log4j-detector
log4jscanwin
log4j-detector | log4jscanwin | |
---|---|---|
8 | 4 | |
631 | 154 | |
0.0% | 0.0% | |
0.0 | 1.3 | |
about 2 years ago | about 1 year ago | |
Java | C | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
log4j-detector
-
Continuing log4j detection
If you don't have server scanning tools like Nessus or Tenable that are capable of detecting log4j (nested or mitigsted), you could set up ad-hoc scanning with an open source tool like https://github.com/mergebase/log4j-detector
- Show HN: Log4j-detector – Finds all Log4j versions on a given file-system
-
Does Log4J require Java to be installed?
No- if you want to determine if a server is vulnerable this is actually the best script which is currently out there: https://github.com/mergebase/log4j-detector
-
Log4j Windows Scanner
There's also https://github.com/mergebase/log4j-detector, which is from MergeBase (a software composition analysis company).
- Welp, how's your LOG4J remediation coming along?
- log4j-detector: Detects log4j versions on your file-system, including deeply recursively nested copies (zips inside zips inside zips).
- Detects Log4j versions on your file-system
- Log4j 0day being exploited (mega thread/ overview)
log4jscanwin
- log4j scanner for subnet
-
Log4 detection by enterprise tools
We're using Qualys free tool https://github.com/Qualys/log4jscanwin and it has a quite detailed output, and as far as I can tell it can also be read from Qualys cloud agent (we don't have it so I don't know how effective it is)
-
Qualys Scans not finding Log4j, but Qualys stand-alone Log4j Vulnerability Scanner does?
Here's the link to the stand-alone scanner: GitHub - Qualys/log4jscanwin: Log4j Vulnerability Scanner for Windows Very much worth having.
-
So how exactly is Log4j supposed to be patched/mitigated on Windows?
This just came out - haven’t tested it yet though - https://github.com/Qualys/log4jscanwin
What are some alternatives?
log4j-scanner - Log4j 2 (CVE-2021-44228) vulnerability scanner for Windows OS
incidentresponse
Logout4Shell - Use Log4Shell vulnerability to vaccinate a victim server against Log4Shell
CVE-2021-44228-Scanner - Vulnerability scanner and mitigation patch for Log4j2 CVE-2021-44228
log4jshield - Log4j Shield - fast ⚡, scalable and easy to use Log4j vulnerability CVE-2021-44228 finder and patcher
MacDirtyCow - Example of CVE-2022-46689 aka MacDirtyCow.
PowerShellSnippets
CVE-2022-22965 - 🚀 Exploit for Spring core RCE in C [ wip ]
local-log4j-vuln-scanner - Simple local scanner for vulnerable log4j instances
nse-log4shell - Nmap NSE scripts to check against log4shell or LogJam vulnerabilities (CVE-2021-44228)
PatchAgainstLog4Shell - This is for patching against Log4Shell in Windows via Powershell