An Awesome List of Log4Shell resources to help you stay informed and secure! π
β230Aug 25, 2022Updated 3 years ago
Alternatives and similar repositories for awesome-log4shell
Users that are interested in awesome-log4shell are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- An automated, reliable scanner for the Log4Shell (CVE-2021-44228) vulnerability.β46Jan 22, 2025Updated last year
- This bash script tool, will perform advanced subdomain enumeration, save the results, it will then probe the subdomains into urls, save tβ¦β27Sep 6, 2024Updated last year
- Oracle WebLogic Server 12.1.3.0.0 / 12.2.1.3.0 / 12.2.1.4.0 / 14.1.1.0.0 Local File Inclusionβ27Jan 25, 2022Updated 4 years ago
- Operational information regarding the log4shell vulnerabilities in the Log4j logging library.β1,886Jun 15, 2022Updated 3 years ago
- A collection of intelligence about Log4Shell and its exploitation activity.β184Mar 4, 2022Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer β’ AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Log4Shell scanner for Burp Suiteβ486Sep 24, 2023Updated 2 years ago
- gup aka Get All Urls parameters to create wordlists for brute forcing parameters.β18Dec 4, 2021Updated 4 years ago
- Recon scripts for bug huntingβ10Nov 19, 2021Updated 4 years ago
- Enumerate AWS permissions and resources.β71Jun 23, 2022Updated 3 years ago
- Compiles a list of major CDN and WAF subnets.β67Updated this week
- Misc stuff from internetβ12Apr 13, 2026Updated 2 weeks ago
- Looking for JAR files that are vulnerable to Log4j RCE (CVEβ2021β44228)?β45Mar 2, 2022Updated 4 years ago
- π±βπ» βοΈ π€¬ CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricksβ951Jan 15, 2022Updated 4 years ago
- Generate a dynamic PAC script that will route traffic to your Burp proxy only if it matches the scope defined in your Burp target.β33Nov 8, 2021Updated 4 years ago
- 1-Click AI Models by DigitalOcean Gradient β’ AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- β12Dec 26, 2021Updated 4 years ago
- π Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.β427Apr 8, 2026Updated 3 weeks ago
- JNDI-Exploitation-KitοΌA modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP Sβ¦β939Sep 2, 2025Updated 8 months ago
- Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228).β1,142Apr 26, 2024Updated 2 years ago
- Log4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.β256Dec 21, 2021Updated 4 years ago
- React Suspended is an educational frontend application riddled with security vulnerabilitiesβ10Jan 29, 2024Updated 2 years ago
- Kudzu is a Go C2 platform with an emphasis on extensibility.β11Mar 30, 2021Updated 5 years ago
- β11Jul 27, 2023Updated 2 years ago
- A script that checks for vulnerable Log4j (CVE-2021-44228) systems using injection of the payload in common HTTP headers.β126Dec 14, 2021Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer β’ AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- [ProxyLogon] CVE-2021-26855 & CVE-2021-27065 Fixed RawIdentity Bug Exploit. [ProxyOracle] CVE-2021-31195 & CVE-2021-31196 Exploit Chains.β¦β177Oct 21, 2022Updated 3 years ago
- Public testing data. Samples of log4j library versions to help log4j scanners / detectors improve their accuracy for detecting CVE-2021-β¦β14Dec 30, 2021Updated 4 years ago
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raiderβ139Sep 14, 2021Updated 4 years ago
- A step by step workshop to exploit various vulnerabilities in Node.js and Java applicationsβ156Mar 17, 2024Updated 2 years ago
- python3 scripts to help with aws triage needsβ15Feb 11, 2022Updated 4 years ago
- η¨δΊWebLogic pocεexpζ΅θ―ηεΊη‘θζ¬οΌεη»ε°ιζεηζ¬pocεΊβ95Nov 4, 2020Updated 5 years ago
- This is a Burp Suite extension that allows users to easily add web addresses to the Burp Suite scope.β96Jan 2, 2025Updated last year
- Repository containing a set of policies for aws resources created with terraformβ12Sep 16, 2019Updated 6 years ago
- β74Jan 5, 2022Updated 4 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer β’ AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A fully automated, reliable, super-fast, scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.β397Dec 11, 2024Updated last year
- Burp Suite plugin to copy regex matches from selected requests and/or responses to the clipboard.β34Feb 12, 2022Updated 4 years ago
- Exploitation Tool for CVE-2017-3066 targeting Adobe Coldfusion 11/12β96Oct 18, 2022Updated 3 years ago
- A collection of tools for hackers, pentesters & security researchers.β18Mar 22, 2022Updated 4 years ago
- Fetch the details of assets hosted on AWS.β88Dec 4, 2023Updated 2 years ago
- Make it easy to probe the strengths and weaknesses of a hardened Node.js stackβ21May 3, 2019Updated 6 years ago
- GraphQL security auditing script with a focus on performing batch GraphQL queries and mutationsβ411Dec 24, 2022Updated 3 years ago