SaaSHub helps you find the best software and product alternatives Learn more →
Top 10 Java Log4j Projects
-
Apache Log4j 2
Apache Log4j 2 is a versatile, feature-rich, efficient logging API and backend for Java.
Project mention: Hackers exploited Windows 0-day for 6 months after Microsoft knew of it | news.ycombinator.com | 2024-03-05I don't think that's a good example. While Apache devs are volunteers and Microsoft devs are employees, they were criticized for their slow response time and seeming lack of urgency until it was far too late.
https://github.com/apache/logging-log4j2/pull/608#issuecomme...
-
CVE-2021-44228-PoC-log4j-bypass-words
🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
log4j-detector
A public open sourced tool. Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too! TAG_OS_TOOL, OWNER_KELLY, DC_PUBLIC
-
-
-
-
Log4jPatcher
A mitigation for CVE-2021-44228 (log4shell) that works by patching the vulnerability at runtime. (Works with any vulnerable java software, tested with java 6 and newer)
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
cve-2021-44228-qingteng-online-patch
Hot-patch CVE-2021-44228 by exploiting the vulnerability itself.
-
-
I had the same challenge deciding what option would be the beste and attempted to solve it with an mini library which just attempts slf4j, log4j2 and fallbacks to java itil logging. It was useful for this kind of situation, not quite sure whether it is useful for others though... see here for more https://github.com/Hakky54/yaslf4j
Java Log4j related posts
- Log4j: The Pain Just Keeps Going and Going
- Log4Shell Update: Severity Upgraded 3.7 -> 9.0 for Second log4j Vulnerability (CVE-2021-45046) | LunaSec - v2.15 of Log4j has an RCE
- Log4j 2.15.0 – Previously suggested mitigations may not be enough
- Analysis of the 2nd Log4j CVE published earlier (CVE-2021-45046 / Log4Shell2)
- A Blog about detection of Log4Shell
- Zero-Day RCE Vulnerability CVE-2021-44228 aka Log4Shell: What We Know So Far
- CrowdSec is now able to detect and mitigate log4j CVE-2021-44228
-
A note from our sponsor - SaaSHub
www.saashub.com | 18 Apr 2024
Index
What are some of the best open-source Log4j projects in Java? This list will help you:
Project | Stars | |
---|---|---|
1 | Apache Log4j 2 | 3,266 |
2 | CVE-2021-44228-PoC-log4j-bypass-words | 924 |
3 | log4j-detector | 631 |
4 | LogCaptor | 339 |
5 | Herald | 74 |
6 | java-reverse-tcp | 53 |
7 | Log4jPatcher | 46 |
8 | cve-2021-44228-qingteng-online-patch | 26 |
9 | mdc4spring | 16 |
10 | yaslf4j | 1 |