log4j-scan-turbo
Penetration-Testing-Helper-Scripts
log4j-scan-turbo | Penetration-Testing-Helper-Scripts | |
---|---|---|
2 | 1 | |
27 | 3 | |
- | - | |
1.8 | 10.0 | |
over 2 years ago | over 1 year ago | |
Shell | Shell | |
- | The Unlicense |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
log4j-scan-turbo
- Example exploits for MacOS Endpoint Protection assessment
-
Meet log4j-scan-turbo
Sick of slow log4shell scanners? Meet log4j-scan-turbo! This multithreaded pure bash scanner uses curl + nohup to achieve 48 parallel threads while testing all jndi protocols, 84 headers, and the HTTP GET/POST methods. I recently finished building this script and it was able to scan 600 FQDNs/IPs in under an hour. Enjoy! https://github.com/ssstonebraker/log4j-scan-turbo
Penetration-Testing-Helper-Scripts
-
which is your reverse shell generator of choice?
For the OSCP exam I used some of the bash scripts from this repository. The one for reverse shells would automatically fetch the vpn IP address and add it to the reverse shell commands, which saved time during the exam
What are some alternatives?
jailbox - Torify the system with multiple tor exit nodes and load balance.
revshellgen - Simple script to generate commands to achieve reverse shells.
L4sh - Log4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.
Reverse_Shell_Generator - Bash script to generate reverse shell payloads
Log4j-RCE-Scanner - Remote command execution vulnerability scanner for Log4j.
Chimera - Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.
log4jshield - Log4j Shield - fast ⚡, scalable and easy to use Log4j vulnerability CVE-2021-44228 finder and patcher
shells - Script for generating revshells
how-to-check-patch-secure-log4j-CVE-2021-44228 - A one-stop repo/ information hub for all log4j vulnerability-related information.
Sudomy - Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
webrecon - Automated Web Recon Shell Scripts
pwncat - pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)