Skip to content
/ PY-Log4j-RCE-Scanner Public

Using this tool, you can scan for remote command execution vulnerability CVE-2021-44228 on Apache Log4j at multiple addresses.

4 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

MrHarshvardhan/PY-Log4j-RCE-Scanner

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
Log4j-RCE-Scanner.py
Log4j-RCE-Scanner.py
 
 
README.md
README.md
 
 

Repository files navigation

Log4j RCE Scanner

Using this tool, you can scan for remote command execution vulnerability CVE-2021-44228 on Apache Log4j at multiple addresses.

python logo

Features:

It can scan according to the url list you provide.
It can scan all of them by finding the subdomains of the domain name you give.
It adds the source domain as a prefix to determine from which source the incoming dns queries are coming from.

Requirements

httpx
curl

If you want to scan with a domain name, you must additionally install subfinder, assetfinder and amass.

-h, --help - Display help
-l, --url-list - List of domain/subdomain/ip to be used for scanning.
-d, --domain - The domain name to which all subdomains and itself will be checked.
-b, --burpcollabid - Burp collabrator client id address or interactsh domain address.

Example uses:

./log4j-rce-scanner.py -l subdomains.txt -b 1bd6icqah2823eieuo5wdiw09rfi38rx.oastify.com

./log4j-rce-scanner.py -d evil.com -b 1bd6icqah2823eieuo5wdiw09rfi38rx.oastify.com


Snake animation

About

Using this tool, you can scan for remote command execution vulnerability CVE-2021-44228 on Apache Log4j at multiple addresses.

Resources

Readme
Activity

Stars

4 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages