log4j-shell-poc
A Proof-Of-Concept for the CVE-2021-44228 vulnerability. (by kozmer)
py4jshell
Simulating Log4j Remote Code Execution (RCE) vulnerability in a flask web server using python's logging library with custom formatter that simulates lookup substitution by executing remote exploit code. (by Narasimha1997)
log4j-shell-poc | py4jshell | |
---|---|---|
2 | 3 | |
1,718 | 86 | |
- | - | |
0.0 | 2.6 | |
3 months ago | over 2 years ago | |
Python | Python | |
MIT License | GNU General Public License v3.0 or later |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
log4j-shell-poc
Posts with mentions or reviews of log4j-shell-poc.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-03-27.
-
log4j shell poc with User-Agent payload
https://github.com/kozmer/log4j-shell-poc/blob/main/vulnerable-application/src/main/java/com/example/log4shell/LoginServlet.java line 31
py4jshell
Posts with mentions or reviews of py4jshell.
We have used some of these posts to build our list of alternatives
and similar projects.
- GitHub - Narasimha1997/py4jshell: Simulating Log4j Remote Code Execution (RCE) vulnerability in a flask web server using python's logging library with custom formatter that simulates lookup substitution by executing remote exploit code.
-
py4jshell
Simulating Log4j Remote Code Execution (RCE) CVE-2021-44228 vulnerability in a flask web server using python's logging library with custom formatter that simulates lookup substitution on URLs. This repository is a POC of how Log4j remote code execution vulnerability works. Link to repository
What are some alternatives?
When comparing log4j-shell-poc and py4jshell you can also consider the following projects:
L4sh - Log4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.
log4jpwn - log4j rce test environment and poc
EJS-Exploit - Remote Code Execution EJS Web Applications using express-fileupload
CVE-2021-44228-PoC-log4j-bypass-words - 🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
SQLMap - Automatic SQL injection and database takeover tool
log4j-finder - Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228, CVE-2021-45046, CVE-2021-45105)
awesome-list-of-secrets-in-environment-variables - 🦄🔒 Awesome list of secrets in environment variables 🖥️