snyk-labs / awesome-log4shell

Related projects ⓘ

Alternatives and complementary repositories for awesome-log4shell

• Accenture / jenkins-attack-framework
  ☆555Updated 3 years ago
• lunasec-io / Spring4Shell-POC
  This is a dockerized application that is vulnerable to the Spring4Shell vulnerability (CVE-2022-22965).
  ☆105Updated 2 years ago
• DigeeX / raider
  DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider
  ☆138Updated 3 years ago
• grines / scour
  ☆125Updated 4 months ago
• appsecco / dvja
  Damn Vulnerable Java (EE) Application
  ☆130Updated 9 months ago
• devanshbatham / CertEagle
  Weaponizing Live CT logs for automated monitoring of assets
  ☆133Updated 3 years ago
• madhuakula / hacker-container
  The Swiss Army Container for Cloud Native Security. Container with all the list of useful tools/commands while hacking and securing Conta…
  ☆262Updated last year
• mubix / CVE-2021-44228-Log4Shell-Hashes
  Hashes for vulnerable LOG4J versions
  ☆154Updated 2 years ago
• DataDog / security-labs-pocs
  Proof of concept code for Datadog Security Labs referenced exploits.
  ☆417Updated last year
• jfrog / log4j-tools
  ☆168Updated 2 years ago
• softrams / bulwark
  An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
  ☆180Updated this week
• krol3 / kubernetes-security-checklist
  Awesome resources about Security in Kubernetes
  ☆40Updated last year
• koenbuyens / oauth-2.0-security-cheat-sheet
  oauth security guidelines
  ☆219Updated 5 years ago
• akabe1 / OAUTHScan
  Burp Suite Extension useful to verify OAUTHv2 and OpenID security
  ☆169Updated 3 weeks ago
• hahwul / authz0
  🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.
  ☆392Updated 3 weeks ago
• RossGeerlings / webstor
  WebStor efficiently enumerates all websites across your organization’s networks and those in your DNS records - including cloud-hosted se…
  ☆151Updated 7 months ago
• appsecco / attacking-cloudgoat2
  A step-by-step walkthrough of CloudGoat 2.0 scenarios.
  ☆133Updated 4 years ago
• mhaskar / Bughound
  Static code analysis tool based on Elasticsearch
  ☆129Updated 3 years ago
• koenbuyens / Vulnerable-OAuth-2.0-Applications
  vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.
  ☆306Updated 7 months ago
• jfrog / jfrog-spring-tools
  ☆80Updated 2 years ago
• Santandersecurityresearch / corsair_scan
  Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS).
  ☆122Updated last year
• WeAreCloudar / s3-account-search
  S3 Account Search
  ☆246Updated last month
• back2root / log4shell-rex
  PCRE RegEx matching Log4Shell CVE-2021-44228 IOC in your logs
  ☆292Updated 2 years ago
• NetSPI / aws_consoler
  A utility to convert your AWS CLI credentials into AWS console access.
  ☆220Updated 4 years ago
• amalmurali47 / onaws
  Fetch the details of assets hosted on AWS.
  ☆86Updated 11 months ago
• projectdiscovery / cloudlist
  Cloudlist is a tool for listing Assets from multiple Cloud Providers.
  ☆861Updated this week
• alt3kx / CVE-2022-22965
  Spring Framework RCE (CVE-2022-22965) Nmap (NSE) Checker (Non-Intrusive)
  ☆102Updated 2 years ago
• PortSwigger / oauth-scan
  Burp Suite Extension useful to verify OAUTHv2 and OpenID security
  ☆183Updated last year
• TROUBLE-1 / Cloud-Pentesting
  This repository is in progress, it will keep updating as I come across to new learning materials. Feel free to contribute.
  ☆223Updated 2 years ago