Log4j-RCE-Scanner
canarytokens
Log4j-RCE-Scanner | canarytokens | |
---|---|---|
1 | 27 | |
255 | 1,657 | |
- | 1.2% | |
3.8 | 8.5 | |
9 months ago | 7 days ago | |
Shell | Python | |
GNU General Public License v3.0 only | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Log4j-RCE-Scanner
canarytokens
- 1Password detects "suspicious activity" in its internal Okta account
-
#Anonymous - AK - RABBIT MEET HOLE - #TheDEWFiles 3,000+ Docs On Tons Patents Various Tech, Studies, Research by TONs of Scientists on DEWs & Alternative Energy (Includes Aerospace Companies.)
Get a free OS in a VMand open any files in there. You should not trust a random batch of potentially backdoored or canarytoken'ed files
- What screams "I'm insecure"?
-
In your experience, what were some unconventional signs that there's a malware inside your network?
Throw some honeytokens/canarytokens on key systems. Thinkst has a free option where you can drop Word docs, PDF, AWS keys, etc. that will send you an email or webhook if they're ever used. https://canarytokens.org
-
IF you did door knocking, what would you leave behind?
QR code with some pdfs from inside a canarytokens.org folder.
- Increase in LockBit Ransomware
-
Worried someone has (or may gain) access to your UoG account? Try Canarytokens
You can generate Canarytokens for free on their website: https://www.canarytokens.org/generate. They're open-source, so if you're technically-inclined, you can run the software yourself: https://github.com/thinkst/canarytokens. All the documentation is here: https://docs.canarytokens.org/guide/.
- 1 minute Canaries
-
Please help me with internet stalker
I do not think a trap or "phishing link" is a good idea if she are getting serious threats! But it is not too hard, you can generate a few with here and if somebody opens the link you will get an email containing the time and IP address of who opened it: https://canarytokens.org (note that, you can not really do much with these information on your own).
-
Someone sending offensive material to people in our google domain
Good tip, OP could use this for quick setup. https://canarytokens.org
What are some alternatives?
log4jpwn - log4j rce test environment and poc
tailscale - The easiest, most secure way to use WireGuard and 2FA.
LogMePwn - A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.
postman-app-support - Postman is an API platform for building and using APIs. Postman simplifies each step of the API lifecycle and streamlines collaboration so you can create better APIs—faster.
log4j-scan-turbo - Multithreaded log4j vulnerability scanner using only bash! Tests all JNDI protocols, HTTP GET/POST, and 84 headers.
cli - Official Command Line Interface for the IPinfo API (IP geolocation and other types of IP data)
log4j-scan - A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
cli - GitHub’s official command line tool
log4shell-vulnerable-app - Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228).
anvil-runtime - The runtime engine for hosting Anvil web apps
log4j2-rce-poc - A bare minimum proof-of-concept for Log4j2 JNDI RCE vulnerability (CVE-2021-44228/Log4Shell).
hackclub - 🌎 Hack Club is a worldwide community of high school hackers. We make things. We help one another. We have fun.