log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.
-
Updated
Dec 6, 2022 - Java
log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.
🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
Vulnerability scanner and mitigation patch for Log4j2 CVE-2021-44228
A public open sourced tool. Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too! TAG_OS_TOOL, OWNER_KELLY, DC_PUBLIC
Scanner that scans local files for log4shell vulnerability. Does bytecode analysis so it does not rely on metadata. Will find vulnerable log4j even it has been self-compiled/repackaged/shaded/nested (e.g. uberjar, fatjar) and even obfuscated.
A simple and fast Maven dependency vulnerability scanner. Check existence of vuln JARs (transitive)
Add a description, image, and links to the cve-2021-45046 topic page so that developers can more easily learn about it.
To associate your repository with the cve-2021-45046 topic, visit your repo's landing page and select "manage topics."