The purpose of this study is to list useful tools that the blue and red team can use against the Log4j vulnerability. Github links bypass tools, scanning, detection mechanisms, etc. can be used for.
Scanning or POC
π΄ Title: log4j-shell-poc
π΄ Description: A Proof-Of-Concept for the recently found CVE-2021-44228 vulnerability.
π΄ Url: https://github.com/kozmer/log4j-shell-poc
π΄ Title: Log4j2-RCE
π΄ Description: Log4j2 CVE-2021-44228 Reproduction and echo utilization
π΄ Url: https://github.com/binganao/Log4j2-RCE
π΄ Title: jndi-ldap-test-server
π΄ Description: A minimalistic LDAP server that is meant for test vulnerability to JNDI+LDAP injection attacks in Java, especially CVE-2021-44228
π΄ Url: https://github.com/rakutentech/jndi-ldap-test-server
π΄ Title: Logout4Shell
π΄ Description: Use Log4Shell vulnerability to vaccinate a victim server against Log4Shell
π΄ Url: https://github.com/Cybereason/Logout4Shell
π΄ Title: sample-ldap-exploit
π΄ Description: A short demo of CVE-2021-44228
π΄ Url: https://github.com/phoswald/sample-ldap-exploit
π΄ Title: Log4j RCE CVE-2021-44228 Exploitation Detection
π΄ Url: https://gist.github.com/Neo23x0/e4c8b03ff8cdf1fa63b7d15db6e3860b
π΄ Title: Python script to detect if an HTTP server is potentially vulnerable to the log4j 0day RCE
π΄ Url: https://gist.github.com/byt3bl33d3r/46661bc206d323e6770907d259e009b6
π΄ Title: log4j2burpscanner
π΄ Description: CVE-2021-44228, log4j2 burp plug-in Java version, dnslog selected non-dnslog.cn domain names
π΄ Url: https://github.com/f0ng/log4j2burpscanner
π΄ Title: log4shelldetect
π΄ Description: Scans files for .jars potentially vulnerable to Log4Shell (CVE-2021-44228) by inspecting the class paths inside the .jar.
π΄ Url: https://github.com/1lann/log4shelldetect
π΄ Title: Nmap Log4Shell
π΄ Description: Nmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)
π΄ Url: https://github.com/giterlizzi/nmap-log4shell
π΄ Title: LOG4J-POC
π΄ Description: LOG4J batch detection tool -- Red Team Tool -- Essential for net protection -- Redteam --
π΄ Url: https://github.com/XiaoBai-12138/LOG4J-POC
π΄ Title: CVE-2021-44228-PoC-log4j-bypass-words
π΄ Description: CVE-2021-44228 - LOG4J Java exploit - A trick to bypass words blocking patches
π΄ Url: https://github.com/Puliczek/CVE-2021-44228-PoC-log4j-bypass-words
π΄ Title: Log4Shell Mitigation tester
π΄ Description: Log4Shell CVE-2021-44228 mitigation tester
π΄ Url: https://github.com/lhotari/log4shell-mitigation-tester
π΄ Title: log4j-rce-detect-waf-bypass
π΄ Description: A Nuclei Template for Apache Log4j RCE (CVE-2021-44228) Detection with WAF Bypass Payloads
π΄ Url: https://github.com/toramanemre/log4j-rce-detect-waf-bypass
π΄ Title: jndiRep - CVE-2021-44228
π΄ Description: Scan your logs for CVE-2021-44228 related activity and report the attackers
π΄ Url: https://github.com/js-on/jndiRep
π΄ Title: CVE-2021-44228 checker
π΄ Description: checking for vulnerability CVE-2021-44228
π΄ Url: https://github.com/greymd/CVE-2021-44228
π΄ Title: noPac
π΄ Description: CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter
π΄ Url: https://github.com/cube0x0/noPac
π΄ Title: log4j-scan
π΄ Description: A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
π΄ Url: https://github.com/fullhunt/log4j-scan
π΄ Title: CVE-2021-44228-Scanner
π΄ Description: Vulnerability scanner for Log4j2 CVE-2021-44228
π΄ Url: https://github.com/logpresso/CVE-2021-44228-Scanner
π΄ Title: Log4J lab
π΄ Description: A lab for playing around with the Log4J CVE-2021-44228
π΄ Url: https://github.com/tuyenee/Log4shell
π΄ Title: log4j-scanner
π΄ Description: Simple tool for scanning entire directories for attempts of CVE-2021-44228
π΄ Url: https://github.com/kek-Sec/log4j-scanner-CVE-2021-44228
π΄ Title: Log4j-Windows-Scanner
π΄ Description: CVE-2021-44228 vulnerability in Apache Log4j library | Log4j vulnerability scanner on Windows machines.
π΄ Url: https://github.com/Joefreedy/Log4j-Windows-Scanner
π΄ Title: log4j-detector
π΄ Description: Detects Log4J versions on your file-system within any application that are vulnerable to CVE-2021-44228 and CVE-2021-45046. Works on #Linux, #Windows, and #Mac, and everywhere else Java runs, too!
π΄ Url: https://github.com/mergebase/log4j-detector
π΄ Title: Log4JHunt
π΄ Description: An automated, reliable scanner for the Log4Shell CVE-2021-44228 vulnerability
π΄ Url: https://github.com/redhuntlabs/Log4JHunt
π΄ Title: CVE-2021-44228 (Apache Log4j Remote Code ExecutionοΌ
π΄ Description: The version of 1.x has other vulnerabilities, it is recommended to update to the latest version.
π΄ Url: https://github.com/roxas-tan/CVE-2021-44228
Defensive Activities
π΅ Title: log4j-patcher
π΅ Description: Java Agent that disables Apache Log4J's JNDI Lookup. Quick-fix for CVE-2021-44228
π΅ Url: https://github.com/alerithe/log4j-patcher
π΅ Title: CVE-2021-44228 DFIR-Notes
π΅ Url: https://github.com/Azeemering/CVE-2021-44228-DFIR-Notes
π΅ Title: cloudrasp-log4j2
π΅ Description: A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense
π΅ Url: https://github.com/boundaryx/cloudrasp-log4j2
π΅ Title: Minecraft Log4j Honeypot
π΅ Description: Minecraft Honeypot for Log4j exploit. CVE-2021-44228 Log4Shell LogJam
π΅ Url: https://github.com/Adikso/minecraft-log4j-honeypot
π΅ Title: CVE-2021-44228 a.k.a. LOG4J
π΅ Description: This is a public repository from Wortell containing information, links, files and other items related to CVE-2021-44228
π΅ Url: https://github.com/wortell/log4j
π΅ Title: L4J-Vuln-Patch
π΅ Description: This tool patches the CVE-2021-44228 Log4J vulnerability present in all minecraft versions NOTE THIS TOOL MUST BE RE-RUN after downloading or updating versions of minecraft as its not a perminent patch
π΅ Url: https://github.com/jacobtread/L4J-Vuln-Patch
π΅ Title: log4j-vulnerability-patcher-agent
π΅ Description: Fixes CVE-2021-44228 in log4j by patching JndiLookup class
π΅ Url: https://github.com/saharNooby/log4j-vulnerability-patcher-agent
π΅ Title: log4jail
π΅ Description: A fast firewall reverse proxy with TLS (HTTPS) and swarm support for preventing Log4J (Log4Shell aka CVE-2021-44228) attacks
π΅ Url: https://github.com/mufeedvh/log4jail