py4jshell
EJS-Exploit
py4jshell | EJS-Exploit | |
---|---|---|
3 | 1 | |
86 | 11 | |
- | - | |
2.6 | 0.0 | |
over 2 years ago | over 2 years ago | |
Python | Python | |
GNU General Public License v3.0 or later | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
py4jshell
- GitHub - Narasimha1997/py4jshell: Simulating Log4j Remote Code Execution (RCE) vulnerability in a flask web server using python's logging library with custom formatter that simulates lookup substitution by executing remote exploit code.
-
py4jshell
Simulating Log4j Remote Code Execution (RCE) CVE-2021-44228 vulnerability in a flask web server using python's logging library with custom formatter that simulates lookup substitution on URLs. This repository is a POC of how Log4j remote code execution vulnerability works. Link to repository
EJS-Exploit
-
Simple Remote Code Execution on EJS Web Applications with express-fileupload
TLDR with no explaination
What are some alternatives?
L4sh - Log4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.
express-fileupload - Simple express file upload middleware that wraps around busboy
log4j-shell-poc - A Proof-Of-Concept for the CVE-2021-44228 vulnerability.
Egyscan - Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against malicious threats. Let's delve into the tasks and functions that make Egyscan an indispensable tool in your security arsenal:
SQLMap - Automatic SQL injection and database takeover tool
CVE-2022-26134 - CVE-2022-26134 - Atlassian Confluence unauthenticated OGNL injection vulnerability (RCE).
PayloadsAllTheThings - A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Youtube-Downloader - Download video and audio from YouTube links.