GitHub topics: log4shell | Ecosyste.ms: Repos

Qualys/log4jscanwin 📦

Log4j Vulnerability Scanner for Windows

Language: C - Size: 5.23 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 155 - Forks: 32

Scanner that scans local files for log4shell vulnerability. Does bytecode analysis so it does not rely on metadata. Will find vulnerable log4j even it has been self-compiled/repackaged/shaded/nested (e.g. uberjar, fatjar) and even obfuscated.

Language: Java - Size: 42 MB - Last synced at: 13 days ago - Pushed at: 13 days ago - Stars: 8 - Forks: 4

nyg/dependabot-vuln-viewer

Displays Dependabot security alerts for multiple GitHub repositories.

Language: JavaScript - Size: 2.76 MB - Last synced at: 17 days ago - Pushed at: 18 days ago - Stars: 2 - Forks: 1

snyk-labs/awesome-log4shell

An Awesome List of Log4Shell resources to help you stay informed and secure! 🔒

Size: 183 KB - Last synced at: 7 days ago - Pushed at: almost 3 years ago - Stars: 229 - Forks: 48

Schira4396/VcenterKiller

一款针对Vcenter的综合利用工具，包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j，提供一键上传webshell，命令执行或者上传公钥使用SSH免密连接

Language: Go - Size: 6.31 MB - Last synced at: about 1 month ago - Pushed at: about 1 year ago - Stars: 1,407 - Forks: 166

lunasec-io/lunasec

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

Language: TypeScript - Size: 293 MB - Last synced at: about 1 month ago - Pushed at: about 1 year ago - Stars: 1,448 - Forks: 169

hillu/local-log4j-vuln-scanner

Simple local scanner for vulnerable log4j instances

Language: Go - Size: 203 KB - Last synced at: 28 days ago - Pushed at: almost 3 years ago - Stars: 374 - Forks: 76

swissarthurfreeman/springLog4Shell

Simple proof of concept of Log4Shell vulnerability in a spring boot vulnerable application environment.

Language: Java - Size: 2.19 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 0 - Forks: 0

christophetd/log4shell-vulnerable-app

Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228).

Language: Java - Size: 252 KB - Last synced at: about 1 month ago - Pushed at: about 1 year ago - Stars: 1,117 - Forks: 545

Doenerstyle/1.7.10-modded-bukkit-servers

Guide/general info on managing modded Bukkit-compatible servers in Minecraft 1.7.10 in 2022

Size: 12.7 KB - Last synced at: about 2 months ago - Pushed at: about 3 years ago - Stars: 6 - Forks: 1

fox-it/log4j-finder

Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228, CVE-2021-45046, CVE-2021-45105)

Language: Python - Size: 2.72 MB - Last synced at: 14 days ago - Pushed at: over 2 years ago - Stars: 436 - Forks: 95

NCSC-NL/log4shell 📦

Operational information regarding the log4shell vulnerabilities in the Log4j logging library.

Language: Python - Size: 7.73 MB - Last synced at: about 2 months ago - Pushed at: about 3 years ago - Stars: 1,894 - Forks: 598

leonjza/log4jpwn

log4j rce test environment and poc

Language: Python - Size: 1.09 MB - Last synced at: about 1 month ago - Pushed at: over 3 years ago - Stars: 311 - Forks: 88

zhzyker/logmap

Log4j jndi injection fuzz tool

Language: Python - Size: 28.3 KB - Last synced at: 2 months ago - Pushed at: over 3 years ago - Stars: 70 - Forks: 17

Tai-e/CVE-2021-44228

Utilize Tai-e to identify the Log4shell (a.k.a. CVE-2021-44228) Vulnerability

Language: Java - Size: 25.1 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 9 - Forks: 1

0xsyr0/Log4Shell

This repository contains all gathered resources we used during our Incident Reponse on CVE-2021-44228 and CVE-2021-45046 aka Log4Shell.

Size: 562 KB - Last synced at: 29 days ago - Pushed at: 3 months ago - Stars: 8 - Forks: 2

tpdlshdmlrkfmcla/Log4shell

CVE-2021-44228

Size: 8.79 KB - Last synced at: 4 days ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0

RiteshPuvvada/riteshpuvvada.github.io

Vulnerability Walkthrough

Language: HTML - Size: 16.2 MB - Last synced at: 23 days ago - Pushed at: almost 2 years ago - Stars: 8 - Forks: 0

cyberxml/log4j-poc

A Docker based LDAP RCE exploit demo for CVE-2021-44228 Log4Shell

Language: Java - Size: 40.9 MB - Last synced at: 2 months ago - Pushed at: over 2 years ago - Stars: 70 - Forks: 34

yandex-cloud-examples/yc-webinar-secure-cicd-with-gitlab

Материалы к вебинару «Обнаружение Log4shell в CI/CD с помощью GitLab».

Language: Java - Size: 249 KB - Last synced at: about 1 month ago - Pushed at: 4 months ago - Stars: 1 - Forks: 1

christian-taillon/log4shell-hunting 📦

This repo exists to aid hunters in discovering and investigating log4j attacks against their organization.

Language: Shell - Size: 1.95 MB - Last synced at: 5 days ago - Pushed at: over 3 years ago - Stars: 4 - Forks: 1

righel/log4shell_nse

nse script to inject jndi payloads

Language: Lua - Size: 16.6 KB - Last synced at: 3 months ago - Pushed at: over 3 years ago - Stars: 46 - Forks: 10

lucab85/log4j-cve-2021-44228

Ansible detector scanner playbook to verify target Linux hosts using the official Red Hat Log4j detector script RHSB-2021-009 Remote Code Execution - log4j (CVE-2021-44228)

Size: 46.9 KB - Last synced at: 4 days ago - Pushed at: over 3 years ago - Stars: 57 - Forks: 9

AshtonSolutions/log4j-ninja-scanner

Log4j / Log4Shell scan script. Written in PowerShell for Server 2008 and newer. Optimized for use with Ninja RMM and other Remote Management tools.

Language: PowerShell - Size: 27.3 KB - Last synced at: 4 days ago - Pushed at: over 3 years ago - Stars: 2 - Forks: 3

For-ACGN/Log4Shell

Check, exploit, generate class, obfuscate, TLS, ACME about log4j2 vulnerability in one Go program.

Language: Go - Size: 4.6 MB - Last synced at: 2 months ago - Pushed at: over 3 years ago - Stars: 57 - Forks: 17

shamo0/CVE-2021-44228

log4shell (CVE-2021-44228) scanning tool

Language: Shell - Size: 26.4 KB - Last synced at: 3 months ago - Pushed at: over 3 years ago - Stars: 4 - Forks: 2

giterlizzi/nmap-log4shell

Nmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)

Language: Lua - Size: 23.4 KB - Last synced at: 2 months ago - Pushed at: over 3 years ago - Stars: 79 - Forks: 21

tweimer/log4j-detector Fork of mergebase/log4j-detector

Detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too!

Language: Java - Size: 714 KB - Last synced at: 7 months ago - Pushed at: 7 months ago - Stars: 1 - Forks: 0

1lann/log4shelldetect

Rapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or "that Log4j JNDI exploit" by inspecting the class paths inside files

Language: Go - Size: 11.7 MB - Last synced at: 5 days ago - Pushed at: over 3 years ago - Stars: 45 - Forks: 8

adilsoybali/Log4j-RCE-Scanner

Remote command execution vulnerability scanner for Log4j.

Language: Shell - Size: 41 KB - Last synced at: 7 months ago - Pushed at: almost 2 years ago - Stars: 254 - Forks: 55

mergebase/log4j-detector

A public open sourced tool. Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too! TAG_OS_TOOL, OWNER_KELLY, DC_PUBLIC

Language: Java - Size: 810 KB - Last synced at: 7 months ago - Pushed at: over 3 years ago - Stars: 638 - Forks: 98

curated-intel/Log4Shell-IOCs

A collection of intelligence about Log4Shell and its exploitation activity.

Language: Python - Size: 12.9 MB - Last synced at: 7 months ago - Pushed at: over 3 years ago - Stars: 181 - Forks: 37

cyberstruggle/L4sh

Log4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.

Language: Python - Size: 14.6 KB - Last synced at: 7 months ago - Pushed at: over 3 years ago - Stars: 257 - Forks: 65

ox-eye/Ox4Shell

Deobfuscate Log4Shell payloads with ease.

Language: Python - Size: 35.2 KB - Last synced at: 7 months ago - Pushed at: almost 3 years ago - Stars: 160 - Forks: 19

srhercules/log4j_mass_scanner

Automated scan thousands hosts in your Active Directory domain in minutes, for Log4j vulnerabilities with multithreading mass scanner and detailed report.

Language: PowerShell - Size: 1.52 MB - Last synced at: 8 months ago - Pushed at: 8 months ago - Stars: 3 - Forks: 0

alexbakker/log4shell-tools

Tool that runs a test to check whether one of your applications is affected by the recent vulnerabilities in log4j: CVE-2021-44228 and CVE-2021-45046

Language: Go - Size: 91.8 KB - Last synced at: 3 months ago - Pushed at: about 1 year ago - Stars: 86 - Forks: 17

hupe1980/scan4log4shell

Scanner to send specially crafted requests and catch callbacks of systems that are impacted by log4j log4shell vulnerability and to detect vulnerable log4j versions on your local file-system

Language: Go - Size: 3.23 MB - Last synced at: 8 days ago - Pushed at: over 3 years ago - Stars: 12 - Forks: 3

thecodesmith/unzip-recursive

Unzip .jar, .tgz and .zip files recursively

Language: Python - Size: 2.93 KB - Last synced at: 3 months ago - Pushed at: over 3 years ago - Stars: 2 - Forks: 0

lhotari/pulsar-docker-images-patch-CVE-2021-44228

Patch Pulsar Docker images with Log4J 2.17.1 update to mitigate Apache Log4J Security Vulnerabilities including Log4Shell

Language: Dockerfile - Size: 4.75 MB - Last synced at: 20 days ago - Pushed at: over 3 years ago - Stars: 1 - Forks: 1

yezzfusl/RustyLog4jGuard

Effortless Log4j vulnerability detection.

Language: Rust - Size: 22.5 KB - Last synced at: 4 months ago - Pushed at: 10 months ago - Stars: 1 - Forks: 0

demining/Log4j-Vulnerability

Vulnerability CVE-2021-44228 allows remote code execution without authentication for several versions of Apache Log4j2 (Log4Shell). Attackers can exploit vulnerable servers by connecting over any protocol, such as HTTPS, and sending a specially crafted string.

Language: JavaScript - Size: 2.85 MB - Last synced at: 4 months ago - Pushed at: over 2 years ago - Stars: 6 - Forks: 2

ssstonebraker/log4j-scan-turbo

Multithreaded log4j vulnerability scanner using only bash! Tests all JNDI protocols, HTTP GET/POST, and 84 headers.

Language: Shell - Size: 35.2 KB - Last synced at: 7 months ago - Pushed at: over 3 years ago - Stars: 27 - Forks: 4

ravro-ir/log4shell-looker

log4jshell vulnerability scanner for bug bounty

Language: Go - Size: 188 KB - Last synced at: 12 days ago - Pushed at: over 3 years ago - Stars: 23 - Forks: 4

zaneef/CVE-2021-44228

Log4Shell (CVE-2021-44228): Descrizione, Exploitation e Mitigazione

Size: 37.1 KB - Last synced at: about 1 year ago - Pushed at: over 3 years ago - Stars: 0 - Forks: 0

Contrast-Security-OSS/safelog4j

Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading

Language: Java - Size: 1.22 MB - Last synced at: about 3 hours ago - Pushed at: about 1 year ago - Stars: 41 - Forks: 15

infiniroot/nginx-mitigate-log4shell

Mitigate log4shell (CVE-2021-44228) vulnerability attacks using Nginx LUA script

Size: 23.4 KB - Last synced at: 1 day ago - Pushed at: over 3 years ago - Stars: 38 - Forks: 6

ra890927/Log4Shell-CVE-2021-44228-Demo

Log4Shell CVE-2021-44228 Demo

Language: HTML - Size: 11.7 KB - Last synced at: about 1 year ago - Pushed at: about 3 years ago - Stars: 0 - Forks: 0

ilsubyeega/log4j2-rce-exploit 📦

log4j2 remote code execution or IP leakage exploit (with examples)

Language: Java - Size: 64.5 KB - Last synced at: about 1 year ago - Pushed at: over 3 years ago - Stars: 68 - Forks: 26

mushahidq/silver-spoon

Language: HTML - Size: 5.01 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 1 - Forks: 0

avuko/log4j

log based detection

Size: 4.88 KB - Last synced at: over 1 year ago - Pushed at: over 3 years ago - Stars: 0 - Forks: 0

righettod/log4shell-analysis 📦

Contains all my research and content produced regarding the log4shell vulnerability

Language: Java - Size: 23.6 MB - Last synced at: 7 months ago - Pushed at: over 3 years ago - Stars: 32 - Forks: 6

codexlynx/envoy-filter-log4shell

:syringe: Plugable Envoy WebAssembly L7 (HTTP) firewall to prevent log4shell vulnerability injections.

Language: Go - Size: 17.6 KB - Last synced at: 4 months ago - Pushed at: over 3 years ago - Stars: 3 - Forks: 0

SecureStackCo/actions-log4j

A GitHub Action that scans your public web applications for log4j vulnerabilities after every deployment. Add this to your dev, staging and prod steps and SecureStack will make sure that what you've just deployed is secure and meets your requirements.

Size: 1.48 MB - Last synced at: 17 days ago - Pushed at: about 3 years ago - Stars: 15 - Forks: 2

Dghpi9/Log4j2-Fuzz

Size: 2.93 KB - Last synced at: over 1 year ago - Pushed at: over 3 years ago - Stars: 6 - Forks: 4

HackJava/Log4j2

《HackLog4j-永恒之恶龙》致敬全宇宙最无敌的Java日志库！Tribute to the most invincible Java logging library in the universe!

Size: 87.9 KB - Last synced at: over 1 year ago - Pushed at: over 2 years ago - Stars: 192 - Forks: 66

robertdebock/ansible-role-cve_2021_44228 📦

Check and report for cve_2021_44228 (log4shell) on your system.

Size: 67.4 KB - Last synced at: about 9 hours ago - Pushed at: over 1 year ago - Stars: 10 - Forks: 0

hackinghippo/log4shell_ioc_ips

log4j / log4shell IoCs from multiple sources put together in one big file (IPs) more coming soon (CVE-2021-44228)

Language: Shell - Size: 1.65 MB - Last synced at: 7 months ago - Pushed at: over 3 years ago - Stars: 36 - Forks: 12

valnoxy/PowerChute-Log4j-Patch

Tool for patching APC PowerChute Business Edition and Network Shutdown.

Language: C# - Size: 76.2 KB - Last synced at: about 1 year ago - Pushed at: over 3 years ago - Stars: 4 - Forks: 0

claranet/ansible-role-log4shell

Find Log4Shell CVE-2021-44228 on your system

Language: Jinja - Size: 36.1 KB - Last synced at: 2 months ago - Pushed at: about 1 year ago - Stars: 11 - Forks: 5

rndinfosecguy/yal4ss

yet another log4shell scanner

Language: Python - Size: 6.84 KB - Last synced at: over 1 year ago - Pushed at: over 3 years ago - Stars: 6 - Forks: 0

NS-Sp4ce/Vm4J

A tool for detect&exploit vmware product log4j(cve-2021-44228) vulnerability.Support VMware HCX/vCenter/NSX/Horizon/vRealize Operations Manager

Language: C# - Size: 240 KB - Last synced at: over 1 year ago - Pushed at: over 3 years ago - Stars: 186 - Forks: 36

ltoinel/Log4Hunter

A simple Log4Shell HoneyPot to capture payload

Language: PHP - Size: 1.81 MB - Last synced at: 3 days ago - Pushed at: over 1 year ago - Stars: 2 - Forks: 0

righettod/log4shell-payload-grabber 📦

Tool to try to retrieve the java class used as dropper for the RCE in the context of log4shell vulnerability.

Language: Java - Size: 11 MB - Last synced at: 7 months ago - Pushed at: over 3 years ago - Stars: 3 - Forks: 0

broadinstitute/trivy-cve-scan

Scan multiple Docker images with Trivy for a specific CVE

Language: Shell - Size: 14.6 KB - Last synced at: 28 days ago - Pushed at: over 3 years ago - Stars: 1 - Forks: 0

CreeperHost/Log4jPatcher

A mitigation for CVE-2021-44228 (log4shell) that works by patching the vulnerability at runtime. (Works with any vulnerable java software, tested with java 6 and newer)

Language: Java - Size: 65.4 KB - Last synced at: over 1 year ago - Pushed at: over 2 years ago - Stars: 46 - Forks: 8

hotpotcookie/CVE-2021-44228-white-box

Log4j vulner testing environment based on CVE-2021-44228. It provide guidance to build the sample infrastructure and the exploit scripts. Supporting cooki3 script as the main exploit tools & integration

Language: Java - Size: 112 MB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 2 - Forks: 1

ca-dane-jones/log4jscan

Python script designed to iterate over .jar, .jar inside .jar, and .class files in attached file systems for instances of Apache's JndiLookup.class. Compatible with Python 2 and Python 3.

Language: Python - Size: 14.6 KB - Last synced at: almost 2 years ago - Pushed at: over 3 years ago - Stars: 0 - Forks: 0

xsultan/log4jshield

Log4j Shield - fast ⚡, scalable and easy to use Log4j vulnerability CVE-2021-44228 finder and patcher

Language: Shell - Size: 10.7 KB - Last synced at: almost 2 years ago - Pushed at: over 3 years ago - Stars: 14 - Forks: 3

aajuvonen/log4stdin

A Java application intentionally vulnerable to CVE-2021-44228

Language: Java - Size: 42 MB - Last synced at: almost 2 years ago - Pushed at: over 2 years ago - Stars: 0 - Forks: 2

ValtteriL/Detect-Log4Shell

Powershell script to check log files for Log4Shell exploitation

Language: PowerShell - Size: 24.4 KB - Last synced at: almost 2 years ago - Pushed at: over 3 years ago - Stars: 3 - Forks: 1

HynekPetrak/log4shell-finder

Fastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excellent performance and low memory footprint.

Language: Python - Size: 33.7 MB - Last synced at: over 1 year ago - Pushed at: about 2 years ago - Stars: 36 - Forks: 11

ejm/log4check

A small Minecraft server to help players detect vulnerability to the Log4Shell exploit 🐚

Language: Python - Size: 5.86 KB - Last synced at: almost 2 years ago - Pushed at: over 3 years ago - Stars: 4 - Forks: 0

mrjameshamilton/log4shell-detector

A log4shell detector using ProGuardCORE

Language: Kotlin - Size: 77.1 KB - Last synced at: 2 months ago - Pushed at: almost 3 years ago - Stars: 5 - Forks: 4

NorthwaveSecurity/log4jcheck

A script that checks for vulnerable Log4j (CVE-2021-44228) systems using injection of the payload in common HTTP headers.

Language: Python - Size: 24.4 KB - Last synced at: over 1 year ago - Pushed at: over 3 years ago - Stars: 126 - Forks: 25

fox-it/log4shell-pcaps

Log4Shell PCAPS and Network Coverage

Language: Java - Size: 271 KB - Last synced at: 14 days ago - Pushed at: over 3 years ago - Stars: 7 - Forks: 2

lucab85/ansible-role-log4shell

Ansible playbook to verify target Linux hosts using the official Red Hat Log4j detector script RHSB-2021-009 for Log4Shell (CVE-2021-44228).

Size: 29.3 KB - Last synced at: 4 days ago - Pushed at: over 3 years ago - Stars: 4 - Forks: 4

CodeShield-Security/Log4JShell-Bytecode-Detector

Local Bytecode Scanner for the Log4JShell Vulnerability (CVE-2021-44228)

Language: Java - Size: 15.8 MB - Last synced at: 7 months ago - Pushed at: over 3 years ago - Stars: 50 - Forks: 9

eliezio/log4j-test

A sample project to debunk common misbeliefs regarding the impact the Log4j vulnerabilities on Java Applications.

Language: Kotlin - Size: 405 KB - Last synced at: almost 2 years ago - Pushed at: over 3 years ago - Stars: 4 - Forks: 1

aajuvonen/log4j-hackrf-waveforms

Log4shell waveforms for ACARS, ADS-B, and AIS

Language: Python - Size: 33.2 KB - Last synced at: almost 2 years ago - Pushed at: about 3 years ago - Stars: 3 - Forks: 1

lfama/log4j_checker

Python3 script for scanning CVE-2021-44228 (Log4shell) vulnerable machines.

Language: Python - Size: 7.81 KB - Last synced at: about 2 years ago - Pushed at: over 3 years ago - Stars: 9 - Forks: 3

gcmurphy/chk_log4j

Some siimple checks to see if JAR file is vulnerable to CVE-2021-44228

Language: Rust - Size: 8.79 KB - Last synced at: 3 months ago - Pushed at: over 3 years ago - Stars: 1 - Forks: 1

alex-ilgayev/log4shell-dockerized

Log4Shell dockerized full chain

Language: Java - Size: 9.77 KB - Last synced at: 3 months ago - Pushed at: over 3 years ago - Stars: 2 - Forks: 0

CWright2022/Log4J-POC

A collection of stuff from my senior project about Log4Shell.

Language: HTML - Size: 2.53 MB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 0 - Forks: 0

mss/log4shell-hotfix-side-effect 📦

Test case to check if the Log4Shell/CVE-2021-44228 hotfix will raise any unexpected exceptions

Language: Java - Size: 62.5 KB - Last synced at: about 2 years ago - Pushed at: over 3 years ago - Stars: 3 - Forks: 1

trickest/log4j

Trickest Workflow for discovering log4j vulnerabilities and gathering the newest community payloads.

Size: 3.91 MB - Last synced at: over 2 years ago - Pushed at: over 3 years ago - Stars: 100 - Forks: 21

Polda18/Log4ShellBlock 📦

[ARCHIVED: Unnecessary] This Spigot plugin detects and blocks potential Log4Shell attacks

Language: Java - Size: 29.3 KB - Last synced at: over 2 years ago - Pushed at: over 3 years ago - Stars: 1 - Forks: 0