fullhunt / spring4shell-scan
A fully automated, reliable, and accurate scanner for finding Spring4Shell and Spring Cloud RCE vulnerabilities
☆656Updated 2 years ago
Alternatives and similar repositories for spring4shell-scan:
Users that are interested in spring4shell-scan are comparing it to the libraries listed below
- Nuclei plugin for BurpSuite☆1,228Updated 6 months ago
- Burpsuite extension for log4j2rce☆28Updated 3 years ago
- Log4Shell scanner for Burp Suite☆483Updated last year
- Log4j jndi injects the Payload generator☆486Updated 3 years ago
- The most powerful CRLF injection (HTTP Response Splitting) scanner.☆575Updated last year
- Spring4Shell Proof Of Concept/And vulnerable application CVE-2022-22965☆363Updated 2 years ago
- A python script to scan for Apache Tomcat server vulnerabilities.☆821Updated last month
- Log4j2 RCE Passive Scanner plugin for BurpSuite☆796Updated last year
- 🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks☆932Updated 3 years ago
- WSO2 RCE (CVE-2022-29464) exploit and writeup.☆369Updated 2 years ago
- Dockerized Spring4Shell (CVE-2022-22965) PoC application and exploit☆310Updated 2 years ago
- Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user☆1,008Updated 2 years ago
- SSRF plugin for burp Automates SSRF Detection in all of the Request☆573Updated 4 years ago
- ☆518Updated last year
- Tool to help exploit XXE vulnerabilities☆555Updated 2 years ago
- HopLa Burp Suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite☆725Updated 3 years ago
- A malicious LDAP server for JNDI injection attacks☆1,026Updated last year
- Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hac…☆946Updated 3 months ago
- Burpsuite Extension to bypass 403 restricted directory☆1,603Updated last year
- Remote Code Injection In Log4j☆463Updated 3 years ago
- a lightweight, flexible and novel open source poc verification framework☆234Updated 2 years ago
- A Burp extension helps identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations,…☆364Updated this week
- Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URLs with multithreading☆196Updated 3 years ago
- XSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具☆262Updated 4 years ago
- Afuzz is an automated web path fuzzing tool for the Bug Bounty projects.☆304Updated last year
- Nginx 18.1 04/09/22 zero-day repo☆372Updated 2 years ago
- CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.☆1,362Updated 3 years ago
- SpringCore0day from https://share.vx-underground.org/ & some additional links☆394Updated 2 years ago
- Because just a dark theme wasn't enough!☆558Updated 3 months ago
- Totally Insecure Web Application Project (TIWAP)☆171Updated last year