Alternatives and similar repositories for L4sh

Users that are interested in L4sh are comparing it to the libraries listed below

• pimps / JNDI-Exploit-Kit

  View on GitHub
  JNDI-Exploitation-Kit（A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP S…
  ☆937Sep 2, 2025Updated 5 months ago
• 0xInfection / LogMePwn

  View on GitHub
  A fully automated, reliable, super-fast, scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.
  ☆397Dec 11, 2024Updated last year
• alexandre-lavoie / python-log4rce

  View on GitHub
  An All-In-One Pure Python PoC for CVE-2021-44228
  ☆177Dec 16, 2021Updated 4 years ago
• silentsignal / burp-log4shell

  View on GitHub
  Log4Shell scanner for Burp Suite
  ☆486Sep 24, 2023Updated 2 years ago
• safebuffer / sam-the-admin

  View on GitHub
  Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
  ☆1,040Jul 10, 2022Updated 3 years ago
• fullhunt / log4j-scan

  View on GitHub
  A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
  ☆3,438Nov 23, 2022Updated 3 years ago
• STMCyber / boobsnail

  View on GitHub
  BoobSnail allows generating Excel 4.0 XLM macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro generation.
  ☆259Mar 6, 2025Updated 11 months ago
• Puliczek / CVE-2021-44228-PoC-log4j-bypass-words

  View on GitHub
  🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
  ☆950Jan 15, 2022Updated 4 years ago
• S3cur3Th1sSh1t / MultiPotato

  View on GitHub
  ☆539Nov 20, 2021Updated 4 years ago
• horizon3ai / CVE-2021-38647

  View on GitHub
  Proof on Concept Exploit for CVE-2021-38647 (OMIGOD)
  ☆233Sep 16, 2021Updated 4 years ago
• mhaskar / DNSStager

  View on GitHub
  Hide your payload in DNS
  ☆617May 3, 2023Updated 2 years ago
• righettod / log4shell-analysis

  View on GitHub
  Contains all my research and content produced regarding the log4shell vulnerability
  ☆31Jan 22, 2022Updated 4 years ago
• KaLendsi / CVE-2022-21882

  View on GitHub
  win32k LPE
  ☆465Jan 27, 2022Updated 4 years ago
• arg3t / massurl

  View on GitHub
  A simple tool that aims to efficiently and quickly parse the outputs of web scraping tools like gau
  ☆13Jun 28, 2021Updated 4 years ago
• jas502n / Log4j2-CVE-2021-44228

  View on GitHub
  Remote Code Injection In Log4j
  ☆469Jan 18, 2022Updated 4 years ago
• christophetd / log4shell-vulnerable-app

  View on GitHub
  Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228).
  ☆1,138Apr 26, 2024Updated last year
• woodpecker-appstore / log4j-payload-generator

  View on GitHub
  Log4j jndi injects the Payload generator
  ☆487Dec 13, 2021Updated 4 years ago
• cube0x0 / noPac

  View on GitHub
  CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
  ☆1,397Dec 16, 2021Updated 4 years ago
• lhitori / Smog

  View on GitHub
  A semi-automatic osint/recon framework.
  ☆24May 22, 2024Updated last year
• c3c / ADExplorerSnapshot

  View on GitHub
  ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound via BOFHound, and also supports full-ob…
  ☆1,048Jan 22, 2026Updated 3 weeks ago
• fox-it / log4j-finder

  View on GitHub
  Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228, CVE-2021-45046, CVE-2021-45105)
  ☆439Dec 27, 2022Updated 3 years ago
• zer1t0 / awsenum

  View on GitHub
  Enumerate AWS permissions and resources.
  ☆71Jun 23, 2022Updated 3 years ago
• Flangvik / collector

  View on GitHub
  Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.
  ☆19Jun 12, 2022Updated 3 years ago
• S3cur3Th1sSh1t / WinPwn

  View on GitHub
  Automation for internal Windows Penetrationtest / AD-Security
  ☆3,639Aug 28, 2025Updated 5 months ago
• tangxiaofeng7 / CVE-2021-44228-Apache-Log4j-Rce

  View on GitHub
  Apache Log4j 远程代码执行
  ☆89May 14, 2023Updated 2 years ago
• Gilzy / 403Bypasser

  View on GitHub
  ☆58Sep 27, 2022Updated 3 years ago
• 0xsp-SRD / mortar

  View on GitHub
  evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)
  ☆1,497Dec 21, 2023Updated 2 years ago
• cube0x0 / CVE-2021-1675

  View on GitHub
  C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527
  ☆1,962Jul 20, 2021Updated 4 years ago
• adilsoybali / Log4j-RCE-Scanner

  View on GitHub
  Remote command execution vulnerability scanner for Log4j.
  ☆251Aug 1, 2023Updated 2 years ago
• praetorian-inc / PortBender

  View on GitHub
  TCP Port Redirection Utility
  ☆760Jan 31, 2023Updated 3 years ago
• redhuntlabs / Log4JHunt

  View on GitHub
  An automated, reliable scanner for the Log4Shell (CVE-2021-44228) vulnerability.
  ☆45Jan 22, 2025Updated last year
• redhuntlabs / Hunt4Spring

  View on GitHub
  A "Spring4Shell" vulnerability scanner.
  ☆49Jan 22, 2025Updated last year
• login-securite / lsassy

  View on GitHub
  Extract credentials from lsass remotely
  ☆2,176Dec 24, 2025Updated last month
• httpvoid / writeups

  View on GitHub
  ☆1,201Sep 2, 2022Updated 3 years ago
• duc-nt / RCE-0-day-for-GhostScript-9.50

  View on GitHub
  RCE 0-day for GhostScript 9.50 - Payload generator
  ☆545Sep 8, 2021Updated 4 years ago
• scherma / periscope

  View on GitHub
  Web page preview and analysis tool
  ☆12Jan 11, 2023Updated 3 years ago
• mubix / securitytitles.com

  View on GitHub
  Standardizing Security Titles
  ☆13Dec 31, 2025Updated last month
• dwisiswant0 / nodep

  View on GitHub
  A tool for check available dependency packages across npmjs, PyPI or RubyGems registry.
  ☆30Mar 2, 2022Updated 3 years ago
• DevSecOpsDocs / terraform-nuclear-pond

  View on GitHub
  Backend for Nuclear Pond
  ☆22Dec 7, 2023Updated 2 years ago