log4j-affected-db
log4shell-vulnerable-app
Our great sponsors
log4j-affected-db | log4shell-vulnerable-app | |
---|---|---|
30 | 5 | |
1,117 | 1,089 | |
- | - | |
7.1 | 0.0 | |
over 1 year ago | 12 months ago | |
Shell | Java | |
Creative Commons Zero v1.0 Universal | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
log4j-affected-db
- Patching log4j
- how to remidiate log4j with PDQ deploy
- looking for app that is vulnerable to log4j for testing
-
AMD slips by as Log4Shell exploit affects other top tech giants, such as Intel, Microsoft, and NVIDIA
Full known list https://github.com/cisagov/log4j-affected-db/blob/develop/SOFTWARE-LIST.md
- AV Log4j Vulnerabilities
-
Log4j vulnerabilities
Affected software is listed here https://github.com/cisagov/log4j-affected-db
- Cómo protegerse de la vulnerabilidad Log4Shell
- Impacto real de Log4j a nivel nacional ¿¿Algún experto que sepa bien qpdo??
- Anyone have a suggestion for something to install for a known VULNERABLE log4j test?
- A community sourced list of log4j-affected software
log4shell-vulnerable-app
- Finding the "practical" component for my thesis on Log4Shell
- looking for app that is vulnerable to log4j for testing
-
PSA: When there's a 0day, don't trust random people on the internet. Verify everything.
If you aren't sure exactly how this works I recommend trying the log4shell-vulnerable-app and test it yourself with something like dnslog.cn in a controlled/sandboxed environment.
- Log4j Vulnerability Cheatsheet
- Example Spring Boot Application Vulnerable to Log4j RCE
What are some alternatives?
trivy - Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
log4j-scan - A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
log4shell-tools - Tool that runs a test to check whether one of your applications is affected by the recent vulnerabilities in log4j: CVE-2021-44228 and CVE-2021-45046
Log4j-RCE-Scanner - Remote command execution vulnerability scanner for Log4j.
ledger-live-desktop - ⛔️ DEPRECATED - Ledger Live (Desktop)
log4jpwn - log4j rce test environment and poc
ysoserial - A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
aegis4j - A Java agent that disables platform features you don't use, before an attacker uses them against you.
Apache Log4j 2 - Apache Log4j 2 is a versatile, feature-rich, efficient logging API and backend for Java.
log4shell - Operational information regarding the log4shell vulnerabilities in the Log4j logging library.
log4jScanner - log4jScanner provides the ability to scan internal subnets for vulnerable log4j web services
logstash-patterns-core