log4j-detector
A public open sourced tool. Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too! TAG_OS_TOOL, OWNER_KELLY, DC_PUBLIC (by mergebase)
PowerShellSnippets
By omrsafetyo
| log4j-detector | PowerShellSnippets | |
|---|---|---|
| 8 | 8 | |
| 631 | 54 | |
| 0.0% | - | |
| 0.0 | 4.9 | |
| about 2 years ago | over 2 years ago | |
| Java | PowerShell | |
| GNU General Public License v3.0 or later | - |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
log4j-detector
Posts with mentions or reviews of log4j-detector.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-12-13.
-
Continuing log4j detection
If you don't have server scanning tools like Nessus or Tenable that are capable of detecting log4j (nested or mitigsted), you could set up ad-hoc scanning with an open source tool like https://github.com/mergebase/log4j-detector
- Show HN: Log4j-detector – Finds all Log4j versions on a given file-system
-
Does Log4J require Java to be installed?
No- if you want to determine if a server is vulnerable this is actually the best script which is currently out there: https://github.com/mergebase/log4j-detector
-
Log4j Windows Scanner
There's also https://github.com/mergebase/log4j-detector, which is from MergeBase (a software composition analysis company).
- Welp, how's your LOG4J remediation coming along?
- log4j-detector: Detects log4j versions on your file-system, including deeply recursively nested copies (zips inside zips inside zips).
- Detects Log4j versions on your file-system
- Log4j 0day being exploited (mega thread/ overview)
PowerShellSnippets
Posts with mentions or reviews of PowerShellSnippets.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-12-26.
-
Script all database object to single file per object using dbatools
So if for whatever reason you can't get the dba tools to work (it looks like there is a viable answer above), you can always use scripting options with the script method to script out database objects, via SMO. I have a sample script here which is a bit different from what you've asked for, but shows the fundamentals of what you might want to do.
- Log4j vulnerability mitigation
-
In case anyone needs it, here's a quick and dirty powershell script to patch log4j to prevent log4shell (CVE-2021-44228)
Not that messy! I added a link to this thread and direct to the github link from my README on my scanner utility repo. When I get a chance I may borrow this and updated it to use the same remote methods I used in the last script, but read the file/computer list from my generated CSV - that way people can clean up the CSV for their particular targets, and push an update with this script. Nice work!
- The Log4j Vulnerability Explained : Detection and Exploitation | TryHackMe Log4j
-
Log4j PDQ scan profile
The issue with searching for log4j*.jar is that you miss out on bundled jars which have different filenames hashes. It might be a better approach to search for all jar files and look inside if there is a jndilookup.class mentioned. This might add some false positives - but this is imho better than false negatives. Here is a powershell script which implements that approach: https://github.com/omrsafetyo/PowerShellSnippets/blob/master/Invoke-Log4ShellScan.ps1
- Log4j 0day being exploited (mega thread/ overview)
- Log4Shell Scanner multi-server, massively parallel PowerShell
What are some alternatives?
When comparing log4j-detector and PowerShellSnippets you can also consider the following projects:
log4j-scanner - Log4j 2 (CVE-2021-44228) vulnerability scanner for Windows OS
CVE-2021-44228-Log4Shell-Hashes - Hashes for vulnerable LOG4J versions
Logout4Shell - Use Log4Shell vulnerability to vaccinate a victim server against Log4Shell
log4jshield - Log4j Shield - fast ⚡, scalable and easy to use Log4j vulnerability CVE-2021-44228 finder and patcher
Log4j-PoSH - Powershell tools for log4j vulnerability
log4shell-tool - Log4Shell Enumeration, Mitigation and Attack Detection Tool
incidentresponse
hotpatch-for-apache-log4j2 - An agent to hotpatch the log4j RCE from CVE-2021-44228.
jmxfetch - Export JMX metrics
Apache Log4j 2 - Apache Log4j 2 is a versatile, feature-rich, efficient logging API and backend for Java.
CVE-2021-44228_scanner - Scanners for Jar files that may be vulnerable to CVE-2021-44228
log4j-detector vs log4j-scanner
PowerShellSnippets vs CVE-2021-44228-Log4Shell-Hashes
log4j-detector vs Logout4Shell
PowerShellSnippets vs Logout4Shell
log4j-detector vs log4jshield
PowerShellSnippets vs Log4j-PoSH
PowerShellSnippets vs log4shell-tool
PowerShellSnippets vs incidentresponse
PowerShellSnippets vs hotpatch-for-apache-log4j2
PowerShellSnippets vs jmxfetch
PowerShellSnippets vs Apache Log4j 2
PowerShellSnippets vs CVE-2021-44228_scanner