Our great sponsors
-
log4shell
Discontinued Operational information regarding the log4shell vulnerabilities in the Log4j logging library.
-
log4j-finder
Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228, CVE-2021-45046, CVE-2021-45105)
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
I prefer https://github.com/fox-it/log4j-finder
It's quite tricky and there is a lot of dubious advice around. This tool is very quick: https://github.com/logpresso/CVE-2021-44228-Scanner Download a binary release from the releases section at the right of the page. I've run it over many, many, many machines so far.