Log4J Network Scanning/Detection on a 100k+ Node Network

1. nuclei

   1 17 22,595 9.7 Go

   Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.

   

   Check out Nuclei (https://github.com/projectdiscovery/nuclei)

2. CodeRabbit

   coderabbit.ai featured

   CodeRabbit: AI Code Reviews for Developers. Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.

   

3. CVE-2021-44228_scanner

   2 13 344 1.8 PowerShell

   Discontinued Scanners for Jar files that may be vulnerable to CVE-2021-44228

   

   The last scanner type is looking for the classes. Carnegie Mellon’s CERTCC released one that is referenced by CISA: https://github.com/CERTCC/CVE-2021-44228_scanner that look for class names and some fingerprints. Then there is a scanner written in Go that checks for the vulnerable class files and their hashes (inside JARs, WARs,EARs, and zips). https://github.com/hillu/local-log4j-vuln-scanner

4. local-log4j-vuln-scanner

   3 10 374 1.8 Go

   Simple local scanner for vulnerable log4j instances

   

   The last scanner type is looking for the classes. Carnegie Mellon’s CERTCC released one that is referenced by CISA: https://github.com/CERTCC/CVE-2021-44228_scanner that look for class names and some fingerprints. Then there is a scanner written in Go that checks for the vulnerable class files and their hashes (inside JARs, WARs,EARs, and zips). https://github.com/hillu/local-log4j-vuln-scanner

Suggest a related project