🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
-
Updated
Jan 15, 2022 - Java
🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
Vulnerability scanner and mitigation patch for Log4j2 CVE-2021-44228
A public open sourced tool. Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too! TAG_OS_TOOL, OWNER_KELLY, DC_PUBLIC
Scanner that scans local files for log4shell vulnerability. Does bytecode analysis so it does not rely on metadata. Will find vulnerable log4j even it has been self-compiled/repackaged/shaded/nested (e.g. uberjar, fatjar) and even obfuscated.
A simple and fast Maven dependency vulnerability scanner. Check existence of vuln JARs (transitive)
Add a description, image, and links to the cve-2021-45105 topic page so that developers can more easily learn about it.
To associate your repository with the cve-2021-45105 topic, visit your repo's landing page and select "manage topics."