Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URLs with multithreading
☆195Dec 13, 2021Updated 4 years ago
Alternatives and similar repositories for log4j-detect
Users that are interested in log4j-detect are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆16Dec 15, 2021Updated 4 years ago
- This script implements the Proof of Concept attack from the Checkpoint research "NTLM Credentials Theft via PDF Files"☆29May 1, 2018Updated 8 years ago
- An evil RMI server that can launch an arbitrary command. May be useful for CVE-2021-44228☆12Dec 12, 2021Updated 4 years ago
- IP Lookups for Open Ports and Vulnerabilities from internetdb.shodan.io☆131Mar 10, 2022Updated 4 years ago
- This is GitHub_Dorks and some tips i collect from different resources.Recon_Api is tip when you find token or api without knowing what to…☆21Sep 15, 2021Updated 4 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- AD Enum is a pentesting tool that allows to find misconfiguration through the the protocol LDAP and exploit some of those weaknesses with…☆310Jul 4, 2023Updated 2 years ago
- Burpsuite Extension for Jsmon☆24Apr 6, 2026Updated last month
- This repository presents a proof-of-concept of CVE-2024-23897☆17Apr 16, 2024Updated 2 years ago
- A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228☆3,431Nov 23, 2022Updated 3 years ago
- ☆44Apr 30, 2021Updated 5 years ago
- Log4j jndi injection fuzz tool☆70Dec 24, 2021Updated 4 years ago
- ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.☆708Oct 9, 2023Updated 2 years ago
- A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.☆183Nov 22, 2021Updated 4 years ago
- X-Platform bind shell in TypeScript!☆30Jul 11, 2025Updated 10 months ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects☆972Dec 8, 2021Updated 4 years ago
- A script that checks for vulnerable Log4j (CVE-2021-44228) systems using injection of the payload in common HTTP headers.☆126Dec 14, 2021Updated 4 years ago
- ☆11Mar 7, 2021Updated 5 years ago
- Simple tool to gather domains from crt.sh using the organization name☆102Dec 16, 2021Updated 4 years ago
- S3 Recon tips and tricks collected from different resources,Sorry if i missed to mention all resources owners☆27Nov 13, 2021Updated 4 years ago
- Check AWS S3 instances for read/write/delete access☆121Feb 8, 2022Updated 4 years ago
- Burp Suite plugin to copy regex matches from selected requests and/or responses to the clipboard.☆34Feb 12, 2022Updated 4 years ago
- 0x0p1n3r is set of combination of other tools and one line scripts to find subdomains easily and to check subdomain takeover☆57Dec 15, 2020Updated 5 years ago
- ☆754Jun 26, 2024Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Dangerously fast DNS/network/port scanner☆925Mar 18, 2022Updated 4 years ago
- Detector for Log4Shell exploitation attempts☆727Feb 12, 2022Updated 4 years ago
- XSS Finder Via SSTI☆57Sep 14, 2023Updated 2 years ago
- Wraps projectdiscovery's cdncheck library to exclude CDN hosts from input passed over stdin☆45Mar 13, 2023Updated 3 years ago
- QUESTER is a Web Pentesting & Bug Bounty Recon tool which queries URLs / Subdomains from the given list of URLs or subdomains.☆15Aug 2, 2021Updated 4 years ago
- BugBounty , sort and delete duplicates param value without missing original value☆22Jul 31, 2021Updated 4 years ago
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …☆49Apr 25, 2022Updated 4 years ago
- Simple recon using multiple tools!☆165Jan 10, 2022Updated 4 years ago
- Simple command shell collections☆35Mar 7, 2021Updated 5 years ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- ☆121Sep 13, 2023Updated 2 years ago
- Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user☆1,057Jul 10, 2022Updated 3 years ago
- bypass-url-parser☆1,130May 16, 2026Updated last week
- GH-Takeover — GitHub Pages Sub-domain Takeover Automation!☆28Apr 17, 2021Updated 5 years ago
- win32k LPE☆463Jan 27, 2022Updated 4 years ago
- Most of the Google Acquisitions for Bug Bounty Hunter.☆66Sep 3, 2022Updated 3 years ago
- I will share my bug bounty tips here☆32Mar 6, 2023Updated 3 years ago