Evidence of a log4j attack found - Now what?

This page summarizes the projects mentioned and recommended in the original post on /r/cybersecurity
Signature yara-rules IoC Scanner Yara

WorkOS
Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • log4shell-tool

    Log4Shell Enumeration, Mitigation and Attack Detection Tool

    • Start with confirming that an incident took place. My five-minute understanding of Datto's ComStore log4shell tool is that it does two things:

  • signature-base

    YARA signature and IOC database for my scanners and tools

    • Uses these YARA rules to read JAR, LOG, and TXT files on the system, throwing warnings if any log4shell-looking payloads are found based on those various rules.

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts