CVE-2021-45046

Jmeter Cluster for k8s/docker/dockerswarm

Copy from githubcom/justb4/docker-jmeter docker-jmeter Image on Docker Hub Docker image for Apache JMeter This Docker image can be run as the jmeter command Find Images of this repo on Docker Hub Starting version 54 Docker builds/pushes are executed via GitHub Workflows Security Patches As you may have seen in the news, a new zero-day exploit has been reported aga

In deze publieke repo informeert Insignit over CVE's

cve-informatie In deze publieke repo informeert Insignit over CVE's CVE-2021-44228 Apache Log4J + CVE-2021-45046 PrintNightMare

Awesome Bugs 🐛

Awesome Bugs 🐛 A compilation list about bugs on software Collection of Software Bugs HackerNews Null References: The Billion Dollar Mistake HackerNews Worst Bugs The worst mistake of computer science 11 of the most costly software errors in history Therac 25 Sistema "apaga" o zero do CPF no cadastro e dificulta pedido de R$ 600 - PT-BR Articles One week

Curated list of GitHub projects I starred over the years

Awesome Stars A curated list of my GitHub stars! Generated by starred Contents API Blueprint ActionScript ApacheConf Astro C C# C++ CSS Clojure CoffeeScript Crystal DIGITAL Command Language Dart Dockerfile Elixir Elm Erlang FreeMarker Go HTML Handlebars Haskell Java JavaScript Jupyter Notebook Kotlin Less LiveScript Lua MATLAB MDX Makefile Markdown Mustache Nunjucks OCaml

log4j RCE (CVE-2021-44228)이 215에서 패치되었지만, CVE-2021-45046 (DoS 유발) 취약점이 새로 발견되었음 아래는 테스트 해본 결과 [테스트 환경] log4j-2150 (api , core) JRE-180 jdk180_151 Eclipse IDE (Maven Project) Log4j RCE (CVE-2021-44228) 구문 테스트 -> Not Vuln 임의의 ctx 객체명을 삽입 -> Not vuln

A sample project to debunk common misbeliefs regarding the impact the Log4j vulnerabilities on Java Applications.

Introduction This project intends to debunk two common misbeliefs regarding the impact of the recently discovered Log4j 2x vulnerabilities on JVM applications for two typical scenarios, as reported in the following CVE records: CVE-2021-44228 CVE-2021-45046 CVE-2021-45105 The first two, famously nicknamed Log4Shell, enable Remote-Code-Execution, whereas the last one allows a

OpenCensus - A stats collection and distributed tracing framework ❗ The opencensus-contrib-log-correlation-log4j2 Java client library is part of the OpenCensus project CVE-2021-44228 and CVE-2021-45046 disclosed security vulnerabilities in the Apache Log4j 2 version 215 or below The recent version v0283 depends on Log4j 2111 A number of previous versions also

l4shunter To hunt for machines vulnerable to CVE-2021-44228 or CVE-2021-45046 This is a bash script that uses curl It is originally a project that I made to improve in bash, but I think it can be useful in its current form Usage Advisory This script should be used for authorized penetration testing and/or educational purposes only Any misuse of this software will not be th

UNFI POC - Commands to execute API Performance Testing Stage git clone githubcom/hari-mutyala/HK-JmeterDockergit cd HK-JmeterDocker/ docker build -t hmutyala/hk-jmeter:v1 docker push hmutyala/hk-jmeter:v1 docker pull hmutyala/hk-jmeter:v1 docker run --name hk-jmeterpoc hmutyala/hk-jmeter:v1 docker container cp hk-jmeterpoc:/opt/apache-jmeter-55/bin/reports/API_PERF

CVE-2021-45046

🚨 Log4Shell: CVE-2021-44228 🚨 ❓ What is Log4Shell? The Log4Shell attack was a widespread Java exploit targeting a common logging package (Log4j) for remote code execution It leveraged a critical vulnerability in the Log4j library, enabling attackers to execute arbitrary code remotely via crafted log messages Despite the ubiquity of Log4j in various software frameworks

log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs Fuzzing for more than 60 HTTP request headers (not only 3-4 headers as previously seen tools) Fuzzing for HTTP POST Data parameters Fuzzing for JSON data parameters Supports DNS callback for vulnerability discovery and validation WAF Bypass

log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs Fuzzing for more than 60 HTTP request headers (not only 3-4 headers as previously seen tools) Fuzzing for HTTP POST Data parameters Fuzzing for JSON data parameters Supports DNS callback for vulnerability discovery and validation WAF Bypass

A backup source for Minecraft PVP-focused client made by LEF-ganga (aka ImFlowow)

Tritium-backup A backup source for Minecraft PVP-focused client made by LEF-ganga We are happy to make Tritium available again! 我们很高兴让 Tritium 再次可用！ Because the other LEF-ganga (aka ImFlowow) has deleted the resource repo originally deployed on Gitee, some code files cannot be downloaded (such as' me Imflow: authlib: 12 ') 由于彼岸花已�

A collection of Github gists.

awesome-gists Terraform AWS WAFv2 for Log4JRCE (CVE-2021-44228, CVE-2021-45046) and Spring4ShellRCE (CVE-2022-22963, CVE-2022-22965)

Operational information regarding the log4shell vulnerabilities in the Log4j logging library.

Log4shell vulnerabilities (CVE-2021-44228, CVE-2021-45046, CVE-2021-4104, CVE-2021-45105) This repo contains operational information regarding the Log4shell vulnerability in the Log4j logging library Especially CVE-2021-44228 / CVE-2021-45046 and also covers CVE-2021-4104 / CVE-2021-45105 For additional information see: NCSC-NL advisory MITRE EU CSIRT network members advisor

Warning OpenCensus and OpenTracing have merged to form OpenTelemetry, which serves as the next major version of OpenCensus and OpenTracing OpenTelemetry has now reached feature parity with OpenCensus, with tracing and metrics SDKs available in NET, Golang, Java, NodeJS, and Python All OpenCensus Github repositories, except census-instrumentation/opencensus-python, will be ar

Log4j Scanner This repository provides a scanning solution for the log4j Remote Code Execution vulnerabilities (CVE-2021-44228 & CVE-2021-45046) The information and code in this repository is provided "as is" and was assembled with the help of the open-source community and updated by CISA through collaboration with the broader cybersecurity community Officia

Log4j jndi injection fuzz tool

logmap 06 - Log4j jndi injection fuzz tool Used for fuzzing to test whether there are log4j2 jndi injection vulnerabilities in header/body/path Use logxn--9trcom dnslog by default, If you want to use ceyeio, you need to modify the domain and token Manually edit line #486 in logmappy to modify: argsceye = ["xxxxxxceyeio", "xxxxxxxxxxxxxxxxxx

Log4Shell mitigation by creating a new docker image with a thin overlay

Patch existing docker images with ENV LOG4J_FORMAT_MSG_NO_LOOKUPS=true workaround for Log4Shell NOTICE! THERE IS A NEWER Log4Shell issue, CVE-2021-45046 and this patch might not be sufficient! see the Dockerfile Add environment based workaround to disable vulnerable feature in Log4J 2100+ See twittercom/brunoborges/status/1469462412679991300 about LOG4J_FORMAT_MSG_N

docker-jmeter Image on Docker Hub Docker image for Apache JMeter This Docker image can be run as the jmeter command Find Images of this repo on Docker Hub Starting version 54 Docker builds/pushes are executed via GitHub Workflows Donate With over 10 Million Pulls from DockerHub, this Docker Image is increasingly popular To support its active maintainance consider making a

Log4j RCE Research Lab 🚧 A basic research lab to learn more about Log4Shell: CVE-2021-45105 CVE-2021-45046 CVE-2021-44228 Used By Microsoft Sentinel To-Go! CVE-2021-44228-Log4Shell Demo Deploy LDAP Reference & Web Servers Clone Repo sudo su git clone githubcom/zeroonesa/ctf_log4jshell Run Docker Compose File cd ctf

Modern Java/JVM Build Practices

Modern Java/JVM Build Practices Modern Java/JVM Build Practices is an article-as-repo on building modern Java/JVM projects using Gradle and Maven, and a starter project for Java The focus is best build practices and project hygiene This document is agnostic between Gradle and Maven: discussion in each section covers both tools (alphabetical order, Gradle before Maven) S

Tool that runs a test to check whether one of your applications is affected by the recent vulnerabilities in log4j: CVE-2021-44228 and CVE-2021-45046

log4shelltools log4shelltools is a tool that allows you to run a test to check whether one of your applications is affected by the recent vulnerabilities in log4j: CVE-2021-44228 and CVE-2021-45046 This is the code that runs log4shellalexbakkerme If you'd like to inspect the code or run an instance in your own environment, you've come to the right place

patch_log4j This cookbook scans for Log4j Core JAR files and patches them against CVE-2021-44228 and CVE-2021-45046 by removing their JndiLookupclass files Usage Install and configure Chef Client on the machines you want to patch Install and configure Chef Workstation on your developer workstation Add the cookbook to your Chef server cd <your cookbooks directory&am

log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs Fuzzing for more than 60 HTTP request headers (not only 3-4 headers as previously seen tools) Fuzzing for HTTP POST Data parameters Fuzzing for JSON data parameters Supports DNS callback for vulnerability discovery and validation WAF Bypass

A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228

log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs Fuzzing for more than 60 HTTP request headers (not only 3-4 headers as previously seen tools) Fuzzing for HTTP POST Data parameters Fuzzing for JSON data parameters Supports DNS callback for vulnerability discovery and validation WAF Bypass

Workshop Objectives 악성코드탐지 플랫폼 SonaType Nexus Firewall (IQ Server) 을 이용하여, SDLC 내에 위협요소가 유입되는 것을 방지할 수 있도록 Nexus Repository와 Nexus Firewall을 통한 실습을 수행합니다 가장 많이 사용하는 NPM, MAVEN, PYPI를 통해서 위협요소를 평가 실습하며, 주어진 미션을 완성함을 목적

A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228

log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs Fuzzing for more than 60 HTTP request headers (not only 3-4 headers as previously seen tools) Fuzzing for HTTP POST Data parameters Fuzzing for JSON data parameters Supports DNS callback for vulnerability discovery and validation WAF Bypass

Security Research and PoC

Security Research and PoC Log4Shell Analysis Log4Shell (CVE-2021-44228) Log4Shell Follow Up (CVE-2021-45046 and CVE-2021-45105) JNDI/LDAP Remote Code Execution (JNDI LDAP RCE vulnerability using Jackson) Jackson exploit leading to RCE (Another example of Jackson based RCE) Research on Prototype Pollution in Nodejs applications JavaScript Prototype Pollution (Analysis of Pro

Using code search to help fix/mitigate log4j CVE-2021-44228

Using code search to help fix/mitigate log4j CVE-2021-44228 and log4j CVE-2021-45046

log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs Fuzzing for more than 60 HTTP request headers (not only 3-4 headers as previously seen tools) Fuzzing for HTTP POST Data parameters Fuzzing for JSON data parameters Supports DNS callback for vulnerability discovery and validation WAF Bypass

nse-log4shell Nmap NSE scripts to check against log4shell or LogJam vulnerabilities (CVE-2021-44228) NSE scripts check most popular exposed services on the Internet It is basic script where you can customize payload Examples Note that NSE scripts will only issue the requests to the services Nmap will not report vulnerable hosts, but you have to check DNS logs to determine v

Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading

safelog4j Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell without scanning or upgrading If you're wrestling with log4shell CVE-2021-45046, the best longterm plan is to upgrade your log4j to the latest secure version But if you can't do that for whatever reason, you probably want to be really sure that you

The log4j vulnerability test

TestLog4j The log4j vulnerability test Details of the vulnerability is at loggingapacheorg/log4j/2x/securityhtml CHECK THE CVE-2021-45046 CVE-2021-44228

Applications that are vulnerable to the log4j CVE-2021-44228/45046 issue may be detectable by scanning jar, war, ear, zip files to search for the presence of JndiLookup.class.

log4shell Python Script to scan the server file system for log4j jars that are vulnerable to CVE-2021-44228 and CVE-2021-45046 The script recursively goes through the file system (including zip, ear, war) to find log4j versions 2* to 215 with org/apache/logging/log4j/core/lookup/JndiLookupclass The script takes the file system path to scan and lists down the vulnerable jar

This repository contains all gathered resources we used during our Incident Reponse on CVE-2021-44228 and CVE-2021-45046 aka Log4Shell.

CVE-2021-44228: Log4j / Log4Shell Security Research Summary This repository contains all gathered resources we used during our Incident Reponse on CVE-2021-44228 and CVE-2021-45046 aka Log4Shell Threat Intel Mitigations / Fixes Malware Reports Advisory IOCs / Callback Domains / IP Addresses Honeypots Payloads / Obfuscation / WAF Bypass Vulnerability Scanning Exploitation

A standard pkg installer to apply the IBM SPSS Statistics log4j fixes.

Fix pack for SPSS log4j vulnerabilities Applies the log4j 2171 fixes recomended by IBM for log4j vulnerabilities (Security bulletin copied below) There is a prebuilt signed pkg located in the build directory You can deploy it using whatever means ** created using munkipkg Document Source: wwwibmcom/support/pages/apache-log4j-cve-2021-44228-vulnerability-ibm-spss

Log4jHotPatch This is a tool which injects a Java agent into a running JVM process The agent will attempt to patch the lookup() method of all loaded orgapachelogginglog4jcorelookupJndiLookup instances to unconditionally return the string "Patched JndiLookup::lookup()" It is designed to address the CVE-2021-44228 remote code execution vulnerability in Log4j wit

docker-jmeter Image on Docker Hub Docker image for Apache JMeter This Docker image can be run as the jmeter command Find Images of this repo on Docker Hub Starting version 54 Docker builds/pushes are executed via GitHub Workflows Donate With over 10 Million Pulls from DockerHub, this Docker Image is increasingly popular To support its active maintainance consider making a

Log4shell vulnerabilities (CVE-2021-44228, CVE-2021-45046, CVE-2021-4104, CVE-2021-45105) This repo contains operational information regarding the Log4shell vulnerability in the Log4j logging library Especially CVE-2021-44228 / CVE-2021-45046 and also covers CVE-2021-4104 / CVE-2021-45105 For additional information see: NCSC-NL advisory MITRE CSIRT network members advisories

Log4j2 fix

Mule patcher A simple script that patches Mule anypoint studio, but it can be adapted for other projects as well Mule seems to work after the patch though deep dives need to be done for each application Note that the scala log4j drivers have not been patched yet Legal This is a quick and dirty tool, free to use and comes with NO WARRANTY at all Use at your own risk! Usage S

Scanners for Jar files that may be vulnerable to CVE-2021-44228

CVE-2021-44228_scanner Applications that are vulnerable to the log4j CVE-2021-44228 issue may be detectable by scanning jar, war, and ear files to search for the presence of JndiLookupclass Depending on the platform that you are investigating, the PowerShell or the Python3 script may make more sense to run In both cases, the optional argument is the top-level directory that

Respond to a ZeroDay Attack What you'll learn Learn how to address a vulnerability that may affect Product Development Staging Environment infrastructure What you'll do Review recent publications from the Cybersecurity & Infrastructure Security Agency (CISA) Research the reported vulnerability Draft an email to affected teams to alert them of the vulnerabi

Selection of ways to remove JndiLookup in now obsolete Minecraft versions, or versions that still have log4j < 2.10 and is unable to use `-Dlog4j2.formatMsgNoLookups=true`

NukeJndiLookupFromLog4j Removal of JndiLookup in now obsolete Minecraft versions, or versions that still have log4j &lt; 210 and is unable to use -Dlog4j2formatMsgNoLookups=true This is needed because of a major vulnerability introduced by the class' functionality, see more here: apache/logging-log4j2#608 NOTE: This fixes BOTH CVE-2021-44228 / CVE-2021-45046 (AKA

Use Log4Shell vulnerability to vaccinate a victim server against Log4Shell

Logout4Shell Description A vulnerability impacting Apache Log4j versions 20 through 2141 was disclosed on the project’s Github on December 9, 2021 The flaw has been dubbed “Log4Shell,”, and has the highest possible severity rating of 10 Software made or managed by the Apache Software Foundation (From here on just "Apache") is pervasive and comp

Nmap NSE scripts to check against log4shell or LogJam vulnerabilities (CVE-2021-44228)

nse-log4shell Nmap NSE scripts to check against log4shell or LogJam vulnerabilities (CVE-2021-44228) NSE scripts check most popular exposed services on the Internet It is basic script where you can customize payload Examples Note that NSE scripts will only issue the requests to the services Nmap will not report vulnerable hosts, but you have to check DNS logs to determine v

Oh no another one

CVE-2021-45046-Info Oh no another one POC ${ctx:apiversion} - %d{yyyy-MM-dd HH:mm:ss} %-5p %c{1}:%L - %m{nolookups}%n LINKS nvdnistgov/vuln/detail/CVE-2021-45046 wwwdatadoghqcom/blog/log4j-log4shell-vulnerability-overview-and-remediation/ wwwlunasecio/docs/blog/log4j-zero-day-update-on-cve-2021-45046/

docker-jmeter Image on Docker Hub Docker image for Apache JMeter This Docker image can be run as the jmeter command Find Images of this repo on Docker Hub Starting version 54 Docker builds/pushes are executed via GitHub Workflows Donate With over 10 Million Pulls from DockerHub, this Docker Image is increasingly popular To support its active maintainance consider making a

Tool to search system for log4j-*.jar files

find_log4j Searches all disks for Apache Log4j Security Vulnerabilities (CVE-2021-45046 and CVE-2021-44228) Description This command line application searches all disks for Apache Log4j Security Vulnerabilities (CVE-2021-45046 and CVE-2021-44228) and writes the matching paths to txt in the same folder as the executable or to a specified file If no matches were found the resu

Silent print and serial ports for web!

WebApp Hardware Bridge Security Warning Version &lt;= 0130 are known to be affected by log44 vulnerabilities (CVE-2021-44228, CVE-2021-45105, CVE-2021-45046) Existing users are strongly recommended to update to 0140 or above as soon as possible Introduction WebApp Hardware Bridge (succeeder of "Chrome Hardware Bridge / Chrome Direct Print") Make it possible

Playbooks for setting up a Red Hat Advanced Cluster Security demo/workshop for log4shell vulnerability

Red Hat Advanced Cluster Security workshop - Run-Time Log4Shell Vulnerability Prevention Demo Overview Run-Time Vulnerability Prevention demonstrates the capabilities of Red Hat Advanced Cluster Security for cloud native applications in OpenShift and any xKS environment The industry is quickly moving to a DevSecOps Model, and shifting security to the left to secure build, depl

Detections for CVE-2021-44228 inside of nested binaries

Log4J-CVE-Detect This repository contains a set of YARA rules for detecting versions of log4j which are vulnerable to CVE-2021-44228, CVE-2021-45046, and / or CVE-2021-45105 by looking for a number of features which appear in affected versions This tool works recursively on binary files such as Docker images, system packages, filesystem images, and even installation media See

Getting up and running with Snyk CLI

Getting Started with Snyk CLI This guide is provided as a quick reference to getting started with Snyk CLI We will use an existing repository during a set of tests we run showing how to perform common tasks with the Snyk CLI Note: This does not attempt to replace the Snyk Docs which go into far more details but instead aid in a quick start with the snyk CLI Step 1 - Installing

PowerShell script to Remove JndiLookup.class from Jar-files to remediate LOG4J Vulnerability uses built-in compression library of Windows.

JndiLookupRemoval PowerShell script to Remove JndiLookupclass from Jar-files to remediate LOG4J Vulnerability (CVE-2021-44228 and CVE-2021-45046) Script will use built-in compression library of Windows therefore no need to install 3rd party zip-utilities This PowerShell script will scan all Fixed local drives to discover potential vulnerable Jar-files that contain the JndiLo

Log4shell vulnerabilities (CVE-2021-44228, CVE-2021-45046, CVE-2021-4104, CVE-2021-45105) This repo contains operational information regarding the Log4shell vulnerability in the Log4j logging library Especially CVE-2021-44228 / CVE-2021-45046 and also covers CVE-2021-4104 / CVE-2021-45105 For additional information see: NCSC-NL advisory MITRE EU CSIRT network members advisor

A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228

log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs Fuzzing for more than 60 HTTP request headers (not only 3-4 headers as previously seen tools) Fuzzing for HTTP POST Data parameters Fuzzing for JSON data parameters Supports DNS callback for vulnerability discovery and validation WAF Bypass

A playground for poking at the Log4Shell (CVE-2021-44228) vulnerability mitigations

About A playground for poking at the critical log4j (aka Log4Shell) (CVE-2021-44228) vulnerability mitigations This particular problem lies within the JndiLookup feature and the log4j ability to interpret ALL the arguments of a logging call I would expect it to only interpret the format message (the first argument of a logging call), eg, the Hello {} in loginfo("Hello

Mark59 is a Java-based framework providing a 'CI' based set of tools that enables the tracking of Performance Test results over time, split JMeter report into logical groups, a simple solution to assist with metrics capture and allow Selenium to be incorporated into JMeter scripting

This is the WORK-IN-PROGRESS repository for Mark59 - be aware it may NOT always be in a completely consistent state Mark59 Documention, Guides, Downloads and More Available at the wwwmark59com website Releases Release 60-beta-2 Refine Playwright Options for Scripting Scripting samples moved to mark59-scripting-samples, mark59-scripting-sample-dsl Cr

Log4shell vulnerabilities (CVE-2021-44228, CVE-2021-45046, CVE-2021-4104, CVE-2021-45105) This repo contains operational information regarding the Log4shell vulnerability in the Log4j logging library Especially CVE-2021-44228 / CVE-2021-45046 and also covers CVE-2021-4104 / CVE-2021-45105 For additional information see: NCSC-NL advisory MITRE CSIRT network members advisories

Detections for CVE-2021-44228 inside of nested binaries

Log4J-CVE-Detect This repository contains a set of YARA rules for detecting versions of log4j which are vulnerable to CVE-2021-44228, CVE-2021-45046, and / or CVE-2021-45105 by looking for a number of features which appear in affected versions This tool works recursively on binary files such as Docker images, system packages, filesystem images, and even installation media See

Find vulnerable Log4j installations

log4j-finder Find vulnerable Log4j installations A bash shell script to scan your filesystems to find log4j install bases that are vulnerable to Log4Shell (CVE-2021-44228 &amp; CVE-2021-45046) It scans recursively to locate suspect jar files on disk and compares them to published checksums of vulnerable log4j versions Works on Linux, AIX, Solaris Usage % /log4j_findersh

CVE-2021-44228_scanner Applications that are vulnerable to the log4j CVE-2021-44228 issue may be detectable by scanning jar, war, and ear files to search for the presence of JndiLookupclass Depending on the platform that you are investigating, the PowerShell or the Python3 script may make more sense to run In both cases, the optional argument is the top-level directory that

Log4jScanner is a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains.

Log4jScanner Log4jScanner is a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains Disclaimer 💻 This project was created only for good purposes and personal use THIS SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND YOU MAY USE TH

Windows Server Log4j Scanner - Powershell - CVE-2021-45046 and CVE-2021-44228

Log4J Scanner for Windows/PowerShell Most of the script’s I’ve seen require Yara and or Python No dependencies needed Simply run and view the output Quick and dirty using MD5 hash's to ensure all Log4J locations are found even if re-named MD5's listed cover both CVE-2021-45046 and CVE-2021-44228 2X versions 2addabe2ceca2145955c02a6182f7fc5 /apache-

Contains all my research and content produced regarding the log4shell vulnerability

Objective Contains all my research and content produced regarding the log4shell vulnerability Content Folder "analysis" Contain the information that I gather about the vulnerability, affected versions, exploitation context/requirements, remediation plan proposal and so on This content is created using Joplin and then exported as markdown to the analysis folder �

Mend Bulk Report Generator

Mend Bulk Report Generator CLI Tool to generate reports on multiple products or projects The tool allows including and excluding scopes by stating their tokens Report scope (-s, --ReportScope) determines whether reports run on projects or products If included scopes (via -i, --includedTokens) are not specified, the tool runs reports on all scopes Report data exported by de

just a temp area for a few trials, please don't clone :)

This is the WORK-IN-PROGRESS repository for Mark59 - be aware it may NOT always be in a completely consistent state Mark59 Documention, Guides, Downloads and More Available at the wwwmark59com website Releases Release 60-beta-2 Refine Playwright Options for Scripting Scripting samples moved to mark59-scripting-samples, mark59-scripting-sample-dsl Cr

A simple script to remove Log4J JndiLookup.class from jars in a given directory, to temporarily protect from CVE-2021-45046 and CVE-2021-44228.

log4jjndilookupremove A simple script to remove Log4J JndiLookupclass from jars in given directory This script can be used to temporarily resolve the CVE-2021-45046 and CVE-2021-44228, until the application can be repackaged with a proper Log4J version Usage On Linux or other *nix system just run this script in the directory you want to scan, or add the target directory as f

Log4j fix This solution provides a fix for the following CVEs: CVE-2021-44228 CVE-2021-4104 CVE-2021-45046 Tthis script scans the systems by the following rules scans for all log4j*jar files in first part, scans for all potential Java Archive files and check if the log4j related stuff is embedded in Depending on founded version, it will remove the appropriate class from th

Log4Shell Demo Attack CVE-2021-44228 CVE-2021-45046 Target the JDK version 8u181 for vulnerable app The JDK can be grab from cdnazulcom/zulu/bin/zulu83101-jdk80181-win_x64zip Run the servers from the main method The vulnerable server localhost:8080 First stage LDAP attacker server localhost:1389 Second stage

Sample Log4j2 vulnerable application (CVE-2021-45046) Versions Affected: all versions from 20-beta9 to 2150 This application is based on Spring Boot web application vulnerable to CVE-2021-45046 It uses Log4j 2141 (through spring-boot-starter-log4j2 261) Running the application Run it: Import the project in Java IDE as a maven project Run CVEMainApplicationjava as a s

Log4Shell Research Lab 🚧 A basic research lab to learn more about Log4Shell: CVE-2021-45105 CVE-2021-45046 CVE-2021-44228 Used By Microsoft Sentinel To-Go! Log4Shell Demo Research notes I took the following notes while learning about Log4Shell I hope they are helpful! 🍻 Depending on which CVE you want to test, use the following research notes to simulate a few scen

The complete ph websuite

ph-oton This set of Java libraries forms a package to build Java web applications Contained subprojects are: ph-oton-html - Java wrapper for all HTML elements and attributes ph-oton-jscode - a Java code model to build structured JS code ph-oton-jquery - an extension to ph-html-jscode to also support jQuery ph-oton-atom - ATOM newsfeed stuff ph-oton-io - basic IO stuff (sinc

PCRE RegEx matching Log4Shell CVE-2021-44228 IOC in your logs

Log4Shell-Rex The following RegEx was written in an attempt to match indicators of a Log4Shell (CVE-2021-44228 and CVE-2021-45046) exploitation If you run a version from pre 2021/12/21, it's highly recommended to test and update I've removed some quirks and enhanced performance The Regex aims being PCRE compatible, but should also run on re2 and potentially more Re

Burp Active Scan extension to identify Log4j vulnerabilities CVE-2021-44228 and CVE-2021-45046

Log4j-HammerTime This Burp Suite Active Scanner extension validates exploitation of the Apache Log4j CVE-2021-44228 and CVE-2021-45046 vulnerabilities This extension uses the Burp Collaborator to verify the issue Usage Enable this extension Launch an Active Scan on a specific target if you want to run only checks from this module, you can import the extensions-onlyjson pro

log4j-samples Samples of log4j library versions to help log4j scanners / detectors (including our own log4j-detector) improve their accuracy for detecting CVE-2021-45046 and CVE-2021-44228 The samples include shaded jars, uber jars, spring-boot executable jars, jars inside jars, exploded jars, etc Directory Organization /false-hits/ - No sample in here is vulnerable to CVE-

PowerShell scripts for Log4Shell So far, it only includes the script Remove-ArchiveItemps1, which removes a specified class file from JAR files (or any ZIP file, for that matter) This allows to implement one of the proposed workarounds for the Log4Shell vulnerability found in Log4j 2X Java library (CVE-2021-44228 and CVE-2021-45046) The workaround consists in removing the o

🤝 Show your support - give a ⭐️ if you liked the content | SHARE on Twitter | Follow me on 🐱‍💻 ✂️ 🤬 LOG4J Java exploit - WAF and patches bypass tricks 📝 Description CVE-2021-44228 works on: log4j: 20 &lt;= Apache log4j &lt;= 2141 Java version already patched: 6u211+, 7u201+, 8u191+, 1101+ Windows Defender started to remove java f

Scans the file system to find Log4Shell vulnerabilities.

Log4Shell Scanner Log4Shell Scanner (log4shell-scanner-rs) is a CLI application written in Rust It scans the file system to find Java applications that may be vulnerable to Log4Shell related vulnerabilities (CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, CVE-2021-44832) Detail of Log4Shell vulnerabilities affecting Log4j2: CVE Severity Fix version (min Java version)

log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs Fuzzing for more than 60 HTTP request headers (not only 3-4 headers as previously seen tools) Fuzzing for HTTP POST Data parameters Fuzzing for JSON data parameters Supports DNS callback for vulnerability discovery and validation WAF Bypass

nse-log4shell Nmap NSE scripts to check against log4shell or LogJam vulnerabilities (CVE-2021-44228) NSE scripts check most popular exposed services on the Internet It is basic script where you can customize payload Examples Note that NSE scripts will only issue the requests to the services Nmap will not report vulnerable hosts, but you have to check DNS logs to determine v

Awesome Stars A curated list of my GitHub stars! Generated by starred Contents AGS Script ASP AppleScript Assembly AutoHotkey Awk Batchfile Bikeshed C C# C++ CSS Clojure CoffeeScript Common Lisp Crystal Cython D Dart Dockerfile EJS Elixir Elm Emacs Lisp Erlang F# FreeMarker GCC Machine Description GDScript GLSL Go HCL HTML Hack Handlebars Haskell Java JavaScript Jinja Juli

Project to run jmeter test plan from docker images

docker-jmeter Image on Docker Hub Docker image for Apache JMeter This Docker image can be run as the jmeter command Find Images of this repo on Docker Hub Starting version 54 Docker builds/pushes are executed via GitHub Workflows Donate With over 10 Million Pulls from DockerHub, this Docker Image is increasingly popular To support its active maintainance consider making a

DatasetCreator is a lightweight RESTFul client implementation of the Salesforce CRM Analytics External Data API. It has been deliberately developed with no 3rd party jars with the goal of being a lean, reliable and scalable solution.

DatasetCreator DatasetCreator is lightweight RESTFul client implementation of the CRM Analytics External Data API This tool is free to use, but it is not officially supported by Salesforce It has been deliberately developed with no 3rd party jars with the goal of being a lean, reliable and scalable solution This is a community project that have not been officially tested o

Log4shell vulnerabilities (CVE-2021-44228, CVE-2021-45046, CVE-2021-4104, CVE-2021-45105) This repo contains operational information regarding the Log4shell vulnerability in the Log4j logging library Especially CVE-2021-44228 / CVE-2021-45046 and also covers CVE-2021-4104 / CVE-2021-45105 For additional information see: NCSC-NL advisory MITRE EU CSIRT network members advisor

Hacking Kubernetes - Demo Preparations Vulnerable Kubernetes Cluster Create a single-node Kubernetes custom cluster in Rancher VM resources: 4 CPU, 8GB RAM, 80GB disk OS: Image: cloud-images-archiveubuntucom/releases/bionic/release-20180517/ubuntu-1804-server-cloudimg-amd64img Deactivate unattended upgrades sudo apt remove unattended-upgrades

This project will help to test the Log4j CVE-2021-44228 vulnerability.

Log4j-JNDIServer This project will help to test the Log4j CVE-2021-44228/CVE-2021-45046 vulnerabilities Installation and Building Load the project on Intellij Idea Select JDK in "Projects Settings" (CTRL + ALT + SHIFT + S) In "Project Settings", create the Artifact -&gt; "Artifacts" -&gt; "Create JAR from Modules" -&gt; In &

Patching the Log4j vulnerability in Gluu Server Gluu Server versions covered: Gluu v4, v3 ( from 315 to 318 ), Enterprise Edition, Cloud Native and Snapcraft Security Vulnerabilities: CVE-2021-44832, CVE-2021-45105, CVE-2021-45046 and CVE-2021-44228 Log4j library versions affected: 216 and earlier &nbsp; Overview: On December 17th, Apache announced critical vulnerabi

Conftest Snyk Demos The following demos show how to use conftest with Snyk to break builds based on certain conditions Conftest is a utility to help you write tests against structured configuration data For instance, you could write tests for your Kubernetes configurations, Tekton pipeline definitions, Terraform code, Serverless configs or any other structured data In this c

log4j2内网扫描

Log4j2-intranet-scan ⚠️免责声明 本项目仅面向合法授权的企业安全建设行为，在使用本项目进行检测时，您应确保该行为符合当地的法律法规，并且已经取得了足够的授权 如您在使用本项目的过程中存在任何非法行为，您需自行承担相应后果，我们将不承担任何法律及连带责任 在使用�

Choose your own SIEM adventure Repo of configs for the three major SIEMs Blog posts: Elastic Graylog Splunk Security notes Default password is set to Changem123! Docker-composes v2X are for development ONLY and are NOT secure for production Config direcotry: conf/ conf/ansible/* - This directory contains all the configs for the Ansible playbooks and a manual install con

Log4Shell Scanner Scanner for the log4j &lt; 2170 RCE vulnerability CVE-2021-44228 CVE-2021-45056 The scanner can interact with servers over various protocols to test for the vulnerability How to Run The tool runs with python 39&lt; usage: A scanner to check for the log4j vulnerability [-h] (-t TARGET | --target-list TARGET_LIST)

DSLF, the ultimate log4j vulnerabilities assessor

DSLF DSLF stands for (D)arth (S)ide of the (L)og4j (F)orce It is the ultimate log4j vulnerabilities assessor It comes with four individual Python3 modules: Passive Callback Module aka PCM Active Callback Module aka ACM Active Scanner Module aka ASM Payload Generator Module aka PGM It covers CVE-2021-44228 and CVE-2021-45046 DSLF was coded to help CyberSecurity Teams

Spring PetClinic Sample Application Lacework Vulnerability Scanner There are many steps involved in building and deploying a containerized application, a complete container image lifecycle approach is key to managing software supply chain risks The Lacework inline remote scanner allows you to integrate Lacework security capabilities deeply into your software supply chain wor

Friendly utility to load your on-prem data, whether large or small, to Einstein Analytics Datasets, with useful features such as autoloading, dataflow control and dataset inspection.

DatasetUtils DatasetUtils is a reference implementation of the Einstein Analytics External Data API This tool is free to use, but it is not officially supported by Salesforce This is a community project that have not been officially tested or documented Please do not contact Salesforce for support when using this application Log4j2 Issues (CVE-2021-44228 and CVE-2021-45046

log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs Fuzzing for more than 60 HTTP request headers (not only 3-4 headers as previously seen tools) Fuzzing for HTTP POST Data parameters Fuzzing for JSON data parameters Supports DNS callback for vulnerability discovery and validation WAF Bypass

jmeter image for API Performance Testing

UNFI POC - Commands to execute API Performance Testing git clone githubcom/hari-mutyala/jmeter-api-perfgit cd jmeter-api-perf/ docker build -t hmutyala/jmeter-api-perf docker push hmutyala/jmeter-api-perf docker pull hmutyala/jmeter-api-perf docker run --name jmeter-api-perf hmutyala/jmeter-api-perf docker cp jmeter-api-perf:/opt/apache-jmeter-55/bin/reports/API_PE

Operational information regarding the log4shell vulnerabilities in the Log4j logging library.

Log4shell vulnerabilities (CVE-2021-44228, CVE-2021-45046, CVE-2021-4104, CVE-2021-45105) This repo contains operational information regarding the Log4shell vulnerability in the Log4j logging library Especially CVE-2021-44228 / CVE-2021-45046 and also covers CVE-2021-4104 / CVE-2021-45105 For additional information see: NCSC-NL advisory MITRE CSIRT network members advisories

assignments 期末作業 Apache Log4j漏洞 班級：資財三乙 學號：108AB0704 姓名：劉筑芸 事件流程： 2021/11/24 Log4Shell 漏洞 (CVE-2021-44228)經由私下管道通報給Apache 2021/12/09 發布的 Log4j 2150 版當中已經修補。 Apache Log4j2 安全補丁更新過程： 2021/12/11 發布2150版本，對JNDI 查詢功能進行限制。但此版本�