log4jscanwin
MacDirtyCow
log4jscanwin | MacDirtyCow | |
---|---|---|
4 | 1 | |
154 | 7 | |
0.0% | - | |
1.3 | 1.5 | |
about 1 year ago | about 1 year ago | |
C | C | |
GNU General Public License v3.0 or later | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
log4jscanwin
- log4j scanner for subnet
-
Log4 detection by enterprise tools
We're using Qualys free tool https://github.com/Qualys/log4jscanwin and it has a quite detailed output, and as far as I can tell it can also be read from Qualys cloud agent (we don't have it so I don't know how effective it is)
-
Qualys Scans not finding Log4j, but Qualys stand-alone Log4j Vulnerability Scanner does?
Here's the link to the stand-alone scanner: GitHub - Qualys/log4jscanwin: Log4j Vulnerability Scanner for Windows Very much worth having.
-
So how exactly is Log4j supposed to be patched/mitigated on Windows?
This just came out - haven’t tested it yet though - https://github.com/Qualys/log4jscanwin
MacDirtyCow
-
[News] Linus Henze shares CVE-2023-28206 PoC with code execution and kernel privileges on iOS 16.4 and below
MDC is a privilege escalation bug, it allows for write in root-owned files. (git). This is a kernel bug, which allows for Arbitrary Code Execution (ACE)
What are some alternatives?
incidentresponse
CVE-2021-4034 - PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)
CVE-2021-44228-Scanner - Vulnerability scanner and mitigation patch for Log4j2 CVE-2021-44228
Hardware-and-Firmware-Security-Guidance - Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber
CVE-2022-22965 - 🚀 Exploit for Spring core RCE in C [ wip ]
SUDO_KILLER - A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.
local-log4j-vuln-scanner - Simple local scanner for vulnerable log4j instances
h-encore - Fully chained kernel exploit for the PS Vita on firmwares 3.65-3.68
nse-log4shell - Nmap NSE scripts to check against log4shell or LogJam vulnerabilities (CVE-2021-44228)
h-encore-2 - Fully chained kernel exploit for the PS Vita on firmwares 3.65-3.74
PatchAgainstLog4Shell - This is for patching against Log4Shell in Windows via Powershell
unleashed-firmware - Flipper Zero Unleashed Firmware