A fully automated, reliable, super-fast, scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.
☆397Dec 11, 2024Updated last year
Alternatives and similar repositories for LogMePwn
Users that are interested in LogMePwn are comparing it to the libraries listed below
Sorting:
- Looking for JAR files that are vulnerable to Log4j RCE (CVE‐2021‐44228)?☆45Mar 2, 2022Updated 4 years ago
- Erebus is a fast tool for parameter-based vulnerability scanning using a Yaml based template engine like nuclei.☆134Jul 11, 2021Updated 4 years ago
- A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228☆3,437Nov 23, 2022Updated 3 years ago
- Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hac…☆1,153Jan 21, 2026Updated last month
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one pl…☆1,039Aug 23, 2025Updated 6 months ago
- DirDar is a tool that searches for (403-Forbidden) directories to break it and get dir listing on it☆453Jan 9, 2024Updated 2 years ago
- A tool to perform permutations, mutations and alteration of subdomains in golang.☆156Nov 24, 2023Updated 2 years ago
- Log4j jndi injection fuzz tool☆70Dec 24, 2021Updated 4 years ago
- 🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.☆426Feb 20, 2026Updated 2 weeks ago
- Jeeves SQLI Finder☆215May 13, 2022Updated 3 years ago
- VPN Overall Reconnaissance, Testing, Enumeration and eXploitation Toolkit☆448Nov 2, 2023Updated 2 years ago
- A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secrets☆1,529Jan 15, 2026Updated last month
- A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.☆184Nov 22, 2021Updated 4 years ago
- Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load☆296Sep 22, 2024Updated last year
- A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀☆659Aug 28, 2025Updated 6 months ago
- The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.☆1,281Feb 10, 2026Updated 3 weeks ago
- Quickly discover exposed hosts on the internet using multiple search engines.☆2,827Feb 25, 2026Updated last week
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects☆970Dec 8, 2021Updated 4 years ago
- An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and…☆802Jul 4, 2023Updated 2 years ago
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..e…☆1,024Feb 22, 2026Updated last week
- A replacement of "qsreplace", accepts URLs as standard input, replaces all query string values with user-supplied values and stdout.☆109Mar 1, 2022Updated 4 years ago
- For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙☆1,820Jun 9, 2024Updated last year
- Trickest Workflow for discovering log4j vulnerabilities and gathering the newest community payloads.☆112Feb 16, 2022Updated 4 years ago
- 40X/HTTP bypasser in Go. Features: Verb tampering, headers, #bugbountytips, User-Agents, extensions, default credentials...☆1,814Jul 3, 2023Updated 2 years ago
- ⚡️ Multiple target ZAP Scanning☆106Updated this week
- Build your own reconnaissance system with Osmedeus Next Generation☆204Jan 21, 2026Updated last month
- CloudFlare Checker written in Go☆237May 12, 2024Updated last year
- a lightweight, flexible and novel open source poc verification framework☆237May 21, 2022Updated 3 years ago
- Rockyou for web fuzzing☆3,028Feb 11, 2026Updated 3 weeks ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆953Dec 31, 2021Updated 4 years ago
- Check which CDN providers an IP list belongs to☆194May 10, 2023Updated 2 years ago
- declutters url lists for crawling/pentesting☆1,531Feb 23, 2025Updated last year
- Security tool to find potential vulnerable Server Side Request Forgery (SSRF) parameters.☆355Feb 13, 2026Updated 3 weeks ago
- ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.☆710Oct 9, 2023Updated 2 years ago
- Log4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.☆256Dec 21, 2021Updated 4 years ago
- Gotator is a tool to generate DNS wordlists through permutations.☆506Jul 17, 2022Updated 3 years ago
- Generate tens of thousands of subdomain combinations in a matter of seconds☆273Sep 25, 2023Updated 2 years ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,774Apr 26, 2024Updated last year
- Host Header Injection Checker☆84Mar 2, 2022Updated 4 years ago