log4j-scan-turbo
webrecon
log4j-scan-turbo | webrecon | |
---|---|---|
2 | 1 | |
27 | 49 | |
- | - | |
1.8 | 1.8 | |
over 2 years ago | over 2 years ago | |
Shell | Shell | |
- | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
log4j-scan-turbo
- Example exploits for MacOS Endpoint Protection assessment
-
Meet log4j-scan-turbo
Sick of slow log4shell scanners? Meet log4j-scan-turbo! This multithreaded pure bash scanner uses curl + nohup to achieve 48 parallel threads while testing all jndi protocols, 84 headers, and the HTTP GET/POST methods. I recently finished building this script and it was able to scan 600 FQDNs/IPs in under an hour. Enjoy! https://github.com/ssstonebraker/log4j-scan-turbo
webrecon
What are some alternatives?
jailbox - Torify the system with multiple tor exit nodes and load balance.
reconness - ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
L4sh - Log4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.
Beginner-Bug-Bounty-Automation - Many script that can be modified according to your needs for Information Gathering and Asset discovery in Bug Bounty Hunting (Pull requests are welcome!)
Log4j-RCE-Scanner - Remote command execution vulnerability scanner for Log4j.
WhatWeb - Next generation web scanner
log4jshield - Log4j Shield - fast ⚡, scalable and easy to use Log4j vulnerability CVE-2021-44228 finder and patcher
scilla - Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
how-to-check-patch-secure-log4j-CVE-2021-44228 - A one-stop repo/ information hub for all log4j vulnerability-related information.
ActiveDirectoryAttackTool - ADAT is a small tool used to assist CTF players and Penetration testers with easy commands to run against an Active Directory Domain Controller. This tool is is best utilized using a set of known credentials against the host.
Penetration-Testing-Helper-Scripts - Some scripts to improve the Quality of Life for a penetration tester when working
GooFuzz - GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).