A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
☆3,437Nov 23, 2022Updated 3 years ago
Alternatives and similar repositories for log4j-scan
Users that are interested in log4j-scan are comparing it to the libraries listed below
Sorting:
- Log4j2 RCE Passive Scanner plugin for BurpSuite☆830Aug 4, 2023Updated 2 years ago
- CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks☆841Jun 13, 2023Updated 2 years ago
- CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.☆1,397Dec 16, 2021Updated 4 years ago
- A fully automated, reliable, and accurate scanner for finding Spring4Shell and Spring Cloud RCE vulnerabilities☆657Apr 7, 2022Updated 3 years ago
- JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)☆2,782Mar 22, 2023Updated 2 years ago
- 🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks☆950Jan 15, 2022Updated 4 years ago
- JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具☆2,012May 21, 2024Updated last year
- Nuclei plugin for BurpSuite☆1,322Oct 22, 2025Updated 4 months ago
- Community curated list of templates for the nuclei engine to find security vulnerabilities.☆11,983Feb 25, 2026Updated last week
- shiro反序列化漏洞综合利用,包含(回显执行命令/注入内存马)修复原版中NoCC的问题 https://github.com/j1anFen/shiro_attack☆2,379Apr 10, 2024Updated last year
- Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabl…☆27,194Feb 24, 2026Updated last week
- Log4Shell scanner for Burp Suite☆484Sep 24, 2023Updated 2 years ago
- An OOB interaction gathering server and client library☆4,212Updated this week
- Asset discovery and identification tools 快速识别 Web 指纹信息,定位资产类型。辅助红队快速定位目标资产信息,辅助蓝队发现疑似脆弱点☆2,137Jan 29, 2024Updated 2 years ago
- Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules…☆5,961Jul 12, 2024Updated last year
- weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力:CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-201…☆2,072Nov 24, 2023Updated 2 years ago
- Burpsuite Extension to bypass 403 restricted directory☆1,673Jun 29, 2023Updated 2 years ago
- Fiora:漏洞PoC框架Nuclei的图形版。快捷搜索PoC、一键运行Nuclei。即可作为独立程序运行,也可作为burp插件使用。��☆1,275Jul 2, 2025Updated 8 months ago
- 一款基于BurpSuite的被动式shiro检测插件☆1,795Dec 14, 2022Updated 3 years ago
- EHole(棱洞)3.0 重构版-红队重点攻击系统指纹探测工具☆3,438Apr 2, 2024Updated last year
- Adversary simulation and Red teaming platform with AI☆4,976Jan 18, 2026Updated last month
- A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for att…☆5,775Feb 25, 2026Updated last week
- 利用大量高威胁poc/exp快速获取目标权限,用于渗透和红队快速打点☆2,360Jun 9, 2023Updated 2 years ago
- reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and findin…☆7,259Updated this week
- A Security Tool for Bug Bounty, Pentest and Red Teaming.☆4,189Updated this week
- 六大云存储,泄露利用检测工具☆1,243Mar 28, 2025Updated 11 months ago
- Log4j jndi injects the Payload generator☆486Dec 13, 2021Updated 4 years ago
- log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vul…☆1,281Dec 6, 2022Updated 3 years ago
- A powerful browser crawler for web vulnerability scanners☆3,016Mar 11, 2025Updated 11 months ago
- httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.☆9,607Feb 21, 2026Updated last week
- A toolkit for testing, tweaking and cracking JSON Web Tokens☆6,389May 1, 2025Updated 10 months ago
- Fast web fuzzer written in Go☆15,637Apr 24, 2025Updated 10 months ago
- Shiro550/Shiro721 一键化利用工具,支持多种回显方式☆1,951Jun 4, 2021Updated 4 years ago
- HTTP parameter discovery suite.☆6,091Feb 20, 2025Updated last year
- 哥斯拉☆4,338Jul 17, 2024Updated last year
- List of Awesome CobaltStrike Resources☆4,386Sep 20, 2023Updated 2 years ago
- Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user☆1,041Jul 10, 2022Updated 3 years ago
- 解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用,探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入☆770Jan 26, 2022Updated 4 years ago
- reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via E…☆8,497Nov 16, 2025Updated 3 months ago