Operational information regarding the log4shell vulnerabilities in the Log4j logging library.
翻译 - 有关 Log4j 日志库中漏洞的操作信息。
log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.
翻译 - log4j-scanner 是 CISA 从开源社区的其他成员派生的一个项目,旨在帮助组织识别受 log4j 漏洞影响的潜在易受攻击的 Web 服务。
🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
翻译 - 🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java 漏洞利用 - 绕过单词阻塞补丁的技巧
Vulnerability scanner and mitigation patch for Log4j2 CVE-2021-44228
翻译 - Log4j2 CVE-2021-44228 的漏洞扫描器和缓解补丁
A public open sourced tool. Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instan...
翻译 - 在任何应用程序的文件系统上检测易受攻击的 log4j 版本。它甚至能够找到隐藏在几层深处的实例。适用于 Linux、Windows 和 Mac,也适用于 Java 运行的其他任何地方!
Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228, CVE-2021-45046, CVE-2021-45105)
翻译 - 在磁盘和 Java 存档文件中查找易受攻击的 Log4j2 版本(Log4Shell CVE-2021-44228 和 CVE-2021-45046)
Log4j Vulnerability Scanner for Windows
翻译 - 适用于 Windows 的 Log4j 漏洞扫描程序
Tool that runs a test to check whether one of your applications is affected by the recent vulnerabilities in log4j: CVE-2021-44228 and CVE-2021-45046
Log4j jndi injection fuzz tool
Rapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or "that Log4j JNDI exploit" by inspecting the class paths inside files
翻译 - 通过检查文件中的类路径,快速扫描文件系统中可能容易受到 Log4Shell (CVE-2021-44228) 或“Log4j JNDI 漏洞利用”的 Java 程序
Fastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excellen...
Detections for CVE-2021-44228 inside of nested binaries
Generate primary obfuscated or secondary obfuscated CVE-2021-44228 or CVE-2021-45046 payloads to evade WAF detection.
Public testing data. Samples of log4j library versions to help log4j scanners / detectors improve their accuracy for detecting CVE-2021-45046 and CVE-2021-44228. TAG_TESTING, OWNER_KEN, DC_PUBLIC
Log4j Shield - fast ⚡, scalable and easy to use Log4j vulnerability CVE-2021-44228 finder and patcher
Scanner to send specially crafted requests and catch callbacks of systems that are impacted by log4j log4shell vulnerability and to detect vulnerable log4j versions on your local file-system
Scanner that scans local files for log4shell vulnerability. Does bytecode analysis so it does not rely on metadata. Will find vulnerable log4j even it has been self-compiled/repackaged/shaded/nested (...
CVE-log4j CheckMK plugin
This repository is designed to be a collection of resources to learn about, detect and mitigate the impact of the Log4j vulnerability - more formally known as CVE-2021-44228 and CVE-2021-45046 (mirror...