A lab & assignment for CSC427

Log4Shell dockerized full chain

Log4J CVE-2021-44228 Minecraft PoC

log4j2 Log4Shell CVE-2021-44228 proof of concept

Simple proof of concept of the famous Java's Log4Shell vulnerability 💣

Security Research and PoC

A playground for poking at the Log4Shell (CVE-2021-44228) vulnerability mitigations

A web application vulnerable to Log4Shell. It's a target for https://github.com/nth347/JNDI-injection-servers

[ARCHIVED: Unnecessary] This Spigot plugin detects and blocks potential Log4Shell attacks

Simple proof of concept of Log4Shell vulnerability in a spring boot vulnerable application environment.

Материалы к вебинару «Обнаружение Log4shell в CI/CD с помощью GitLab».

Tool to try to retrieve the java class used as dropper for the RCE in the context of log4shell vulnerability.

Detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too!

Test case to check if the Log4Shell/CVE-2021-44228 hotfix will raise any unexpected exceptions

Log4Shell PCAPS and Network Coverage

The goal of this project is to demonstrate the log4j cve-2021-44228 exploit vulnerability in a spring-boot setup, and to show how to fix it.

Utilize Tai-e to identify the Log4shell (a.k.a. CVE-2021-44228) Vulnerability

POC for Infamous Log4j CVE-2021-44228

Log4j vulner testing environment based on CVE-2021-44228. It provide guidance to build the sample infrastructure and the exploit scripts. Supporting cooki3 script as the main exploit tools & integration

A Java application intentionally vulnerable to CVE-2021-44228