Operational information regarding the log4shell vulnerabilities in the Log4j logging library.
翻译 - 有关 Log4j 日志库中漏洞的操作信息。
LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTra...
翻译 - LunaSec - 安全性和合规性 SDK,可阻止软件中的数据泄漏。只需几行代码,LunaSec 就在您的堆栈中添加了零信任架构、独特的每记录加密以及针对 XSS、SQL 注入和 RCE 等常见安全问题的保护。在这里现场试用:https://app.lunasec.dev
Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228).
翻译 - Spring Boot Web 应用程序易受 CVE-2021-44228(昵称 Log4Shell)的攻击。
A public open sourced tool. Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instan...
翻译 - 在任何应用程序的文件系统上检测易受攻击的 log4j 版本。它甚至能够找到隐藏在几层深处的实例。适用于 Linux、Windows 和 Mac,也适用于 Java 运行的其他任何地方!
Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228, CVE-2021-45046, CVE-2021-45105)
翻译 - 在磁盘和 Java 存档文件中查找易受攻击的 Log4j2 版本(Log4Shell CVE-2021-44228 和 CVE-2021-45046)
Simple local scanner for vulnerable log4j instances
翻译 - 易受攻击的 log4j 实例的简单本地扫描器
log4j rce test environment and poc
翻译 - log4j rce 测试环境和 poc
Log4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.
翻译 - Log4Shell RCE Exploit - 完全独立的漏洞利用不需要任何 3rd 方二进制文件。
Remote command execution vulnerability scanner for Log4j.
翻译 - Log4j 的远程命令执行漏洞扫描器。
#Awesome#An Awesome List of Log4Shell resources to help you stay informed and secure! 🔒
A tool for detect&exploit vmware product log4j(cve-2021-44228) vulnerability.Support VMware HCX/vCenter/NSX/Horizon/vRealize Operations Manager
《HackLog4j-永恒之恶龙》致敬全宇宙最无敌的Java日志库!Tribute to the most invincible Java logging library in the universe!
A collection of intelligence about Log4Shell and its exploitation activity.
翻译 - 有关 Log4Shell 及其开发活动的情报集合。
Log4j Vulnerability Scanner for Windows
翻译 - 适用于 Windows 的 Log4j 漏洞扫描程序
A script that checks for vulnerable Log4j (CVE-2021-44228) systems using injection of the payload in common HTTP headers.
翻译 - 使用在常见 HTTP 标头中注入有效负载来检查易受攻击的 Log4j (CVE-2021-44228) 系统的脚本。
Trickest Workflow for discovering log4j vulnerabilities and gathering the newest community payloads.
Tool that runs a test to check whether one of your applications is affected by the recent vulnerabilities in log4j: CVE-2021-44228 and CVE-2021-45046
Nmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)