Log4j-scanner tools - Support for multiple scan method

Last update: Sep 7, 2022

Comments: 0

Log4j-scanner

URL mode (fuzzing url with header, payload)

go run . url -h

Usage of url:
-hf string
        path to list header file
  -hn string
        your hostname to connect to (dnslog.cn/burp collabarator...)
  -pl string
        path to list payload file
  -ur string
        path to list url file
Example: go run . url -hf headers.txt -pl payloads.txt -ur urls.txt -hn xxx.burpcollaborator.net

Internal mode (scan Log4j inside your server)

go run . internal -h

Usage of internal:
  -include-zi
        include zip files in the scan
  -mode string
        the output mode, either 'report' (every java archive pretty printed) or 'list' (list of potentially vulnerable files) (default 'report')
  -online
        go with server opton
  -server string
        server to listen result return
Example1: go run . internal C:\ -server 127.0.0.1 -online //if need send to server,run in parallel with the server
Example2: go run . internal C:\ //not send to server
Example3: go run . internal \ //not send to server

External mode(listen to the client's results

go run . external -h

Usage of external:
  -port string
        port to listen result from client (default "8080")
Example: go run . external -port 4444

Gbu-scanner - Go Blog Updates (Scanner service)

Go Blog Updates - Scanner This service scans go blog (go.dev) and publishes new posts to message broker (rabbitmq). It uses mongodb as a storage for a

Jan 10, 2022

GONET-Scanner - Golang network scanner with arp discovery and own parser

GO/NET Scanner ScreenShots Install chmod +x install.sh ./install.sh [as root] U

Dec 11, 2022

A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests

Naabu is a port scanning tool written in Go that allows you to enumerate valid ports for hosts in a fast and reliable manner. It is a really simple to

Dec 31, 2022

Network scanner for Netbox IPAM with VRF support

Installation git clone https://github.com/axxyhtrx/netbox-rollcall.git cd netbox-rollcall Pre-requirements Create config.yaml file in a root of the pr

Sep 21, 2022

A probably paranoid Golang utility library for securely hashing and encrypting passwords based on the Dropbox method. This implementation uses Blake2b, Scrypt and XSalsa20-Poly1305 (via NaCl SecretBox) to create secure password hashes that are also encrypted using a master passphrase.

goSecretBoxPassword This is a Golang library for securing passwords it is based on the Dropbox method for password storage. The both passphrases are f

Jan 3, 2023

Scans and catches callbacks of systems that are impacted by Log4J Log4Shell vulnerability across specific headers.

Log4ShellScanner Scans and catches callbacks of systems that are impacted by Log4J Log4Shell vulnerability across specific headers. Very Beta Warning!

Jun 17, 2022

Tool to check whether one of your applications is affected by a vulnerability in log4j: CVE-2021-44228

log4shell.tools log4shell.tools is a tool allows you to run a test to check whether one of your applications is affected by a vulnerability in log4j:

Nov 2, 2022

Utility to safely fetch Java class files being served by LDAP servers. Includes deobfuscator for common Log4J URL obfuscation techniques

ldap-get Utility to safely fetch Java class files being served by LDAP servers,

Nov 9, 2022

Hotdog is a set of OCI hooks used to inject the Log4j Hot Patch into containers.

Hotdog Hotdog is a set of OCI hooks used to inject the Log4j Hot Patch into containers. How it works When runc sets up the container, it invokes hotdo

Nov 12, 2022

Log4j-scanner tools - Support for multiple scan method

Log4j-scanner

URL mode (fuzzing url with header, payload)

go run . url -h

Internal mode (scan Log4j inside your server)

go run . internal -h

External mode(listen to the client's results

go run . external -h

Owner

BREAK TEAM - Hacking Team

Similar Resources

Gbu-scanner - Go Blog Updates (Scanner service)

GONET-Scanner - Golang network scanner with arp discovery and own parser

A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests

Network scanner for Netbox IPAM with VRF support

A probably paranoid Golang utility library for securely hashing and encrypting passwords based on the Dropbox method. This implementation uses Blake2b, Scrypt and XSalsa20-Poly1305 (via NaCl SecretBox) to create secure password hashes that are also encrypted using a master passphrase.

Scans and catches callbacks of systems that are impacted by Log4J Log4Shell vulnerability across specific headers.

Tool to check whether one of your applications is affected by a vulnerability in log4j: CVE-2021-44228

Utility to safely fetch Java class files being served by LDAP servers. Includes deobfuscator for common Log4J URL obfuscation techniques

Hotdog is a set of OCI hooks used to inject the Log4j Hot Patch into containers.

Related tags

Scan all AWS EC2 instances in a region for potentially vulnerable log4j versions

Auto scan log4j bug with excel of server list

Simple local scanner for vulnerable log4j instances

Divd 2021 00038 log4j scanner

Log4j 2 (CVE-2021-44228) vulnerability scanner for Windows OS

Scanner to send specially crafted requests and catch callbacks of systems that are impacted by Log4J Log4Shell vulnerability (CVE-2021-44228)

Just simple log4j scanner With Golang

Yet another log4j vulnerability scanner

A Smart Log4Shell/Log4j/CVE-2021-44228 Scanner

Carbon Black Harbor Adapter is a scanner to scan images in Harbor Registry with the help of Carbon Black Cloud.