log4shell-vulnerable-app
Log4j-RCE-Scanner
log4shell-vulnerable-app | Log4j-RCE-Scanner | |
---|---|---|
5 | 1 | |
1,091 | 255 | |
- | - | |
0.0 | 3.8 | |
8 days ago | 9 months ago | |
Java | Shell | |
Apache License 2.0 | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
log4shell-vulnerable-app
- Finding the "practical" component for my thesis on Log4Shell
- looking for app that is vulnerable to log4j for testing
-
PSA: When there's a 0day, don't trust random people on the internet. Verify everything.
If you aren't sure exactly how this works I recommend trying the log4shell-vulnerable-app and test it yourself with something like dnslog.cn in a controlled/sandboxed environment.
- Log4j Vulnerability Cheatsheet
- Example Spring Boot Application Vulnerable to Log4j RCE
Log4j-RCE-Scanner
What are some alternatives?
log4j-affected-db - A community sourced list of log4j-affected software
log4jpwn - log4j rce test environment and poc
log4j-scan - A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
LogMePwn - A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.
log4j-scan-turbo - Multithreaded log4j vulnerability scanner using only bash! Tests all JNDI protocols, HTTP GET/POST, and 84 headers.
log4j2-rce-poc - A bare minimum proof-of-concept for Log4j2 JNDI RCE vulnerability (CVE-2021-44228/Log4Shell).
canarytokens - Canarytokens helps track activity and actions on your network.
log4j-finder - Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228, CVE-2021-45046, CVE-2021-45105)
log4jshield - Log4j Shield - fast ⚡, scalable and easy to use Log4j vulnerability CVE-2021-44228 finder and patcher