The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Top 23 Log4j Open-Source Projects
-
Apache Log4j 2
Apache Log4j 2 is a versatile, feature-rich, efficient logging API and backend for Java.
Project mention: Hackers exploited Windows 0-day for 6 months after Microsoft knew of it | news.ycombinator.com | 2024-03-05I don't think that's a good example. While Apache devs are volunteers and Microsoft devs are employees, they were criticized for their slow response time and seeming lack of urgency until it was far too late.
https://github.com/apache/logging-log4j2/pull/608#issuecomme...
-
CVE-2021-44228-PoC-log4j-bypass-words
🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
awesome-list-of-secrets-in-environment-variables
🦄🔒 Awesome list of secrets in environment variables 🖥️
-
log4j-detector
A public open sourced tool. Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too! TAG_OS_TOOL, OWNER_KELLY, DC_PUBLIC
-
Live-Forensicator
Powershell Script to aid Incidence Response and Live Forensics | Bash Script for MacOS Live Forensics and Incidence Response
-
log4j-finder
Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228, CVE-2021-45046, CVE-2021-45105)
-
LogMePwn
A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
-
-
-
-
-
-
-
py4jshell
Simulating Log4j Remote Code Execution (RCE) vulnerability in a flask web server using python's logging library with custom formatter that simulates lookup substitution by executing remote exploit code.
-
log4shell-tools
Tool that runs a test to check whether one of your applications is affected by the recent vulnerabilities in log4j: CVE-2021-44228 and CVE-2021-45046
-
-
-
log4j-cve-2021-44228
Ansible detector scanner playbook to verify target Linux hosts using the official Red Hat Log4j detector script RHSB-2021-009 Remote Code Execution - log4j (CVE-2021-44228)
-
log4j-log4shell-affected
Lists of affected components and affected apps/vendors by CVE-2021-44228 (aka Log4shell or Log4j RCE). This list is meant as a resource for security responders to be able to find and address the vulnerability
-
-
Log4jPatcher
A mitigation for CVE-2021-44228 (log4shell) that works by patching the vulnerability at runtime. (Works with any vulnerable java software, tested with java 6 and newer)
-
log4shelldetect
Rapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or "that Log4j JNDI exploit" by inspecting the class paths inside files
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Log4j related posts
- Log4j: The Pain Just Keeps Going and Going
- How to send similar payload to different http headers?
- Known applications that use Spring Framework
- log4j shell poc with User-Agent payload
- Example exploits for MacOS Endpoint Protection assessment
- Received a visit from the infamous Dejmnok420 today. Can anyone ELI5 the steps to take now?
- List of Secrets in Environment Variables
-
A note from our sponsor - WorkOS
workos.com | 29 Mar 2024
Index
What are some of the best open-source Log4j projects? This list will help you:
Project | Stars | |
---|---|---|
1 | Apache Log4j 2 | 3,259 |
2 | CVE-2021-44228-PoC-log4j-bypass-words | 918 |
3 | awesome-list-of-secrets-in-environment-variables | 843 |
4 | log4j-detector | 631 |
5 | Live-Forensicator | 482 |
6 | log4j-finder | 435 |
7 | LogMePwn | 379 |
8 | LogCaptor | 331 |
9 | log4jpwn | 308 |
10 | Log4j-RCE-Scanner | 256 |
11 | L4sh | 254 |
12 | log4j-sniffer | 193 |
13 | Log4Shell-IOCs | 184 |
14 | log4jscanwin | 154 |
15 | py4jshell | 86 |
16 | log4shell-tools | 84 |
17 | Log4PowerShell | 76 |
18 | Herald | 74 |
19 | log4j-cve-2021-44228 | 56 |
20 | log4j-log4shell-affected | 53 |
21 | java-reverse-tcp | 52 |
22 | Log4jPatcher | 46 |
23 | log4shelldetect | 44 |