2021-12-10 - Cool Query Friday - Hunting Apache Log4j CVE-2021-44228 (Log4Shell)

This page summarizes the projects mentioned and recommended in the original post on /r/crowdstrike
Log4j Logging Apache API Java

WorkOS
Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • apache-log4j-poc

    Discontinued Apache Log4j 远程代码执行

    • Proof of Concept

  • Apache Log4j 2

    Apache Log4j 2 is a versatile, feature-rich, efficient logging API and backend for Java.

    • My understanding is this is the commit in Log4j that remediates the issue. I would check the clones for the same pull request.

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo

  • CVE-2021-44228-Log4Shell-Hashes

    Hashes for vulnerable LOG4J versions

    • How would i create a query to do a mass hash lookup per the log4j version hashes found here: https://github.com/mubix/CVE-2021-44228-Log4Shell-Hashes

  • logging-log4j1

    Discontinued Apache log4j1

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts