ssstonebraker / log4j-scan-turbo
Multithreaded log4j vulnerability scanner using only bash! Tests all JNDI protocols, HTTP GET/POST, and 84 headers.
☆27Updated 2 years ago
Related projects: ⓘ
- Find and notify users in your Active Directory with weak passwords☆101Updated 3 years ago
- Teamsniper is a tool for fetching keywords in a Microsoft Teams such as (passwords, emails, database, etc.).☆185Updated 2 years ago
- Network penetration testing toolset wrapper☆82Updated 2 years ago
- Password Hunter in Active Directory☆193Updated last year
- Canary Hunter aims to be a quick PowerShell script to check for Common Canaries in various formats generated for free on canarytokens.org☆100Updated last year
- ☆121Updated last year
- Script to install prerequisites for deploying GOAD on Ubuntu Linux 22.04☆105Updated 3 months ago
- ☆157Updated 10 months ago
- Lookup for interesting stuff in SMB shares☆147Updated last year
- LDAP enumeration tool implemented in Python3☆216Updated 2 weeks ago
- Hashes for vulnerable LOG4J versions☆154Updated 2 years ago
- This could have been a bash one-liner but guess what. It's a small Go tool that lists the trending CVEs from cvetrends.com☆105Updated 2 years ago
- ☆34Updated 2 years ago
- MayorSec DNS Enumeration Tool☆74Updated last year
- Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228☆147Updated 2 years ago
- ☆34Updated last year
- You and the AppleLabs' Incident Response Team have been notified of a potential breach to a Human Resources' workstation. According to th…☆74Updated 2 years ago
- Audit tool for Active Directory. Automates a lot of checks from a pentester perspective.☆155Updated 4 months ago
- Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The…☆338Updated 2 years ago
- ☆99Updated 3 years ago
- Mindmaps allow to organize and understand information faster and better.☆2Updated 2 years ago
- SMBScan is a tool to enumerate file shares on an internal network.☆33Updated this week
- smbcrawler is no-nonsense tool that takes credentials and a list of hosts and 'crawls' (or 'spiders') through those shares☆142Updated last week
- CLI & library to search for default credentials among thousands of Products / Vendors☆34Updated last week
- msImpersonate - User account impersonation written in pure Python3☆106Updated 2 years ago
- A list of awesome penetration testing tools and resources.☆76Updated 11 months ago
- A collection of red blue team staff☆45Updated last year
- LOLAPPS is a compendium of applications that can be used to carry out day-to-day exploitation.☆125Updated 8 months ago
- A collection of useful commands, scripts and resources for the OSWA (WEB-200) exam of Offensive Security☆80Updated last year
- A Azure Exploitation Toolkit for Red Team & Pentesters☆146Updated last year