Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URLs with multithreading
☆195Dec 13, 2021Updated 4 years ago
Alternatives and similar repositories for log4j-detect
Users that are interested in log4j-detect are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆16Dec 15, 2021Updated 4 years ago
- This script implements the Proof of Concept attack from the Checkpoint research "NTLM Credentials Theft via PDF Files"☆29May 1, 2018Updated 8 years ago
- An evil RMI server that can launch an arbitrary command. May be useful for CVE-2021-44228☆12Dec 12, 2021Updated 4 years ago
- IP Lookups for Open Ports and Vulnerabilities from internetdb.shodan.io☆130Mar 10, 2022Updated 4 years ago
- This is GitHub_Dorks and some tips i collect from different resources.Recon_Api is tip when you find token or api without knowing what to…☆21Sep 15, 2021Updated 4 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- AD Enum is a pentesting tool that allows to find misconfiguration through the the protocol LDAP and exploit some of those weaknesses with…☆312Jul 4, 2023Updated 3 years ago
- Burpsuite Extension for Jsmon☆25Jun 26, 2026Updated last week
- This repository presents a proof-of-concept of CVE-2024-23897☆17Apr 16, 2024Updated 2 years ago
- A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228☆3,426Nov 23, 2022Updated 3 years ago
- ☆44Apr 30, 2021Updated 5 years ago
- Log4j jndi injection fuzz tool☆70Dec 24, 2021Updated 4 years ago
- ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.☆712Oct 9, 2023Updated 2 years ago
- A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.☆184Nov 22, 2021Updated 4 years ago
- X-Platform bind shell in TypeScript!☆30Jul 11, 2025Updated 11 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects☆969Dec 8, 2021Updated 4 years ago
- A script that checks for vulnerable Log4j (CVE-2021-44228) systems using injection of the payload in common HTTP headers.☆126Dec 14, 2021Updated 4 years ago
- ☆11Mar 7, 2021Updated 5 years ago
- Simple tool to gather domains from crt.sh using the organization name☆102Dec 16, 2021Updated 4 years ago
- S3 Recon tips and tricks collected from different resources,Sorry if i missed to mention all resources owners☆28Nov 13, 2021Updated 4 years ago
- Check AWS S3 instances for read/write/delete access☆122Feb 8, 2022Updated 4 years ago
- Burp Suite plugin to copy regex matches from selected requests and/or responses to the clipboard.☆35Feb 12, 2022Updated 4 years ago
- 0x0p1n3r is set of combination of other tools and one line scripts to find subdomains easily and to check subdomain takeover☆57Dec 15, 2020Updated 5 years ago
- ☆753Jun 26, 2024Updated 2 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Dangerously fast DNS/network/port scanner☆924Mar 18, 2022Updated 4 years ago
- Detector for Log4Shell exploitation attempts☆725Feb 12, 2022Updated 4 years ago
- XSS Finder Via SSTI☆59Sep 14, 2023Updated 2 years ago
- Wraps projectdiscovery's cdncheck library to exclude CDN hosts from input passed over stdin☆45Mar 13, 2023Updated 3 years ago
- QUESTER is a Web Pentesting & Bug Bounty Recon tool which queries URLs / Subdomains from the given list of URLs or subdomains.☆15Aug 2, 2021Updated 4 years ago
- BugBounty , sort and delete duplicates param value without missing original value☆22Jul 31, 2021Updated 4 years ago
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …☆49Apr 25, 2022Updated 4 years ago
- Simple recon using multiple tools!☆165Jan 10, 2022Updated 4 years ago
- Simple command shell collections☆35Mar 7, 2021Updated 5 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- ☆121Sep 13, 2023Updated 2 years ago
- Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user☆1,058Jul 10, 2022Updated 3 years ago
- bypass-url-parser☆1,134Jun 20, 2026Updated 2 weeks ago
- GH-Takeover — GitHub Pages Sub-domain Takeover Automation!☆29Apr 17, 2021Updated 5 years ago
- win32k LPE☆462Jan 27, 2022Updated 4 years ago
- Most of the Google Acquisitions for Bug Bounty Hunter.☆66Sep 3, 2022Updated 3 years ago
- Spring4Shell Proof Of Concept/And vulnerable application CVE-2022-22965☆377Nov 9, 2022Updated 3 years ago