Scanning for CVE-2021-44228

Related tags

Security related resourceslog4j_scanner
Overview
You might also like...
Ingest GreyNoise.io malicious feed for CVE-2021-44228 and apply null routes

log4j-nullroute Quick script to ingest IP feed from greynoise.io for log4j (CVE-2021-44228) and null route bad addresses. Works w/Cisco IOS-XE and Ari

Ryan 5 Sep 12, 2022
Mass Check Vulnerable Log4j CVE-2021-44228
Mass Check Vulnerable Log4j CVE-2021-44228

Log4j-CVE-2021-44228 Mass Check Vulnerable Log4j CVE-2021-44228 Introduction Actually I just checked via Vulnerable Application from https://github.co

Justakazh 6 Dec 28, 2022
A Docker based LDAP RCE exploit demo for CVE-2021-44228 Log4Shell

log4j-poc An LDAP RCE exploit for CVE-2021-44228 Log4Shell Description This demo Tomcat 8 server has a vulnerable app deployed on it and is also vulne

null 60 Dec 10, 2022
Simple Python 3 script to detect the
Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading

log4j-detect Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading The script

Wade 1 Dec 15, 2021
Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228)
Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228)

log4j-finder A Python3 script to scan the filesystem to find Log4j2 that is vulnerable to Log4Shell (CVE-2021-44228) It scans recursively both on disk

Fox-IT 431 Dec 22, 2022
Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228

log4j-honeypot-flask Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228 This can be

Binary Defense 144 Nov 19, 2022
Tools for investigating Log4j CVE-2021-44228

Log4jTools Tools for investigating Log4j CVE-2021-44228 FetchPayload.py (Get java payload from ldap path provided in JNDI lookup). Example command: Re

MalwareTech 91 Dec 29, 2022
Log4j2 CVE-2021-44228 revshell

Log4j2-CVE-2021-44228-revshell Usage For reverse shell: $~ python3 Log4j2-revshell.py -M rev -u http://www.victimLog4j.xyz:8080 -l [AttackerIP] -p [At

FaisalFs 16 Mar 24, 2022
Providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account.
Providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account.

We are providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account. The script enables security teams to identify external-facing AWS assets by running the exploit on them, and thus be able to map them and quickly patch them

Mitiga 13 Jan 4, 2022
Comments
  • Unhandled exception processing C:\Program Files\Cryptomator\app\mods\javafx-graphics-17.0.1-win.jar

    Unhandled exception processing C:\Program Files\Cryptomator\app\mods\javafx-graphics-17.0.1-win.jar

    Windows 11 python -m pip install pywin32 Python 3.10.1

    Thanks, first, for offering this script.

    Get the following error when running your script.

    c:\dev\github\log4j_scanner>python scanner_win.py
Indicator for vulnerable component found in C:\$RECYCLE.BIN\S-1-5-21-67875770-1077041941-3688728843-1001\$RTYFQH1.jar: log4j 2.9.1-2.10.0
Unhandled exception processing C:\Program Files\Cryptomator\app\mods\javafx-graphics-17.0.1-win.jar
Traceback (most recent call last):
  File "c:\dev\github\log4j_scanner\scanner_win.py", line 88, in main
    if handleJar(filename, filename):
  File "c:\dev\github\log4j_scanner\scanner_win.py", line 72, in handleJar
    return handleJar(io.BytesIO(z.read(name)), filename.decode('utf-8')+":"+name)
AttributeError: 'str' object has no attribute 'decode'. Did you mean: 'encode'?

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "c:\dev\github\log4j_scanner\scanner_win.py", line 96, in <module>
    sys.exit(main())
  File "c:\dev\github\log4j_scanner\scanner_win.py", line 92, in main
    traceback.print_exc()
NameError: name 'traceback' is not defined

    https://agentonline-my.sharepoint.com/:u:/g/personal/rb_agentonline_ch/EbfK8iKhOhJGlnN-kqY4lPgB44x-VaSlmrhNDO7efo6Dbg?e=qtwzNh

    Any idea why this is causing an issue.

    bug 
    opened by rudolfb 2
Releases(v1.3)
Owner
Brett England
Brett England
GitHub Repository
Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.

sshuttle: where transparent proxy meets VPN meets ssh As far as I know, sshuttle is the only program that solves the following common case: Your clien

9.4k Jan 04, 2023
Tool for finding PHP source code vulnerabilities.

vulnz Tool for finding php source code vulnerabilities. Scans PHP source code and prints out potentially dangerous lines. This tool is useful for secu

Mateo Hanžek 1 Jan 14, 2022
Tool-X is a kali linux hacking Tool installer.

Tool-X is a kali linux hacking Tool installer. Tool-X developed for termux and other Linux based systems. using Tool-X you can install almost 370+ hacking tools in termux app and other linux based di

Rajkumar Dusad 4.2k May 29, 2022
IDA Frida Plugin for tracing something interesting.

IDAFrida A simple IDA plugin to generate FRIDA script. Edit template for functions or you can use the default template. Select functions you want to t

PandaOS 133 Dec 24, 2022
使用golang重写开源工具wafw00f

GO-WAFW00F 介绍 WAFW00F是一款优秀的web应用防火墙识别开源工具:https://github.com/EnableSecurity/wafw00f 使用Golang重写的原因:Python环境配置不便利,Golang打包生成可执行文件直接运行 目前还在开发阶段,规则解析存在小问题

80 Dec 30, 2021
This a simple tool XSS Detection Suite for CTFs games

This a simple tool XSS Detection Suite for CTFs games

Mostafa 2 Nov 24, 2021
HatSploit native powerful payload generation and shellcode injection tool that provides support for common platforms and architectures.

HatVenom HatSploit native powerful payload generation and shellcode injection tool that provides support for common platforms and architectures. Featu

EntySec 100 Dec 23, 2022
CVE-2021-22005 - VMWare vCenter Server File Upload to RCE

CVE-2021-22005 - VMWare vCenter Server File Upload to RCE Analyze Usage ------------------------------------------------------------- [*] CVE-2021-220

r0cky 224 Aug 05, 2022
This tool help you to check if your Windows machine has hidden miner.

Hidden Miner Detector This tool help you to check if your Windows machine has hidden miner. Miners track when you open antivirus software or task mana

Николай Борщёв 2 Oct 05, 2022
OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the

omigood (OM I GOOD?) This repository contains a free scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities discovered by Wiz's threa

Marco Simioni 13 Jul 13, 2022
Visius Heimdall is a tool that checks for risks on your cloud infrastructure

Heimdall Cloud Checker 🇧🇷 About Visius is a Brazilian cybersecurity startup that follows the signs of the crimson thunder ;) 🎸 ! As we value open s

visius 48 Jun 20, 2022
Valeria stealer- - (4Feb 2022) program detects wifi saved passwords in your ROM

Valeria_stealer- Requirements : python 3.9.2 and higher (4Feb 2022) program dete

Mikhail Yolkin 3 May 05, 2022
md5 hash cracking with python.

Python-Md5-Cracker- md5 hash cracking with python. Original files added First create a file called word.txt then run the wordCreate.py script The task

Nebil Sharifi 0 Aug 31, 2022
对naabu的端口扫描结果,调用nmap进行指纹识别

naabu2nmap 对naabu的端口扫描结果,调用nmap进行指纹识别

Se7en 12 Nov 22, 2022
Source code for "A Two-Stream AMR-enhanced Model for Document-level Event Argument Extraction" @ NAACL 2022

TSAR Source code for NAACL 2022 paper: A Two-Stream AMR-enhanced Model for Document-level Event Argument Extraction. 🔥 Introduction We focus on extra

21 Sep 24, 2022
A GitHub action for organizations that enables advanced security code scanning on all new repos

Advanced-Security-Enforcer What this repository does This code is for an active GitHub Action written in Python to check (on a schedule) for new repos

Zack Koppert 30 May 17, 2022
Hadoop Yan RPC unauthorized RCE

Vuln Impact On November 15, 2021, A security researcher disclosed that there was an unauthorized access vulnerability in Hadoop yarn RPC. This vulnera

Al1ex 25 Nov 24, 2022
Automatically fetch, measure, and merge subscription links on the network, use Github Action

Free Node Merge Introduction Modified from alanbobs999/TopFreeProxies It measures the speed of free nodes on the network and import the stable and hig

52 Jul 16, 2022
Having a weak password is not good for a system that demands high confidentiality and security of user credentials

Having a weak password is not good for a system that demands high confidentiality and security of user credentials. It turns out that people find it difficult to make up a strong password that is str

PyLaboratory 0 Feb 07, 2022
An easy-to-use wrapper for NTFS-3G on macOS

ezNTFS ezNTFS is an easy-to-use wrapper for NTFS-3G on macOS. ezNTFS can be used as a menu bar app, or via the CLI in the terminal. Installation To us

Matthew Go 34 Dec 01, 2022