cve
CVE-2021-44228-PoC-log4j-bypass-words
cve | CVE-2021-44228-PoC-log4j-bypass-words | |
---|---|---|
13 | 8 | |
6,062 | 924 | |
1.3% | - | |
9.7 | 0.0 | |
7 days ago | over 2 years ago | |
HTML | Java | |
MIT License | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
cve
-
Strange subdomain found during nmap scan
Did you try using https://trickest.com?
- A folosit cineva până acum Trickest?
- CVE POCs
- windows exploit dev ctfs
- Asking for Advice - How can we find Linux N-days to develop exploits for?
-
[Help] I'm looking for a downloadable list of all CVEs including vulnerability
Anyhow, these project might help: - https://cve-search.github.io/cve-search/ - https://github.com/trickest/cve/ - https://github.com/ChrisIvie/offline-cve - https://avleonov.com/2017/10/03/downloading-and-analyzing-nvd-cve-feed/ - opencve.io
- Awesome Hacker Search Engines
-
PoC available for CVE's
https://github.com/trickest/cve this repo might have what you want
- A constantly updated collection of almost every publicly available CVE PoC
CVE-2021-44228-PoC-log4j-bypass-words
-
Log4Shell Update: Severity Upgraded 3.7 -> 9.0 for Second log4j Vulnerability (CVE-2021-45046) | LunaSec - v2.15 of Log4j has an RCE
WAF is also playing whackamole given all the ways to bypass simple rules
-
A Blog about detection of Log4Shell
More specifically this section https://github.com/Puliczek/CVE-2021-44228-PoC-log4j-bypass-words
- 🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - A trick to bypass words blocking patches
- JNDI Log4j exploit bypass word filters
- LOG4J bypass words
What are some alternatives?
CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera - 🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337
PayloadsAllTheThings - A list of useful payloads and bypass for Web Application Security and Pentest/CTF
nuclei-templates - Community curated list of templates for the nuclei engine to find security vulnerabilities.
black-hat-rust - Applied offensive security with Rust - https://kerkour.com/black-hat-rust
CVE-2021-4034 - PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)
cervantes - Cervantes is an open-source, collaborative platform designed specifically for pentesters and red teams. It serves as a comprehensive management tool, streamlining the organization of projects, clients, vulnerabilities, and reports in a single, centralized location.
log4j-log4shell-affected - Lists of affected components and affected apps/vendors by CVE-2021-44228 (aka Log4shell or Log4j RCE). This list is meant as a resource for security responders to be able to find and address the vulnerability
A-Red-Teamer-diaries - RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
LAZYPARIAH - A tool for generating reverse shell payloads on the fly.
unikernels - State of the art for unikernels
log4j-shell-poc - A Proof-Of-Concept for the CVE-2021-44228 vulnerability.