A Java application intentionally vulnerable to CVE-2021-44228
-
Updated
Mar 17, 2023 - Java
A Java application intentionally vulnerable to CVE-2021-44228
The goal of this project is to demonstrate the log4j cve-2021-44228 exploit vulnerability in a spring-boot setup, and to show how to fix it.
A web application vulnerable to Log4Shell. It's a target for https://github.com/nth347/JNDI-injection-servers
Simple proof of concept of Log4Shell vulnerability in a spring boot vulnerable application environment.
Материалы к вебинару «Обнаружение Log4shell в CI/CD с помощью GitLab».
Simple proof of concept of the famous Java's Log4Shell vulnerability 💣
Security Research and PoC
[ARCHIVED: Unnecessary] This Spigot plugin detects and blocks potential Log4Shell attacks
Tool to try to retrieve the java class used as dropper for the RCE in the context of log4shell vulnerability.
Log4j vulner testing environment based on CVE-2021-44228. It provide guidance to build the sample infrastructure and the exploit scripts. Supporting cooki3 script as the main exploit tools & integration
POC for Infamous Log4j CVE-2021-44228
Scanner that scans local files for log4shell vulnerability. Does bytecode analysis so it does not rely on metadata. Will find vulnerable log4j even it has been self-compiled/repackaged/shaded/nested (e.g. uberjar, fatjar) and even obfuscated.
Add a description, image, and links to the log4shell topic page so that developers can more easily learn about it.
To associate your repository with the log4shell topic, visit your repo's landing page and select "manage topics."