Log4j-CVE-Detect
Detections for CVE-2021-44228 inside of nested binaries (by darkarnium)
apache-log4j-poc
Apache Log4j 远程代码执行 (by tangxiaofeng7)
Our great sponsors
Log4j-CVE-Detect | apache-log4j-poc | |
---|---|---|
1 | 3 | |
34 | 105 | |
- | - | |
5.0 | 3.8 | |
over 2 years ago | over 2 years ago | |
YARA | Java | |
BSD 3-clause "New" or "Revised" License | - |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Log4j-CVE-Detect
Posts with mentions or reviews of Log4j-CVE-Detect.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-12-09.
apache-log4j-poc
Posts with mentions or reviews of apache-log4j-poc.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-12-10.
-
2021-12-10 - Cool Query Friday - Hunting Apache Log4j CVE-2021-44228 (Log4Shell)
Proof of Concept
-
Log4j 0day being exploited
Exploit: https://github.com/tangxiaofeng7/apache-log4j-poc
-
Log4j RCE Found
Are there any mitigations in recent JVMs?
I tried reproducing this, and got the POC to hit the LDAP server, but it wouldn't load the test payload.
See also:
- https://github.com/tangxiaofeng7/apache-log4j-poc
What are some alternatives?
When comparing Log4j-CVE-Detect and apache-log4j-poc you can also consider the following projects:
CVE-2021-44228-Scanner - Vulnerability scanner and mitigation patch for Log4j2 CVE-2021-44228
nuclei-templates - Community curated list of templates for the nuclei engine to find security vulnerabilities.