A log4j vulnerability filesystem scanner and Go package for analyzing JAR files.
☆1,568Jun 30, 2022Updated 3 years ago
Alternatives and similar repositories for log4jscanner
Users that are interested in log4jscanner are comparing it to the libraries listed below
Sorting:
- A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228☆3,436Nov 23, 2022Updated 3 years ago
- log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vul…☆1,281Dec 6, 2022Updated 3 years ago
- Log4j2 RCE Passive Scanner plugin for BurpSuite☆830Aug 4, 2023Updated 2 years ago
- Remote Code Injection In Log4j☆469Jan 18, 2022Updated 4 years ago
- ☆2,078Dec 13, 2021Updated 4 years ago
- 🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks☆950Jan 15, 2022Updated 4 years ago
- CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.☆1,397Dec 16, 2021Updated 4 years ago
- JNDI注入测试工具(A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc)☆2,782Mar 22, 2023Updated 2 years ago
- Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock☆7,111Mar 12, 2024Updated last year
- WebLogic利用CVE-2020-2883打Shiro rememberMe反序列化漏洞,一键注册蚁剑filter内存shell☆535Aug 25, 2020Updated 5 years ago
- 📦 Make security testing of K8s, Docker, and Containerd easier.☆4,562Updated this week
- A root exploit for CVE-2022-0847 (Dirty Pipe)☆1,128Mar 8, 2022Updated 3 years ago
- 主流供应商的一些攻击性漏洞汇总☆809Nov 8, 2021Updated 4 years ago
- Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabl…☆27,194Updated this week
- Zscan a scan blasting tool set☆538Dec 5, 2023Updated 2 years ago
- Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势☆1,404Jan 18, 2022Updated 4 years ago
- JNDI-Exploitation-Kit(A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP S…☆937Sep 2, 2025Updated 5 months ago
- APIKit:Discovery, Scan and Audit APIs Toolkit All In One.☆2,239Apr 2, 2024Updated last year
- 解决FastJson、Jackson、Log4j2、原生JNDI注入漏洞的高版本JDKBypass利用,探测本地可用反序列化gadget达到命令执行、回显命令执行、内存马注入☆770Jan 26, 2022Updated 4 years ago
- codemillx is a tool for CodeQL, extract the comments in the code and generate codeql module. 强化Go开源项目安全检测(内含开源项目漏洞挖掘方法)☆205Mar 19, 2022Updated 3 years ago
- 高危漏洞精准检测与深度利用框架☆1,456Jan 8, 2023Updated 3 years ago
- Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with h…☆8,550Feb 19, 2026Updated last week
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more☆32,280Updated this week
- A static analysis tool for securing Go code☆2,167Jan 23, 2024Updated 2 years ago
- ZKar is a Java serialization protocol analysis tool implement in Go.☆647Feb 15, 2025Updated last year
- domain_hunter的高级版本,SRC挖洞、HW打点之必备!自动化资产收集;快速Title获取;外部工具联动;等等☆2,116Jan 23, 2026Updated last month
- MySQL Fake Server use to help MySQL Client File Reading and JDBC Client Java Deserialize☆1,360Nov 18, 2021Updated 4 years ago
- A community sourced list of log4j-affected software☆1,124Nov 9, 2022Updated 3 years ago
- fastjson漏洞burp插件,检测fastjson<1.2.68基于dnslog,fastjson<=1.2.24和1.2.33<=fatjson<=1.2.47的不出网检测和TomcatEcho,SpringEcho回显方案。☆124May 14, 2021Updated 4 years ago
- Fast passive subdomain enumeration tool.☆13,124Feb 19, 2026Updated last week
- Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228).☆1,139Apr 26, 2024Updated last year
- Asset discovery and identification tools 快速识别 Web 指纹信息,定位资产类型。辅助红队快速定位目标资产信息,辅助蓝队发现疑似脆弱点☆2,137Jan 29, 2024Updated 2 years ago
- Burp被动扫描流量转发插件☆1,459Jun 17, 2024Updated last year
- Fiora:漏洞PoC框架Nuclei的图形版。快捷搜索PoC、一键运行Nuclei。即可作为独立程序运行,也可作为burp插件使用。☆1,273Jul 2, 2025Updated 7 months ago
- A burp extension that add some useful function to Context Menu 添加一些右键菜单让burp用起来更顺畅☆1,896Jan 15, 2026Updated last month
- Bypass firewall for traffic forwarding using webshell☆1,430Sep 29, 2021Updated 4 years ago
- 一个LDAP请求监听器,摆脱dnslog平台☆293Apr 7, 2023Updated 2 years ago
- 红队作战中比较常遇到的一些重点系统漏洞整理。☆2,522Jul 17, 2021Updated 4 years ago
- spring boot Fat Jar 任意写文件漏洞到稳定 RCE 利用技巧☆754Apr 14, 2021Updated 4 years ago