log4shell_scanner
Scans all drives for log4j jar files and gets their version from the manifest. Windows and Windows Server only.
Scans all drives for log4j jar files and gets their version from the manifest
Overview
You might also like...
Log4j-Scanner with Bind-Receipt and custom hostnames
Hrafna - Log4j-Scanner for the masses Features Scanning-system designed to check your own infra for vulnerable log4j-installations start and stop scan
18 Jan 23, 2022
Log4j rce test environment and poc
log4jpwn log4j rce test environment See: https://www.lunasec.io/docs/blog/log4j-zero-day/ Experiments to trigger in various software products mentione
307 Dec 24, 2022
Provides script to download and format public IP lists related to the Log4j exploit.
Provides script to download and format public IP lists related to the Log4j exploit. Current format includes: plain list, Cisco ASA Network Group.
1 Jan 2, 2022
This python script will automate the testing for the Log4J vulnerability for HTTP and HTTPS connections.
Log4J-Huntress-Automate-Script This python script will automate the testing for the Log4J vulnerability for HTTP and HTTPS connections. Pre-Requisits
1 Dec 16, 2021
A scanner and a proof of sample exploit for log4j RCE CVE-2021-44228
1.Create a Sample Vulnerable Application . 2.Start a netcat listner . 3.Run the exploit . 5.Use jdk1.8.0_20 for better results . Exploit-db - https://
7 Aug 6, 2022
Visibility and Mitigation for Log4J vulnerabilities
Visibility and Mitigation for Log4J vulnerabilities Several scripts for the visibility and mitigation of Log4J vulnerabilities. Static Scanner - Linux
15 May 21, 2022
A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts
log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs. Fuzzing for more
4 Aug 8, 2022
This project is all about building an amazing application that will help users manage their passwords and even generate new passwords for them
An amazing application that will help us manage our passwords and even generate new passwords for us.
1 Jan 23, 2022
Northwave Log4j CVE-2021-44228 checker
Northwave Log4j CVE-2021-44228 checker Friday 10 December 2021 a new Proof-of-Concept 1 addressing a Remote code Execution (RCE) vulnerability in the
125 Dec 9, 2022
Releases(v2.4)
-
v2.4(Dec 29, 2021)
Improved speed, added rudimentary nesting detection
Source code(tar.gz)
Source code(zip)
log4shell_scanner.exe(9.29 MB)
-
v2.3(Dec 21, 2021)
improved threading safety and speed
Full Changelog: https://github.com/louckazdenekjr/log4shell_scanner/compare/v2.21...v2.3
Source code(tar.gz)
Source code(zip)
log4shell_scanner.exe(9.29 MB)
-
v2.21(Dec 20, 2021)
added restart, visual fixes
Full Changelog: https://github.com/louckazdenekjr/log4shell_scanner/compare/v2.2...v2.21
Source code(tar.gz)
Source code(zip)
log4shell_scanner.exe(9.29 MB)
-
v2.2(Dec 19, 2021)
Source code(tar.gz)removed Please use a newer version from https://github.com/louckazdenekjr/log4shell_scanner/releases
Source code(zip)
Get related domains / subdomains by looking at Google Analytics IDs
DomainRelationShips ██╗ ██╗ █████╗ ██╗██████╗ ██║ ██║██╔══██╗ ██║██╔══██╗ ██║ ██║█████
161 Jan 02, 2023
Polkit - Local Privilege Escalation (CVE-2021-3560)
CVE-2021-3560 Polkit - Local Privilege Escalation Original discovery by kevin_backhouse from GitHub Security Lab References https://github.blog/2021-0
1 Nov 12, 2021
ShoLister - a tool that collects all available subdomains for specific hostname or organization from Shodan
ShoLister is a tool that collects all available subdomains for specific hostname or organization from Shodan. The tool is designed to be used from Penetration Tester and Bug Bounty Hunters.
45 Dec 28, 2022
A simple multi-threaded distributed SSH brute-forcing tool written in Python.
OrbitalDump A simple multi-threaded distributed SSH brute-forcing tool written in Python. How it Works When the script is executed without the --proxi
408 Jan 03, 2023
Data Recovery from your broken Android phone
Broken Phone Recovery a guide how to backup data from your locked android phone if you broke your screen (and more) you can skip some steps depending
25 Sep 23, 2022
PwdGen is a Python Tkinter tool for generating secure 16 digit passwords.
PwdGen ( Password Generator ) is a Python Tkinter tool for generating secure 16 digit passwords. Installation Simply install requirements pip install
7 Jul 14, 2022
open detection and scanning tool for discovering and fuzzing for Log4J RCE CVE-2021-44228 vulnerability
CVE-2021-44228-log4jVulnScanner-metasploit open detection and scanning tool for discovering and fuzzing for Log4J RCE CVE-2021-44228 vulnerability pre
7 Nov 09, 2022
A wordlist generator tool, that allows you to supply a set of words, giving you the possibility to craft multiple variations from the given words, creating a unique and ideal wordlist to use regarding a specific target.
A wordlist generator tool, that allows you to supply a set of words, giving you the possibility to craft multiple variations from the given words, creating a unique and ideal wordlist to use regardin
39 Dec 10, 2022
A Python wrapper around the OpenSSL library
pyOpenSSL -- A Python wrapper around the OpenSSL library Note: The Python Cryptographic Authority strongly suggests the use of pyca/cryptography where
795 Dec 29, 2022
EyeJo是一款自动化资产风险评估平台,可以协助甲方安全人员或乙方安全人员对授权的资产中进行排查,快速发现存在的薄弱点和攻击面。
EyeJo EyeJo是一款自动化资产风险评估平台,可以协助甲方安全人员或乙方安全人员对授权的资产中进行排查,快速发现存在的薄弱点和攻击面。 免责声明 本平台集成了大量的互联网公开工具,主要是方便安全人员整理、排查资产、安全测试等,切勿用于非法用途。使用者存在危害网络安全等任何非法行为,后果自负,作
429 Dec 31, 2022
command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.
CVE-2021-36260 CVE-2021-36260 POC command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validatio
165 Dec 21, 2022
script that pulls cve collections from NVD.NIST.GOV.
# cvepull.py #script that pulls cve collections from NVD.NIST.GOV. #edit line 17 (timedelta) number to change the amount of days to search backwards
1 Dec 18, 2021
Argument Injection in Dragonfly Ruby Gem
CVE-2021-33564 PoC Exploit script for CVE-2021-33564 (Argument Injection in Dragonfly Ruby Gem). Usage Arbitrary File Read python3 poc.py -u https://
12 Nov 09, 2022
Mr.Holmes is a information gathering tool (OSINT)
🔍 Mr.Holmes Mr.Holmes is a information gathering tool (OSINT). Is main purpose is to gain information about domains,username and phone numbers with t
534 Jan 08, 2023
Spray365 is a password spraying tool that identifies valid credentials for Microsoft accounts (Office 365 / Azure AD).
What is Spray365? Spray365 is a password spraying tool that identifies valid credentials for Microsoft accounts (Office 365 / Azure AD). How is Spray3
246 Dec 28, 2022
Linus-png.github.io - Versionsverwaltung & Open Source Hausaufgabe
Let's Git - Versionsverwaltung & Open Source Hausaufgabe Herzlich Willkommen zu
1 Jan 24, 2022
Scanning for CVE-2021-44228
Filesystem log4j_scanner for windows and Unix. Scanning for CVE-2021-44228, CVE-2021-45046, CVE-2019-17571 Requires a minimum of Python 2.7. Can be ex
4 Jan 09, 2022
Flutter Reverse Engineering Framework
This framework helps reverse engineer Flutter apps using patched version of Flutter library which is already compiled and ready for app repacking. There are changes made to snapshot deserialization p
910 Jan 01, 2023
On-demand scanning for container registries
Lacework registry scanner Install & configure Lacework CLI Integrate a Container Registry Go to Lacework Resources Containers Container Image In
1 Dec 14, 2021
Hadoop Yan RPC unauthorized RCE
Vuln Impact On November 15, 2021, A security researcher disclosed that there was an unauthorized access vulnerability in Hadoop yarn RPC. This vulnera
25 Nov 24, 2022