Fastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excellent performance and low memory footprint.

Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228, CVE-2021-45046, CVE-2021-45105)

Deobfuscate Log4Shell payloads with ease.

Log4shell waveforms for ACARS, ADS-B, and AIS

Operational information regarding the log4shell vulnerabilities in the Log4j logging library.

Generate primary obfuscated or secondary obfuscated CVE-2021-44228 or CVE-2021-45046 payloads to evade WAF detection.

Python tool to scan the Gluu container for vulnerable log4j files

Fork of Original Capstone project created with Derek Lin; Includes a custom-made PoC instead of utilizing kozmer's PoC.

Python script designed to iterate over .jar, .jar inside .jar, and .class files in attached file systems for instances of Apache's JndiLookup.class. Compatible with Python 2 and Python 3.

A collection of intelligence about Log4Shell and its exploitation activity.

Take the log4j exploit string and pull down the second-stage payload

A micro lab for CVE-2021-44228 (log4j)

Script to combine all host specific json outputs from log4j-detector into one single csv file. Requires only standard python installation, no further dependencies.

Log4j jndi injection fuzz tool

yet another log4shell scanner

Python3 script for scanning CVE-2021-44228 (Log4shell) vulnerable machines.

Log4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.

Unzip .jar, .tgz and .zip files recursively

log4j rce test environment and poc