Apache Log4j 是一个 Java的日志记录库,Log4j 2 较 Log4j 1.x 有较大改进。
A port of log4js to node.js
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
翻译 - 一种全自动、准确且广泛的扫描器,用于查找 log4j RCE CVE-2021-44228
A Proof-Of-Concept for the CVE-2021-44228 vulnerability.
翻译 - 最近发现的 CVE-2021-44228 漏洞的概念证明。
log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.
翻译 - log4j-scanner 是 CISA 从开源社区的其他成员派生的一个项目,旨在帮助组织识别受 log4j 漏洞影响的潜在易受攻击的 Web 服务。
A community sourced list of log4j-affected software
翻译 - 社区来源的受 log4j 影响的软件列表
log4j 漏洞扫描工具,可扫描指定文件夹也可作为Go包导入分析Jar文件
log4jdbc is a Java JDBC driver that can log SQL and/or JDBC calls (and optionally SQL timing information) for other JDBC drivers using the Simple Logging Facade For Java (SLF4J) logging system.
Remote Code Injection In Log4j
Log4j for nuclei
翻译 - 核的 Log4j
Log4j jndi injects the Payload generator
翻译 - Log4j jndi 注入 Payload 生成器
Apache Log4j 远程代码执行
Log4j Vulnerability Scanner for Windows
翻译 - 适用于 Windows 的 Log4j 漏洞扫描程序
Hashes for vulnerable LOG4J versions
Simple local scanner for vulnerable log4j instances
翻译 - 易受攻击的 log4j 实例的简单本地扫描器
Remote command execution vulnerability scanner for Log4j.
翻译 - Log4j 的远程命令执行漏洞扫描器。
A Log4j PoC written in PowerShell
翻译 - 用 PowerShell 编写的 Log4j PoC
log4j漏洞靶场docker-compose
Operational information regarding the log4shell vulnerabilities in the Log4j logging library.
翻译 - 有关 Log4j 日志库中漏洞的操作信息。
apache log4j poc—— base Maven
翻译 - apache log4j poc——基础Maven
Tools for investigating Log4j CVE-2021-44228
翻译 - 用于调查 Log4j CVE-2021-44228 的工具
Apache-Log4j漏洞复现笔记
Apache Log4cxx is a C++ port of Apache Log4j