cve-2021-45046

cisagov/log4j-scanner

log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.

Puliczek/CVE-2021-44228-PoC-log4j-bypass-words

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

logpresso/CVE-2021-44228-Scanner

Vulnerability scanner and mitigation patch for Log4j2 CVE-2021-44228

mergebase/log4j-detector

A public open sourced tool. Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too! TAG_OS_TOOL, OWNER_KELLY, DC_PUBLIC

fox-it/log4j-finder

Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228, CVE-2021-45046, CVE-2021-45105)

Qualys/log4jscanwin

Log4j Vulnerability Scanner for Windows

alexbakker/log4shell-tools

Tool that runs a test to check whether one of your applications is affected by the recent vulnerabilities in log4j: CVE-2021-44228 and CVE-2021-45046

zhzyker/logmap

Log4j jndi injection fuzz tool

1lann/log4shelldetect

Rapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or "that Log4j JNDI exploit" by inspecting the class paths inside files

HynekPetrak/log4shell-finder

Fastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excellent performance and low memory footprint.

darkarnium/Log4j-CVE-Detect

Detections for CVE-2021-44228 inside of nested binaries

khulnasoft-lab/awesome-security

r3kind1e/Log4Shell-obfuscated-payloads-generator

Generate primary obfuscated or secondary obfuscated CVE-2021-44228 or CVE-2021-45046 payloads to evade WAF detection.

mergebase/log4j-samples

Public testing data. Samples of log4j library versions to help log4j scanners / detectors improve their accuracy for detecting CVE-2021-45046 and CVE-2021-44228. TAG_TESTING, OWNER_KEN, DC_PUBLIC

xsultan/log4jshield

Log4j Shield - fast ⚡, scalable and easy to use Log4j vulnerability CVE-2021-44228 finder and patcher

hupe1980/scan4log4shell

Scanner to send specially crafted requests and catch callbacks of systems that are impacted by log4j log4shell vulnerability and to detect vulnerable log4j versions on your local file-system

pfichtner/log4shell-hunter

Scanner that scans local files for log4shell vulnerability. Does bytecode analysis so it does not rely on metadata. Will find vulnerable log4j even it has been self-compiled/repackaged/shaded/nested (e.g. uberjar, fatjar) and even obfuscated.

thl-cmk/CVE-log4j-check_mk-plugin

CVE-log4j CheckMK plugin

Afrouper/MavenDependencyCVE-Scanner

A simple and fast Maven dependency vulnerability scanner. Check existence of vuln JARs (transitive)

at-bay/log4j-checker

log4shell vulnerability checker tool

gitlab-de/log4j-resources

This repository is designed to be a collection of resources to learn about, detect and mitigate the impact of the Log4j vulnerability - more formally known as CVE-2021-44228 and CVE-2021-45046 (mirror from GitLab.com)

juergenhoetzel/log4j2go

A Log4J Version 2 Detector written in golang

nagten/JndiLookupRemoval

PowerShell script to Remove JndiLookup.class from Jar-files to remediate LOG4J Vulnerability uses built-in compression library of Windows.

tejas-nagchandi/CVE-2021-45046

Replicating CVE-2021-45046

richardbischof/log4j-detector-to-csv

Script to combine all host specific json outputs from log4j-detector into one single csv file. Requires only standard python installation, no further dependencies.

yannart/log4shell-scanner-rs

Scans the file system to find Log4Shell vulnerabilities.