🐞
Log4Scan
Log4scan
针对header头和fuzz参数的主动批量扫描,用于大批量黑盒检测
先配置ceye信息
self.host = ""
self.token = ""
PassiveLog4Scan
burp suite 被动扫描插件,对每个参数、header头、Cookie做扫描
先配置ceye信息
self.host = ""
self.token = ""
A simple Log4Shell Scan with python
Overview
Web-eyes - OSINT tools for website research
WEB-EYES V1.0 web-eyes: OSINT tools for website research, 14 research methods ar
8 Nov 10, 2022
JS Deobfuscation is a Python script that deobfuscate JS code and it's time saver for you.
JS Deobfuscation is a Python script that deobfuscate JS code and it's time saver for you. Although it may not work with high degrees of obfuscation, it's a pretty nice tool to help you even if it's j
3 May 01, 2022
HatSploit native powerful payload generation and shellcode injection tool that provides support for common platforms and architectures.
HatVenom HatSploit native powerful payload generation and shellcode injection tool that provides support for common platforms and architectures. Featu
100 Dec 23, 2022
A Proof-Of-Concept for the recently found CVE-2021-44228 vulnerability
log4j-shell-poc A Proof-Of-Concept for the recently found CVE-2021-44228 vulnerability. Recently there was a new vulnerability in log4j, a java loggin
1.5k Jan 04, 2023
An automated, reliable scanner for the Log4Shell (CVE-2021-44228) vulnerability.
Log4JHunt An automated, reliable scanner for the Log4Shell CVE-2021-44228 vulnerability. Video demo: Usage Here the help usage: $ python3 log4jhunt.py
39 Nov 21, 2022
2021hvv漏洞汇总
清单 披露时间 涉及商家/产品 漏洞描述 2021/04/08 启明星辰天清汉马USG防火墙存在逻辑缺陷漏洞(历史漏洞) CNVD-2021-17391 启明星辰 天清汉马USG防火墙 逻辑缺陷漏洞 CNVD-2021-12793 2021/04/08 禅道项目管理软件11.6 禅道 11.6 sq
555 Jan 02, 2023
An advanced multi-threaded, multi-client python reverse shell for hacking linux systems
PwnLnX An advanced multi-threaded, multi-client python reverse shell for hacking linux systems. There's still more work to do so feel free to help out
212 Dec 24, 2022
Data Recovery from your broken Android phone
Broken Phone Recovery a guide how to backup data from your locked android phone if you broke your screen (and more) you can skip some steps depending
25 Sep 23, 2022
MayorSec DNS Enumeration Tool
MayorSecDNSScan MSDNSScan is used to identify DNS records for target domains and check for zone transfers. There really isn't much special about it, a
68 Dec 12, 2022
Um script simples de Port Scan + DNS by Hostname
🖥 PortScan-DNS Esta é uma ferramenta simples de Port Scan + DNS by Hostname... 💻 | DNS Resolver / by Hostname: HOST IP EXTERNO IP INTERNO 💻 | Port
7 Dec 08, 2022
Fast subdomain scanner, Takes arguments from a Json file ("args.json") and outputs the subdomains.
Fast subdomain scanner, Takes arguments from a Json file ("args.json") and outputs the subdomains. File Structure core/ colors.py db/ wordlist.txt REA
4 Jul 02, 2022
阿里云accesskey利用工具
aliyun-accesskey-Tools 此工具用于查询ALIYUN_ACCESSKEY的主机,并且远程执行命令。 对于ALIYUN_ACCESSKEY利用方式可参考文章:记一次阿里云主机泄露Access Key到Getshell 工具截图 安装模块 pip install -r require
826 Jan 01, 2023
A simple multi-threaded distributed SSH brute-forcing tool written in Python.
OrbitalDump A simple multi-threaded distributed SSH brute-forcing tool written in Python. How it Works When the script is executed without the --proxi
408 Jan 03, 2023
This is a keylogger in python for Windows, Mac and Linux!
Python-Keylogger This is a keylogger in python for Windows, Mac and Linux! #How to use it by downloading the zip file? Download the zip file first The
2 Nov 12, 2021
Metal Gear Online 2 (MGO2) stage files decryption
Metal Gear Online 2 decryption tool Metal Gear Online 2 (MGO2) has an additional layer of encryption for stage files. I was not able to find info abou
4 Sep 02, 2022
POC for detecting the Log4Shell (Log4J RCE) vulnerability
Interactsh An OOB interaction gathering server and client library Features • Usage • Interactsh Client • Interactsh Server • Interactsh Integration •
2.1k Jan 08, 2023
Mass scan for .git repository and .env file exposure
Mass .Git repository and .Env file Scan by Scarmandef Scanner to find .env file and .git repository exposure on multiple hosts Because of the response
8 Jun 23, 2022
Simples brute forcer de diretorios para web pentest.
🦑 dirbruter Simples brute forcer de diretorios para web pentest. ❕ Atenção Não ataque sites privados. Isto é illegal. 🖥️ Pré-requisitos Ultima versã
6 Jan 22, 2022
Privacy-respecting metasearch engine
Privacy-respecting, hackable metasearch engine / pronunciation səːks. If you are looking for running instances, ready to use, then visit searx.space.
12.4k Jan 08, 2023
Tenssens framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT resources.
Tenssens framework focused on gathering information from free tools or resources. The intention is to help people find free OSINT resources.
31 Oct 21, 2022