log4j-scan-turbo
log4jshield
log4j-scan-turbo | log4jshield | |
---|---|---|
2 | 2 | |
27 | 14 | |
- | - | |
1.8 | 0.0 | |
over 2 years ago | over 2 years ago | |
Shell | Shell | |
- | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
log4j-scan-turbo
- Example exploits for MacOS Endpoint Protection assessment
-
Meet log4j-scan-turbo
Sick of slow log4shell scanners? Meet log4j-scan-turbo! This multithreaded pure bash scanner uses curl + nohup to achieve 48 parallel threads while testing all jndi protocols, 84 headers, and the HTTP GET/POST methods. I recently finished building this script and it was able to scan 600 FQDNs/IPs in under an hour. Enjoy! https://github.com/ssstonebraker/log4j-scan-turbo
log4jshield
What are some alternatives?
jailbox - Torify the system with multiple tor exit nodes and load balance.
log4j-detector - A public open sourced tool. Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too! TAG_OS_TOOL, OWNER_KELLY, DC_PUBLIC
L4sh - Log4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.
Log4j-RCE-Scanner - Remote command execution vulnerability scanner for Log4j.
log4shell_ioc_ips - log4j / log4shell IoCs from multiple sources put together in one big file (IPs) more coming soon (CVE-2021-44228)
how-to-check-patch-secure-log4j-CVE-2021-44228 - A one-stop repo/ information hub for all log4j vulnerability-related information.
webrecon - Automated Web Recon Shell Scripts
Penetration-Testing-Helper-Scripts - Some scripts to improve the Quality of Life for a penetration tester when working
airgeddon - This is a multi-use bash script for Linux systems to audit wireless networks.
Sudomy - Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
checksum.sh - Verify every install script. Checksum.sh is a simple way to download, review, and verify install scripts.