jar files and gets their version from the manifest. Windows and Windows Server only.
Logpresso Log4j2 Scanner version 2.6.1
Source code(tar.gz)Logpresso Log4j2 Scanner version 2.5.3
Source code(tar.gz)New functionality
Fixes:
Changes:
Logpresso Log4j2 Scanner to version 2.1.3
Source code(tar.gz)Logpresso Log4j2 Scanner to version 2.1.0
Source code(tar.gz)Logpresso Log4j2 Scanner version 1.7.0
Source code(tar.gz)Update Logpresso Log4j2 Scanner to version 1.6.3
Source code(tar.gz)Übersicht RCE 0day Unauthenticated remote command execution 0day exploit for Übersicht. Description Übersicht is a desktop widget application for m
Zepu1chr3 A Radare2 based Python module for Binary Analysis and Reverse Engineering. Installation You can simply run this command. pip3 install zepu1c
AutoTor Auto Tor Ip Changer for Linux! git clone https://github.com/Arest7/AutoTor cd AutoTor pip install -r requirements.txt python3 AutoTor.py follo
The Linux tool to automate the process of getting a pty once you got admin credentials in a Wordpress site. Keep in mind that right now Omega only can attack Linux hosts.
👑 Discovery Header DoD Bug-Bounty Did you know that DoD accepts server headers? 😲 (example: apache"version" , php"version") ? In this code it is pos
Client script for the fisherman phishing tool
DataExtractor A simple Burp Suite extension to extract datas from source code. Features in scope parsing file extensions to ignore files exclusion bas
Fly Dev Tunnel Developers commonly use apps like ngrok, localtunnel, or cloudflared to expose a local web service at a publicly-accessible URL. This i
TTUN Server The self-hostable proxy tunnel. Running Running: docker run -e TUNNEL_DOMAIN=Your tunnel domain -e SECURE=True if using SSL ghcr.io/to
Spring Cloud Gateway Actuator API SpEL表达式注入命令执行(CVE-2022-22947) 1.installation pip3 install -r requirements.txt 2.Usage $ python3 spring-cloud-gateway
Driver Buddy Reloaded Quickstart Table of Contents Installation Usage About Driver Buddy Reloaded Finding DispatchDeviceControl Labelling WDM & WDF St
The Python SE Dopp Kit is a social engineering toolkit with many purposes. It contains 5 different modules designed to be of assistance in different s
This repository is NOT official -- the original repository is located on GitLab
This repository detects a system vulnerable to CVE-2022-21907 and protects against this vulnerability if desired
CAPEv2 (Python3) has now been released CAPEv2 With the imminent end-of-life for Python 2 (January 1 2020), CAPEv1 will be phased out. Please upgrade t
CVE-2021-22005 - VMWare vCenter Server File Upload to RCE Analyze Usage ------------------------------------------------------------- [*] CVE-2021-220
Generate your own NFTs and their metadata based on your desired probabilities. Use your own art assets too! Perfect for use with Candy Machine.
CVE-2021-26084 Confluence OGNL injection CVE-2021-26084 is an Object-Graph Navigation Language (OGNL) injection vulnerability in the Atlassian Conflue
webapp-wordlists This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version co
VSSTrigger Coerce authentication from Windows hosts via MS-FSRVP (Requires FS-VS
1 Jan 3, 2022
171 Dec 25, 2022
7 Aug 6, 2022
2 Dec 16, 2021
5 Dec 27, 2022
7 Nov 9, 2022
4 Jan 13, 2022
1 Jan 31, 2022
1 Dec 29, 2021
10 Dec 21, 2021
5 Aug 25, 2022
3 Jan 23, 2022
12 Nov 09, 2022
38 Aug 09, 2022
1 Feb 23, 2022
86 Dec 31, 2022
170 Dec 11, 2022
2 Jan 11, 2022
10 Sep 28, 2022
199 Jan 04, 2023
48 Nov 26, 2022
2 Feb 05, 2022
26 Dec 26, 2022
701 Dec 27, 2022
224 Aug 05, 2022
7 Sep 16, 2022
15 Sep 23, 2022
396 Jan 08, 2023
6 Jul 24, 2022