Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URLs with multithreading
☆195Dec 13, 2021Updated 4 years ago
Alternatives and similar repositories for log4j-detect
Users that are interested in log4j-detect are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆16Dec 15, 2021Updated 4 years ago
- This script implements the Proof of Concept attack from the Checkpoint research "NTLM Credentials Theft via PDF Files"☆29May 1, 2018Updated 7 years ago
- An evil RMI server that can launch an arbitrary command. May be useful for CVE-2021-44228☆12Dec 12, 2021Updated 4 years ago
- IP Lookups for Open Ports and Vulnerabilities from internetdb.shodan.io☆131Mar 10, 2022Updated 4 years ago
- This is GitHub_Dorks and some tips i collect from different resources.Recon_Api is tip when you find token or api without knowing what to…☆21Sep 15, 2021Updated 4 years ago
- This repository presents a proof-of-concept of CVE-2024-23897☆16Apr 16, 2024Updated last year
- AD Enum is a pentesting tool that allows to find misconfiguration through the the protocol LDAP and exploit some of those weaknesses with…☆309Jul 4, 2023Updated 2 years ago
- Burpsuite Extension for Jsmon☆23Feb 5, 2026Updated last month
- A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228☆3,434Nov 23, 2022Updated 3 years ago
- ☆44Apr 30, 2021Updated 4 years ago
- Log4j jndi injection fuzz tool☆70Dec 24, 2021Updated 4 years ago
- A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.☆184Nov 22, 2021Updated 4 years ago
- ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.☆709Oct 9, 2023Updated 2 years ago
- X-Platform bind shell in TypeScript!☆29Jul 11, 2025Updated 8 months ago
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects☆972Dec 8, 2021Updated 4 years ago
- A script that checks for vulnerable Log4j (CVE-2021-44228) systems using injection of the payload in common HTTP headers.☆126Dec 14, 2021Updated 4 years ago
- ☆11Mar 7, 2021Updated 5 years ago
- Simple tool to gather domains from crt.sh using the organization name☆102Dec 16, 2021Updated 4 years ago
- S3 Recon tips and tricks collected from different resources,Sorry if i missed to mention all resources owners☆27Nov 13, 2021Updated 4 years ago
- Check AWS S3 instances for read/write/delete access☆121Feb 8, 2022Updated 4 years ago
- Burp Suite plugin to copy regex matches from selected requests and/or responses to the clipboard.☆34Feb 12, 2022Updated 4 years ago
- ☆755Jun 26, 2024Updated last year
- 0x0p1n3r is set of combination of other tools and one line scripts to find subdomains easily and to check subdomain takeover☆57Dec 15, 2020Updated 5 years ago
- Dangerously fast DNS/network/port scanner☆923Mar 18, 2022Updated 4 years ago
- Detector for Log4Shell exploitation attempts☆725Feb 12, 2022Updated 4 years ago
- XSS Finder Via SSTI☆56Sep 14, 2023Updated 2 years ago
- Wraps projectdiscovery's cdncheck library to exclude CDN hosts from input passed over stdin☆45Mar 13, 2023Updated 3 years ago
- QUESTER is a Web Pentesting & Bug Bounty Recon tool which queries URLs / Subdomains from the given list of URLs or subdomains.☆15Aug 2, 2021Updated 4 years ago
- BugBounty , sort and delete duplicates param value without missing original value☆22Jul 31, 2021Updated 4 years ago
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …☆49Apr 25, 2022Updated 3 years ago
- Simple recon using multiple tools!☆165Jan 10, 2022Updated 4 years ago
- Simple command shell collections☆35Mar 7, 2021Updated 5 years ago
- ☆121Sep 13, 2023Updated 2 years ago
- Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user☆1,043Jul 10, 2022Updated 3 years ago
- bypass-url-parser☆1,118Mar 14, 2026Updated last week
- GH-Takeover — GitHub Pages Sub-domain Takeover Automation!☆28Apr 17, 2021Updated 4 years ago
- win32k LPE☆464Jan 27, 2022Updated 4 years ago
- Most of the Google Acquisitions for Bug Bounty Hunter.☆64Sep 3, 2022Updated 3 years ago
- Spring4Shell Proof Of Concept/And vulnerable application CVE-2022-22965☆374Nov 9, 2022Updated 3 years ago