Evidence of a log4j attack found - Now what?

This page summarizes the projects mentioned and recommended in the original post on /r/cybersecurity
#Signature #yara-rules #IoC #Scanner #Yara

Our great sponsors
  • InfluxDB - Access the most powerful time series database as a service
  • SonarLint - Clean code begins in your IDE with SonarLint
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • log4shell-tool

    Log4Shell Enumeration, Mitigation and Attack Detection Tool

    Start with confirming that an incident took place. My five-minute understanding of Datto's ComStore log4shell tool is that it does two things:

  • signature-base

    YARA signature and IOC database for my scanners and tools

    Uses these YARA rules to read JAR, LOG, and TXT files on the system, throwing warnings if any log4shell-looking payloads are found based on those various rules.

  • InfluxDB

    Access the most powerful time series database as a service. Ingest, store, & analyze all types of time series data in a fully-managed, purpose-built database. Keep data forever with low-cost storage and superior data compression.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts