A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
☆3,434Nov 23, 2022Updated 3 years ago
Alternatives and similar repositories for log4j-scan
Users that are interested in log4j-scan are comparing it to the libraries listed below
Sorting:
- Log4j2 RCE Passive Scanner plugin for BurpSuite☆829Aug 4, 2023Updated 2 years ago
- CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks☆840Jun 13, 2023Updated 2 years ago
- A fully automated, reliable, and accurate scanner for finding Spring4Shell and Spring Cloud RCE vulnerabilities☆657Apr 7, 2022Updated 3 years ago
- JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)☆2,789Mar 22, 2023Updated 2 years ago
- 🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks☆950Jan 15, 2022Updated 4 years ago
- CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.☆1,397Dec 16, 2021Updated 4 years ago
- JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具☆2,012May 21, 2024Updated last year
- shiro反序列化漏洞综合利用,包含(回显执行命令/注入内存马)修复原版中NoCC的问题 https://github.com/j1anFen/shiro_attack☆2,391Apr 10, 2024Updated last year
- Nuclei plugin for BurpSuite☆1,322Oct 22, 2025Updated 4 months ago
- Log4Shell scanner for Burp Suite☆484Sep 24, 2023Updated 2 years ago
- Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabl…☆27,492Updated this week
- 一款基于BurpSuite的被动式shiro检测插件☆1,797Dec 14, 2022Updated 3 years ago
- Community curated list of templates for the nuclei engine to find security vulnerabilities.☆12,058Updated this week
- An OOB interaction gathering server and client library☆4,230Mar 10, 2026Updated last week
- log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vul…☆1,281Dec 6, 2022Updated 3 years ago
- Log4j jndi injects the Payload generator☆486Dec 13, 2021Updated 4 years ago
- EHole(棱洞)3.0 重构版-红队重点攻击系统指纹探测工具☆3,445Apr 2, 2024Updated last year
- Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules…☆5,963Jul 12, 2024Updated last year
- 利用大量高威胁poc/exp快速获取目标权限,用于渗透和红队快速打点☆2,357Jun 9, 2023Updated 2 years ago
- Asset discovery and identification tools 快速识别 Web 指纹信息,定位资产类型。辅助红队快速定位目标资产信息,辅助蓝队发现疑似脆弱点☆2,138Jan 29, 2024Updated 2 years ago
- Fiora:漏洞PoC框架Nuclei的图形版。快捷搜索PoC、一键运行Nuclei。即可作为独立程序运行,也可作为burp插件使用。☆1,276Jul 2, 2025Updated 8 months ago
- Burpsuite Extension to bypass 403 restricted directory☆1,674Jun 29, 2023Updated 2 years ago
- weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-201…☆2,070Nov 24, 2023Updated 2 years ago
- 六大云存储,泄露利用检测工具☆1,245Mar 28, 2025Updated 11 months ago
- Operational information regarding the log4shell vulnerabilities in the Log4j logging library.☆1,889Jun 15, 2022Updated 3 years ago
- Nmap NSE scripts to check against log4shell or LogJam vulnerabilities (CVE-2021-44228)☆351Dec 20, 2021Updated 4 years ago
- Adversary simulation and Red teaming platform with AI☆4,995Jan 18, 2026Updated 2 months ago
- 哥斯拉☆4,345Jul 17, 2024Updated last year
- Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user☆1,043Jul 10, 2022Updated 3 years ago
- Shiro550/Shiro721 一键化利用工具,支持多种回显方式☆1,953Jun 4, 2021Updated 4 years ago
- A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for att…☆5,806Mar 9, 2026Updated last week
- 高危漏洞精准检测与深度利用框架☆1,457Jan 8, 2023Updated 3 years ago
- Fastjson扫描器,可识别版本、依赖库、autoType状态等。A tool to distinguish fastjson ,version and dependency☆1,049Oct 7, 2022Updated 3 years ago
- A Security Tool for Bug Bounty, Pentest and Red Teaming.☆4,199Updated this week
- A powerful browser crawler for web vulnerability scanners☆3,020Mar 11, 2025Updated last year
- 项目是根据LandGrey/SpringBootVulExploit清单编写,目的hvv期间快速利用漏洞、降低漏洞利用门槛。☆1,897Jan 15, 2024Updated 2 years ago
- Remote Code Injection In Log4j☆469Jan 18, 2022Updated 4 years ago
- heapdump敏感信息查询工具,例如查找 spring heapdump中的密码明文,AK,SK等☆1,434May 21, 2024Updated last year
- httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.☆9,695Updated this week