log4shell

There are 10 repositories under log4shell topic.

• NCSC-NL / log4shell

  Operational information regarding the log4shell vulnerabilities in the Log4j logging library.

  cve-2021-4104cve-2021-44228cve-2021-45046cve-2021-45105log4jlog4shellvulnerability
  Language:Python 1895

• lunasec-io / lunasec

  LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

  compliancecontinuous-deliverycve-scanningcybersecuritydependency-analysisdevsecopsgdprlog4shellpci-dsssbomsbom-generatorscanningscanning-toolsecuritysecurity-toolssoc2software-composition-analysistokenizationweb-securityzero-trust
  Language:TypeScript 1405

• Schira4396 / VcenterKiller

  一款针对Vcenter的综合利用工具，包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j，提供一键上传webshell，命令执行或者上传公钥使用SSH免密连接

  gogolanglog4jlog4shellscanvcenter
  Language:Go 1243

• christophetd / log4shell-vulnerable-app

  Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228).

  log4shell
  Language:Java 1089

• mergebase / log4j-detector

  A public open sourced tool. Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too! TAG_OS_TOOL, OWNER_KELLY, DC_PUBLIC

  log4jcve-2021-44228cve-2021-45046cybersecurityscapentestlog4shellscannerdetectorcve-2021-45105vulnerability-scanner
  Language:Java 631

• fox-it / log4j-finder

  Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228, CVE-2021-45046, CVE-2021-45105)

  log4shellcve-2021-44228cve-2021-45046log4jlog4j2log4j-finderpythoncve-2021-45105
  Language:Python 434
• local-log4j-vuln-scanner

  hillu / local-log4j-vuln-scanner

  Simple local scanner for vulnerable log4j instances

  log4j2log4shellcve-2021-44228cve-2019-17571scannersecuritysecurity-tools
  Language:Go 382

• leonjza / log4jpwn

  log4j rce test environment and poc

  cve-2021-44228log4jlog4shellrce
  Language:Python 306

• adilsoybali / Log4j-RCE-Scanner

  Remote command execution vulnerability scanner for Log4j.

  cve-2021-44228log4jlog4j2rcescannercheckervulnerability-scannerslog4shell
  Language:Shell 256

• cyberstruggle / L4sh

  Log4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.

  log4shelllog4j
  Language:Python 255

• snyk-labs / awesome-log4shell

  An Awesome List of Log4Shell resources to help you stay informed and secure! 🔒

  awesomeawesome-listjavalog4jlog4shellsecurityvulnerability
  221

• NS-Sp4ce / Vm4J

  A tool for detect&exploit vmware product log4j(cve-2021-44228) vulnerability.Support VMware HCX/vCenter/NSX/Horizon/vRealize Operations Manager

  cve-2021-44228log4j2-explog4shellvmsa-2021-0028
  Language:C# 202

• HackJava / Log4j2

  《HackLog4j-永恒之恶龙》致敬全宇宙最无敌的Java日志库！Tribute to the most invincible Java logging library in the universe!

  0e0wlog4jlog4j2hacklog4jgoqilog4shellcve-2021-44228
  191

• curated-intel / Log4Shell-IOCs

  A collection of intelligence about Log4Shell and its exploitation activity.

  log4jlog4j2log4shelliocttpcve-2021-44228javactithreatintelligencethreatintelkinsingm8220swrortmuhstikcobalt-strikekhonsarikirabashsitesloadermiraicybersecurity
  Language:Python 182

• ox-eye / Ox4Shell

  Deobfuscate Log4Shell payloads with ease.

  log4jlog4shelldeobfuscationdeobfuscatoroxeye
  Language:Python 159

• Qualys / log4jscanwin

  Log4j Vulnerability Scanner for Windows

  securityscannervulnerabilitysecurity-toolscvecve-2021-44228cve-2021-4104cve-2021-44832cve-2021-45046cve-2021-45105log4jlog4shell
  Language:C 153

• NorthwaveSecurity / log4jcheck

  A script that checks for vulnerable Log4j (CVE-2021-44228) systems using injection of the payload in common HTTP headers.

  log4jlog4shellcve-2021-44228rcescannerchecker
  Language:Python 126

• trickest / log4j

  Trickest Workflow for discovering log4j vulnerabilities and gathering the newest community payloads.

  bugbountypentestinglog4jcvelog4shellpenetration-testingsecurityexploithackingvulnerabilitiesvulnerabilityinfosecsoftware-securityred-teamsecurity-toolssoftware-vulnerabilitiessoftware-vulnerability
  111

• alexbakker / log4shell-tools

  Tool that runs a test to check whether one of your applications is affected by the recent vulnerabilities in log4j: CVE-2021-44228 and CVE-2021-45046

  log4jlog4shellcve-2021-44228jndildapdnscve-2021-45046
  Language:Go 84

• giterlizzi / nmap-log4shell

  Nmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)

  cve-2021-44228log4jlog4shellnmapnmap-scriptsvulnerability
  Language:Lua 73

• zhzyker / logmap

  Log4j jndi injection fuzz tool

  fuzz-testinglog4j2injectionjndicve-2021-44228log4shellcve-2021-45046
  Language:Python 72

• cyberxml / log4j-poc

  A Docker based LDAP RCE exploit demo for CVE-2021-44228 Log4Shell

  cve-2021-44228exploitlog4jlog4shellpoc
  Language:Java 70

• ilsubyeega / log4j2-rce-exploit

  log4j2 remote code execution or IP leakage exploit (with examples)

  log4j2exploitlog4shellcve
  Language:Java 68

• intezer / log4jscan

  log4jlog4j2log4shell
  Language:Shell 59

• For-ACGN / Log4Shell

  Check, exploit, generate class, obfuscate, TLS, ACME about log4j2 vulnerability in one Go program.

  log4j2exploitspoclog4shellcve-2021-44228obfuscateacmelog4j2-expjndildapjava
  Language:Go 57

• lucab85 / log4j-cve-2021-44228

  Ansible detector scanner playbook to verify target Linux hosts using the official Red Hat Log4j detector script RHSB-2021-009 Remote Code Execution - log4j (CVE-2021-44228)

  ansiblecve-2021-44228devsecopslog4jlog4shellsecurity
  56

• CodeShield-Security / Log4JShell-Bytecode-Detector

  Local Bytecode Scanner for the Log4JShell Vulnerability (CVE-2021-44228)

  securitycve-2021-44228log4jshelllog4j2scannerbytecodelog4shell
  Language:Java 50

• CreeperHost / Log4jPatcher

  A mitigation for CVE-2021-44228 (log4shell) that works by patching the vulnerability at runtime. (Works with any vulnerable java software, tested with java 6 and newer)

  cve-2021-44228log4jlog4j2log4shell
  Language:Java 46

• 1lann / log4shelldetect

  Rapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or "that Log4j JNDI exploit" by inspecting the class paths inside files

  log4jlog4shellscannercve-2021-44228vulnerability-scannerscve-2021-45046log4j2
  Language:Go 44

• righel / log4shell_nse

  nse script to inject jndi payloads

  cvelog4jlog4shellnmap
  Language:Lua 44

• Contrast-Security-OSS / safelog4j

  Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading

  javalog4shelllog4jsecurityvulnerabilityvulnerability-scannersecurity-testingiastrasp
  Language:Java 40

• infiniroot / nginx-mitigate-log4shell

  Mitigate log4shell (CVE-2021-44228) vulnerability attacks using Nginx LUA script

  cve-2021-44228nginxmitigationlualog4shellvulnerability
  39

• hackinghippo / log4shell_ioc_ips

  log4j / log4shell IoCs from multiple sources put together in one big file (IPs) more coming soon (CVE-2021-44228)

  cvecve-2021-44228ioclistlog4jlog4shellshell4log
  Language:Shell 36

• HynekPetrak / log4shell-finder

  Fastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excellent performance and low memory footprint.

  cve-2021-44228cve-2021-45046log4jlog4shellvulnerabilitysecurityscannerlog4j2cve-2021-4104cve-2021-42550cve-2021-45105cve-2021-44832cve-2017-5645cve-2019-17571cve-2022-23305cve-2022-23307cve-2022-23302cve-2020-9488
  Language:Python 36

• Goqi / ELong

  永恒之恶龙-Log4j漏洞安全自查工具

  log4jlog4j-rcelog4j2log4shell
  35

• righettod / log4shell-analysis

  Contains all my research and content produced regarding the log4shell vulnerability

  log4j2log4shelldevelopment
  Language:Java 32