log4shell

There are 122 repositories under log4shell topic.

  • NCSC-NL/log4shell

    Operational information regarding the log4shell vulnerabilities in the Log4j logging library.

    Language:Python1.9k7098611

  • lunasec-io/lunasec

    LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

    Language:TypeScript1.4k30290162

  • Schira4396/VcenterKiller

    一款针对Vcenter的综合利用工具,包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j,提供一键上传webshell,命令执行或者上传公钥使用SSH免密连接

    Language:Go1.3k1413160

  • christophetd/log4shell-vulnerable-app

    Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228).

    Language:Java1.1k2325528

  • mergebase/log4j-detector

    A public open sourced tool. Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too! TAG_OS_TOOL, OWNER_KELLY, DC_PUBLIC

    Language:Java631287698

  • fox-it/log4j-finder

    Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228, CVE-2021-45046, CVE-2021-45105)

    Language:Python434213797
  • local-log4j-vuln-scanner

    hillu/local-log4j-vuln-scanner

    Simple local scanner for vulnerable log4j instances

    Language:Go380283277

  • leonjza/log4jpwn

    log4j rce test environment and poc

    Language:Python3087586

  • adilsoybali/Log4j-RCE-Scanner

    Remote command execution vulnerability scanner for Log4j.

    Language:Shell2559555

  • cyberstruggle/L4sh

    Log4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.

    Language:Python2537564

  • snyk-labs/awesome-log4shell

    An Awesome List of Log4Shell resources to help you stay informed and secure! 🔒

    22114348

  • NS-Sp4ce/Vm4J

    A tool for detect&exploit vmware product log4j(cve-2021-44228) vulnerability.Support VMware HCX/vCenter/NSX/Horizon/vRealize Operations Manager

    Language:C#2025136

  • HackJava/Log4j2

    《HackLog4j-永恒之恶龙》致敬全宇宙最无敌的Java日志库!Tribute to the most invincible Java logging library in the universe!

    1945066

  • curated-intel/Log4Shell-IOCs

    A collection of intelligence about Log4Shell and its exploitation activity.

    Language:Python18223037

  • ox-eye/Ox4Shell

    Deobfuscate Log4Shell payloads with ease.

    Language:Python1593019

  • Qualys/log4jscanwin

    Log4j Vulnerability Scanner for Windows

    Language:C152193531

  • NorthwaveSecurity/log4jcheck

    A script that checks for vulnerable Log4j (CVE-2021-44228) systems using injection of the payload in common HTTP headers.

    Language:Python1267326

  • trickest/log4j

    Trickest Workflow for discovering log4j vulnerabilities and gathering the newest community payloads.

    1115423

  • alexbakker/log4shell-tools

    Tool that runs a test to check whether one of your applications is affected by the recent vulnerabilities in log4j: CVE-2021-44228 and CVE-2021-45046

    Language:Go854214

  • giterlizzi/nmap-log4shell

    Nmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)

    Language:Lua746419

  • zhzyker/logmap

    Log4j jndi injection fuzz tool

    Language:Python722117

  • cyberxml/log4j-poc

    A Docker based LDAP RCE exploit demo for CVE-2021-44228 Log4Shell

    Language:Java704634

  • ilsubyeega/log4j2-rce-exploit

    log4j2 remote code execution or IP leakage exploit (with examples)

    Language:Java682226

  • intezer/log4jscan

    Language:Shell599419

  • For-ACGN/Log4Shell

    Check, exploit, generate class, obfuscate, TLS, ACME about log4j2 vulnerability in one Go program.

    Language:Go584019

  • lucab85/log4j-cve-2021-44228

    Ansible detector scanner playbook to verify target Linux hosts using the official Red Hat Log4j detector script RHSB-2021-009 Remote Code Execution - log4j (CVE-2021-44228)

    56519

  • CodeShield-Security/Log4JShell-Bytecode-Detector

    Local Bytecode Scanner for the Log4JShell Vulnerability (CVE-2021-44228)

    Language:Java50869

  • CreeperHost/Log4jPatcher

    A mitigation for CVE-2021-44228 (log4shell) that works by patching the vulnerability at runtime. (Works with any vulnerable java software, tested with java 6 and newer)

    Language:Java46326

  • 1lann/log4shelldetect

    Rapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or "that Log4j JNDI exploit" by inspecting the class paths inside files

    Language:Go44658

  • righel/log4shell_nse

    nse script to inject jndi payloads

    Language:Lua443110

  • Contrast-Security-OSS/safelog4j

    Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading

    Language:Java4113114

  • infiniroot/nginx-mitigate-log4shell

    Mitigate log4shell (CVE-2021-44228) vulnerability attacks using Nginx LUA script

    381576

  • Goqi/ELong

    永恒之恶龙-Log4j漏洞安全自查工具

    372011

  • HynekPetrak/log4shell-finder

    Fastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excellent performance and low memory footprint.

    Language:Python3752113

  • hackinghippo/log4shell_ioc_ips

    log4j / log4shell IoCs from multiple sources put together in one big file (IPs) more coming soon (CVE-2021-44228)

    Language:Shell364412

  • righettod/log4shell-analysis

    Contains all my research and content produced regarding the log4shell vulnerability

    Language:Java32546