CVE-2021-45046

Generic Scanner for Apache log4j RCE CVE-2021-44228

log4shell A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs Fuzzing for more than 60 HTTP request headers Fuzzing for HTTP POST Data parameters Fuzzing for JSON data parameters Supports DNS callback for vulnerability discovery and validation WAF Bypass payloads Announcement There is a patch bypass o

Install Omada SDN Controller on Ubuntu, Debian and more Linux distros using Ansible

Ansible Playbook for Deploying TP-Link Omada SDN Controller Playbook tested on following host distributions Debian 10, 11 Ubuntu 1804, 2004, 2204 Tested on Control Node Ubuntu 2004 LTS Ansible 2116 Setup Ansible Install pip sudo apt install python3-pip -y install ansible with pip pip install -i requirementstxt Installed Packages OpenJDK 8 Headless MongoDB 40 -

Log4j Scanner This repository provides a scanning solution for the log4j Remote Code Execution vulnerabilities (CVE-2021-44228 & CVE-2021-45046) The information and code in this repository is provided "as is" and was assembled with the help of the open-source community and updated by CISA through collaboration with the broader cybersecurity community This is

This work includes testing and improvement tools for CVE-2021-44228(log4j).

This work includes testing and improvement tools for CVE-2021-44228(log4j) The purpose of this study is to list useful tools that the blue and red team can use against the Log4j vulnerability Github links bypass tools, scanning, detection mechanisms, etc can be used for Scanning or POC 🔴 Title: log4j-shell-poc 🔴 Description: A Proof-Of-Concept for the recently found CV

To determine if a host is vulnerable to log4j CVE‐2021‐44228

check-log4j This tool will try to determine if the host it is running on is likely vulnerable to the latest reason that the internet is on fire: the log4j RCE CVE‐2021‐44228 This is different from other tools that attempt to verify whether a specific service is vulnerable by triggering the exploit and eg, tracking pingbacks on a DNS canary token That approach tells you

CVE-2021-44228_scanner Applications that are vulnerable to the log4j CVE-2021-44228 issue may be detectable by scanning jar, war, and ear files to search for the presence of JndiLookupclass Depending on the platform that you are investigating, the PowerShell or the Python3 script may make more sense to run In both cases, the optional argument is the top-level directory that

A stats collection and distributed tracing framework

Warning OpenCensus and OpenTracing have merged to form OpenTelemetry, which serves as the next major version of OpenCensus and OpenTracing OpenTelemetry has now reached feature parity with OpenCensus, with tracing and metrics SDKs available in NET, Golang, Java, NodeJS, and Python All OpenCensus Github repositories, except census-instrumentation/opencensus-python, will be ar

log4j-tools Quick links Click to find: Inclusions of log4j2 in compiled code Calls to log4j2 in compiled code Calls to log4j2 in source code Sanity check for env mitigations Applicability of CVE-2021-45046 Xray wrapper for Log4Shell Automatically patch container images in Artifactory Overview CVE-2021-44228 poses a serious threat to a wide range of Java-based appl

Docker image for Apache JMeter

docker-jmeter Image on Docker Hub Docker image for Apache JMeter This Docker image can be run as the jmeter command Find Images of this repo on Docker Hub Starting version 54 Docker builds/pushes are executed via GitHub Workflows Donate With over 10 Million Pulls from DockerHub, this Docker Image is increasingly popular To support its active maintainance consider making a

Curated list of GitHub projects I starred over the years

Awesome Stars A curated list of my GitHub stars! Generated by starred Contents API Blueprint ActionScript ApacheConf Astro C C# C++ CSS Clojure CoffeeScript Crystal DIGITAL Command Language Dart Dockerfile Elixir Elm Erlang FreeMarker Go HTML Handlebars Haskell Java JavaScript Jupyter Notebook Kotlin Less LiveScript Lua MATLAB MDX Makefile Markdown Mustache Nunjucks OCaml

Exploit server As part of a demonstration on how the log4j vulnerability CVE-2021-45046, a small web server was needed to provide various payloads/gadgets Even if the ExploitServer can server multiple exploit payloads, marshalsec can only support one per instance, as far as I have gathered You can however run multiple instances of marshalsec Configuring exploits Note that th

🚨 Log4Shell: CVE-2021-44228 🚨 ❓ What is Log4Shell? The Log4Shell attack was a widespread Java exploit targeting a common logging package (Log4j) for remote code execution It leveraged a critical vulnerability in the Log4j library, enabling attackers to execute arbitrary code remotely via crafted log messages Despite the ubiquity of Log4j in various software frameworks

Spring PetClinic Sample Application Lacework Vulnerability Scanner There are many steps involved in building and deploying a containerized application, a complete container image lifecycle approach is key to managing software supply chain risks The Lacework inline remote scanner allows you to integrate Lacework security capabilities deeply into your software supply chain wor

log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs Fuzzing for more than 60 HTTP request headers (not only 3-4 headers as previously seen tools) Fuzzing for HTTP POST Data parameters Fuzzing for JSON data parameters Supports DNS callback for vulnerability discovery and validation WAF Bypass

log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs Fuzzing for more than 60 HTTP request headers (not only 3-4 headers as previously seen tools) Fuzzing for HTTP POST Data parameters Fuzzing for JSON data parameters Supports DNS callback for vulnerability discovery and validation WAF Bypass

jmeter image for API Performance Testing

UNFI POC - Commands to execute API Performance Testing git clone githubcom/hari-mutyala/jmeter-api-perfgit cd jmeter-api-perf/ docker build -t hmutyala/jmeter-api-perf docker push hmutyala/jmeter-api-perf docker pull hmutyala/jmeter-api-perf docker run --name jmeter-api-perf hmutyala/jmeter-api-perf docker cp jmeter-api-perf:/opt/apache-jmeter-55/bin/reports/API_PE

Operational information regarding the log4shell vulnerabilities in the Log4j logging library.

Log4shell vulnerabilities (CVE-2021-44228, CVE-2021-45046, CVE-2021-4104, CVE-2021-45105) This repo contains operational information regarding the Log4shell vulnerability in the Log4j logging library Especially CVE-2021-44228 / CVE-2021-45046 and also covers CVE-2021-4104 / CVE-2021-45105 For additional information see: NCSC-NL advisory MITRE CSIRT network members advisories

assignments 期末作業 Apache Log4j漏洞 班級：資財三乙 學號：108AB0704 姓名：劉筑芸 事件流程： 2021/11/24 Log4Shell 漏洞 (CVE-2021-44228)經由私下管道通報給Apache 2021/12/09 發布的 Log4j 2150 版當中已經修補。 Apache Log4j2 安全補丁更新過程： 2021/12/11 發布2150版本，對JNDI 查詢功能進行限制。但此版本�

log4shelltools log4shelltools is a tool that allows you to run a test to check whether one of your applications is affected by the recent vulnerabilities in log4j: CVE-2021-44228 and CVE-2021-45046 This is the code that runs log4shellalexbakkerme If you'd like to inspect the code or run an instance in your own environment, you've come to the right place

A backup source for Minecraft PVP-focused client made by LEF-ganga (aka ImFlowow)

Tritium-backup A backup source for Minecraft PVP-focused client made by LEF-ganga We are happy to make Tritium available again! 我们很高兴让 Tritium 再次可用！ Because the other LEF-ganga (aka ImFlowow) has deleted the resource repo originally deployed on Gitee, some code files cannot be downloaded (such as' me Imflow: authlib: 12 ') 由于彼岸花已�

Log4j CVE-2021-44228 examples: Remote Code Execution (through LDAP, RMI, ...), Forced DNS queries, ...

Log4j CVE-2021-44228 and CVE-2021-45046 Requisites Use a vulnerable JDK, for instance JDK 180_181 Usage Malicious server The malicious server deploys the following endpoints: 1389 LDAP server 1099 RMI server 8081 HTTP server /gradlew :malicious-server:bootRun Vulnerable application The vulnerable application deploys one HTTP endpoint

Log4j 2.15.0 Privilege Escalation -- CVE-2021-45046

Log4j 2150 Privilege Escalation -- CVE-2021-45046 Attack Discription It was found that the fix to address CVE-2021-44228 in Apache Log4j 2150 was incomplete in certain non-default configurations This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (fo

Warning OpenCensus and OpenTracing have merged to form OpenTelemetry, which serves as the next major version of OpenCensus and OpenTracing OpenTelemetry has now reached feature parity with OpenCensus, with tracing and metrics SDKs available in NET, Golang, Java, NodeJS, and Python All OpenCensus Github repositories, except census-instrumentation/opencensus-python, will be ar

Log4j Scanner This repository provides a scanning solution for the log4j Remote Code Execution vulnerabilities (CVE-2021-44228 & CVE-2021-45046) The information and code in this repository is provided "as is" and was assembled with the help of the open-source community and updated by CISA through collaboration with the broader cybersecurity community Officia

Log4j jndi injection fuzz tool

logmap 06 - Log4j jndi injection fuzz tool Used for fuzzing to test whether there are log4j2 jndi injection vulnerabilities in header/body/path Use logxn--9trcom dnslog by default, If you want to use ceyeio, you need to modify the domain and token Manually edit line #486 in logmappy to modify: argsceye = ["xxxxxxceyeio", "xxxxxxxxxxxxxxxxxx

CISA Log4j (CVE-2021-44228) Vulnerability Guidance This repository provides CISA's guidance and an overview of related software regarding the Log4j vulnerability (CVE-2021-44228) CISA encourages users and administrators to review the official Apache release and upgrade to Log4j 2150 or apply the recommended mitigations immediately Official CISA Guidance & Resou

Log4Shell mitigation by creating a new docker image with a thin overlay

Patch existing docker images with ENV LOG4J_FORMAT_MSG_NO_LOOKUPS=true workaround for Log4Shell NOTICE! THERE IS A NEWER Log4Shell issue, CVE-2021-45046 and this patch might not be sufficient! see the Dockerfile Add environment based workaround to disable vulnerable feature in Log4J 2100+ See twittercom/brunoborges/status/1469462412679991300 about LOG4J_FORMAT_MSG_N

docker-jmeter Image on Docker Hub Docker image for Apache JMeter This Docker image can be run as the jmeter command Find Images of this repo on Docker Hub Starting version 54 Docker builds/pushes are executed via GitHub Workflows Donate With over 10 Million Pulls from DockerHub, this Docker Image is increasingly popular To support its active maintainance consider making a

CUBETIQ Security Advisors and Guidelines for Response and Resolves Common Vulnerabilities and Exposures

CUBETIQ Security Advisors CUBETIQ Security Advisors and Guidelines for Response and Resolves Common Vulnerabilities and Exposures Alerts CVE-2021-44228 (10/12/2021) CVE-2021-45046 (14/12/2021) CVE-2021-45105 (18/12/2021) CVE-2021-42550 (16/12/2021) Contributors Sambo Chea sombochea@cubetiqscom

related to Log4Shell (CVE-2021-44228) vulnerability why those snippets Some commenters take it to blame Java to be insecure The attack vector is not only via HTTP headers out of scope The repository provides simple demonstration of the vulnerability as Java, Kotlin and Scala snippet why those snippets Log4Shell is a serious vulnerability and there are some rumors ar

Security Research and PoC

Security Research and PoC Log4Shell Analysis Log4Shell (CVE-2021-44228) Log4Shell Follow Up (CVE-2021-45046 and CVE-2021-45105) JNDI/LDAP Remote Code Execution (JNDI LDAP RCE vulnerability using Jackson) Jackson exploit leading to RCE (Another example of Jackson based RCE) Research on Prototype Pollution in Nodejs applications JavaScript Prototype Pollution (Analysis of Pro

Log4j RCE Research Lab 🚧 A basic research lab to learn more about Log4Shell: CVE-2021-45105 CVE-2021-45046 CVE-2021-44228 Used By Microsoft Sentinel To-Go! CVE-2021-44228-Log4Shell Demo Deploy LDAP Reference & Web Servers Clone Repo sudo su git clone githubcom/zeroonesa/ctf_log4jshell Run Docker Compose File cd ctf

patch_log4j This cookbook scans for Log4j Core JAR files and patches them against CVE-2021-44228 and CVE-2021-45046 by removing their JndiLookupclass files Usage Install and configure Chef Client on the machines you want to patch Install and configure Chef Workstation on your developer workstation Add the cookbook to your Chef server cd <your cookbooks directory&am

An open source distributed tracing & observability platform

Hypertrace An open distributed tracing & observability platform! Explore the docs » Visit our blog · Report Bug · Request Feature CVE-2021-44228 and CVE-2021-45046 disclosed security vulnerabilities in the Apache Log4j 2 version 215 or below We have upgraded all the dependent hypertrace repositori

log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs Fuzzing for more than 60 HTTP request headers (not only 3-4 headers as previously seen tools) Fuzzing for HTTP POST Data parameters Fuzzing for JSON data parameters Supports DNS callback for vulnerability discovery and validation WAF Bypass

A public open sourced tool. Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too! TAG_OS_TOOL, OWNER_KELLY, DC_PUBLIC

Log4-detector Scanner that detects vulnerable Log4J versions to help teams assess their exposure to CVE-2021-44228 (CRITICAL), CVE-2021-45046, CVE-2021-45105, and CVE-2021-44832 Can search for Log4J instances by carefully examining the complete file-system, including all installed applications It is able to find Log4J instances that are hidden several layers deep Works on Li

A tool that scans archives to check for vulnerable log4j versions

log4j-sniffer log4j-sniffer crawls for all instances of log4j on disk within a specified directory It can be used to determine whether there are any vulnerable instances of log4j within a directory tree and report or delete them depending on the mode used Scanning for versions affected by CVE-2021-44228, CVE-2021-45046, CVE-2021-45105 and CVE-2021-44832 is currently supported

Scan systems and docker images for potential log4j vulnerabilities. Able to patch (remove JndiLookup.class) from layered archives. Will detect in-depth (layered archives jar/zip/tar/war and scans for vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046 and CVE-2021-45105). Binaries for Windows, Linux and OsX, but can be build on each platfo…

divd-2021-00038--log4j-scanner This scanner will recursively scan paths including archives for vulnerable log4j versions and org/apache/logging/log4j/core/lookup/JndiLookupclass files Currently the allow list defines non exploitable versions, in this case log4j-core 2170 and 2123

Choose your own SIEM adventure Repo of configs for the three major SIEMs Blog posts: Elastic Graylog Splunk Security notes Default password is set to Changem123! Docker-composes v2X are for development ONLY and are NOT secure for production Config direcotry: conf/ conf/ansible/* - This directory contains all the configs for the Ansible playbooks and a manual install con

DSLF, the ultimate log4j vulnerabilities assessor

DSLF DSLF stands for (D)arth (S)ide of the (L)og4j (F)orce It is the ultimate log4j vulnerabilities assessor It comes with four individual Python3 modules: Passive Callback Module aka PCM Active Callback Module aka ACM Active Scanner Module aka ASM Payload Generator Module aka PGM It covers CVE-2021-44228 and CVE-2021-45046 DSLF was coded to help CyberSecurity Teams

UNFI POC - Commands to execute API Performance Testing Stage git clone githubcom/hari-mutyala/HK-JmeterDockergit cd HK-JmeterDocker/ docker build -t hmutyala/hk-jmeter:v1 docker push hmutyala/hk-jmeter:v1 docker pull hmutyala/hk-jmeter:v1 docker run --name hk-jmeterpoc hmutyala/hk-jmeter:v1 docker container cp hk-jmeterpoc:/opt/apache-jmeter-55/bin/reports/API_PERF

log4j vulnerability exploration

Log4j vulnerability exploration/proof of concept Also known as CVE-2021-45046 CVE-20201-44228 #log4shell loggingapacheorg/log4j/2x/securityhtml How to use First verify that it works by running testsh it should print ITWORKS in uppercase for different log levels Exfiltration example cd listener /ldap-exfilpy in another termi

A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228

log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs Fuzzing for more than 60 HTTP request headers (not only 3-4 headers as previously seen tools) Fuzzing for HTTP POST Data parameters Fuzzing for JSON data parameters Supports DNS callback for vulnerability discovery and validation WAF Bypass

Install Omada SDN Controller on Ubuntu, Debian and more Linux distros using Ansible

Ansible Playbook for Deploying TP-Link Omada SDN Controller Playbook tested on following host distributions Debian 10, 11 Ubuntu 1804, 2004, 2204 Tested on Control Node Ubuntu 2004 LTS Ansible 2116 Setup Ansible Install pip sudo apt install python3-pip -y install ansible with pip pip install -i requirementstxt Installed Packages OpenJDK 8 Headless MongoDB 40 -

Log4J, Log4Shell, LogJam mais kesako ? On en entend parler de partout Sur Twitter, sur LinkedIn, sur les blogs et forums de sécurité, la faille Log4J (CVE-2021-44228 / CVE-2021-45046 pour les intimes) ! Alors, qu'est ce que log4j et qui est ciblé cette faille Log4J est le diminutif de "logging for java", il s'agit d'un outil de jo

Locate log4j vunerable files

find_log4j Locate vunerable log4j files The current advice is to upgrade for log4j v2172, this script can help find older versions Description The script tries to find log4j jar files and match their filenames, if found it checks the sha256 hash to compare If the filename is log4j-corejar or log4j-apijar, then it gets the hash and tries to match hash instead of filename

JFrog CLI Plugins Registry General JFrog CLI Plugins allow enhancing the functionality of JFrog CLI to meet the specific user and organization needs The source code of a plugin is maintained as an open source Go project on GitHub All public plugins are registered in JFrog CLI's Plugins Registry The Registry is hosted in this GitHub repository The plugins directory inc

This project will help to test the Log4j CVE-2021-44228 vulnerability.

Log4j-JNDIServer This project will help to test the Log4j CVE-2021-44228/CVE-2021-45046 vulnerabilities Installation and Building Load the project on Intellij Idea Select JDK in "Projects Settings" (CTRL + ALT + SHIFT + S) In "Project Settings", create the Artifact -> "Artifacts" -> "Create JAR from Modules" -> In &

Patching the Log4j vulnerability in Gluu Server Gluu Server versions covered: Gluu v4, v3 ( from 315 to 318 ), Enterprise Edition, Cloud Native and Snapcraft Security Vulnerabilities: CVE-2021-44832, CVE-2021-45105, CVE-2021-45046 and CVE-2021-44228 Log4j library versions affected: 216 and earlier   Overview: On December 17th, Apache announced critical vulnerabi

nse-log4shell Nmap NSE scripts to check against log4shell or LogJam vulnerabilities (CVE-2021-44228) NSE scripts check most popular exposed services on the Internet It is basic script where you can customize payload Examples Note that NSE scripts will only issue the requests to the services Nmap will not report vulnerable hosts, but you have to check DNS logs to determine v

Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading

safelog4j Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell without scanning or upgrading If you're wrestling with log4shell CVE-2021-45046, the best longterm plan is to upgrade your log4j to the latest secure version But if you can't do that for whatever reason, you probably want to be really sure that you

Conftest Snyk Demos The following demos show how to use conftest with Snyk to break builds based on certain conditions Conftest is a utility to help you write tests against structured configuration data For instance, you could write tests for your Kubernetes configurations, Tekton pipeline definitions, Terraform code, Serverless configs or any other structured data In this c

Log4j 漏洞本地检测脚本。 Scan all java processes on your host to check whether it's affected by log4j2 remote code execution vulnerability (CVE-2021-45046)

Log4j2 Vulnerability Local Scanner (CVE-2021-45046) Log4j 漏洞本地检测脚本，扫描主机上所有java进程，检测是否引入了有漏洞的log4j-core jar包，是否可能遭到远程代码执行攻击（CVE-2021-45046）。上传扫描报告到指定的服务器。 Scan all java processes on your host to check whether it's affected by log4j2 remote code execu

This repository is designed to be a collection of resources to learn about, detect and mitigate the impact of the Log4j vulnerability - more formally known as CVE-2021-44228 and CVE-2021-45046 (mirror from GitLab.com)

💡 Log4j CVE-2021-44228, CVE-2021-45046, CVE-2021-45105 Resources This repository is designed to be a collection of resources to learn about, detect and mitigate the impact of the Log4j vulnerability - more formally known as CVE-2021-44228 Below you can find a set of links to resources organized by topic area If you want to add resources, you can fork this repository on Gi

This is the WORK-IN-PROGRESS repository for Mark59 - be aware it may NOT always be in a completely consistent state.

This is the WORK-IN-PROGRESS repository for Mark59 - be aware it may NOT always be in a completely consistent state Mark59 Documention, Guides, Downloads and More Available at the wwwmark59com website Releases Release 60-beta-2 Refine Playwright Options for Scripting Scripting samples moved to mark59-scripting-samples, mark59-scripting-sample-dsl Cr

Goal Configure dependency-check-maven in a parent POM, allowing suppressions to be loaded from a known location (src/build/suppressionsxml) in a child project (if defined), based on the configuration described in jeremylong/DependencyCheck#3947 (comment) Running the reactor build: Note that the suppressions are not loaded (for the full output with debug logging turned on see

The official Peppol, TOOP and DE4A Directory software

phoss-directory The official Peppol Directory (PD; directorypeppoleu), TOOP Directory software (The Once-Only Project; wwwtoopeu) and DE4A Directory software (Digital Europe 4 All; wwwde4aeu) It is split into the following sub-projects (all require Java 11 or newer): phoss-directory-indexer - the PD indexer part phoss-directory-publisher - the PD publisher web

log4j2内网扫描

Log4j2-intranet-scan ⚠️免责声明 本项目仅面向合法授权的企业安全建设行为，在使用本项目进行检测时，您应确保该行为符合当地的法律法规，并且已经取得了足够的授权 如您在使用本项目的过程中存在任何非法行为，您需自行承担相应后果，我们将不承担任何法律及连带责任 在使用�

Jmeter Cluster for k8s/docker/dockerswarm

Copy from githubcom/justb4/docker-jmeter docker-jmeter Image on Docker Hub Docker image for Apache JMeter This Docker image can be run as the jmeter command Find Images of this repo on Docker Hub Starting version 54 Docker builds/pushes are executed via GitHub Workflows Security Patches As you may have seen in the news, a new zero-day exploit has been reported aga

Awesome Bugs 🐛

Awesome Bugs 🐛 A compilation list about bugs on software Collection of Software Bugs HackerNews Null References: The Billion Dollar Mistake HackerNews Worst Bugs The worst mistake of computer science 11 of the most costly software errors in history Therac 25 Sistema "apaga" o zero do CPF no cadastro e dificulta pedido de R$ 600 - PT-BR Articles One week

log4j RCE (CVE-2021-44228)이 215에서 패치되었지만, CVE-2021-45046 (DoS 유발) 취약점이 새로 발견되었음 아래는 테스트 해본 결과 [테스트 환경] log4j-2150 (api , core) JRE-180 jdk180_151 Eclipse IDE (Maven Project) Log4j RCE (CVE-2021-44228) 구문 테스트 -> Not Vuln 임의의 ctx 객체명을 삽입 -> Not vuln

A sample project to debunk common misbeliefs regarding the impact the Log4j vulnerabilities on Java Applications.

Introduction This project intends to debunk two common misbeliefs regarding the impact of the recently discovered Log4j 2x vulnerabilities on JVM applications for two typical scenarios, as reported in the following CVE records: CVE-2021-44228 CVE-2021-45046 CVE-2021-45105 The first two, famously nicknamed Log4Shell, enable Remote-Code-Execution, whereas the last one allows a

log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs Fuzzing for more than 60 HTTP request headers (not only 3-4 headers as previously seen tools) Fuzzing for HTTP POST Data parameters Fuzzing for JSON data parameters Supports DNS callback for vulnerability discovery and validation WAF Bypass

Friendly utility to load your on-prem data, whether large or small, to Einstein Analytics Datasets, with useful features such as autoloading, dataflow control and dataset inspection.

DatasetUtils DatasetUtils is a reference implementation of the Einstein Analytics External Data API This tool is free to use, but it is not officially supported by Salesforce This is a community project that have not been officially tested or documented Please do not contact Salesforce for support when using this application Log4j2 Issues (CVE-2021-44228 and CVE-2021-45046

Operational information regarding the log4shell vulnerabilities in the Log4j logging library.

Log4shell vulnerabilities (CVE-2021-44228, CVE-2021-45046, CVE-2021-4104, CVE-2021-45105) This repo contains operational information regarding the Log4shell vulnerability in the Log4j logging library Especially CVE-2021-44228 / CVE-2021-45046 and also covers CVE-2021-4104 / CVE-2021-45105 For additional information see: NCSC-NL advisory MITRE EU CSIRT network members advisor

Patch Pulsar Docker images with Log4J 2.17.1 update to mitigate Apache Log4J Security Vulnerabilities including Log4Shell

Patch pulsar images with Apache Log4J 2171 upgrade Covers CVE-2021-44228, CVE-2021-45046, CVE-2021-45105 CVE-2021-44832 See Log4J Security Vulnerabilities and upgrades for more information see the Dockerfile for the solution Building and pushing patched docker images example usage: # build and tag image docker build --build-arg=ORIGINAL_IMAGE=apachepulsar/pulsar-all:281

Scanner recursivo de arquivos desenvolvido em Python 3 para localização e varredura de versões vulneráveis do Log4j2, contemplando análise interna de arquivos JAR (CVE-2021-44228, CVE-2021-45046, CVE-2021-45105 e CVE-2021-44832)

████████████████▀███████████████████████████████████████████████████████████████████ █▄─▄███─▄▄─█─▄▄▄▄█░█░████▄─▄█▀▀▀▀▀██▄─▄▄─█�

A micro lab for CVE-2021-44228 (log4j)

horrors-log4shell A micro lab (playground?) for CVE-2021-44228 (log4j) Can be used for executing payloads against multiple targets Target-specific payloads are generated runtime Adjustable configuration and bypasses Installation Java-related requirements Development / Running example Gradle Maven In order to test the recent log4j related vulnerabilities (CVE-2021-442

For running Jmeter UI Perf tests

UNFI POC - Commands to execute UI Performance Testing Stage git clone githubcom/hari-mutyala/jmeter-ui-perfgit cd jmeter-ui-perf/ docker build -t hmutyala/jmeter-ui-perf docker push hmutyala/jmeter-ui-perf docker pull hmutyala/jmeter-ui-perf docker run --name jmeter-ui-perf hmutyala/jmeter-ui-perf docker cp jmeter-ui-perf:/opt/apache-jmeter-55/bin/reports/UI_PERF_R

CUBETIQ Security Advisors and Guidelines for Response and Resolves Common Vulnerabilities and Exposures

CUBETIQ Security Advisors CUBETIQ Security Advisors and Guidelines for Response and Resolves Common Vulnerabilities and Exposures Alerts CVE-2021-44228 (10/12/2021) CVE-2021-45046 (14/12/2021) CVE-2021-45105 (18/12/2021) CVE-2021-42550 (16/12/2021) Contributors Sambo Chea sombochea@cubetiqscom

Mitigate log4shell (CVE-2021-44228) vulnerability attacks using Nginx LUA script

nginx-mitigate-log4shell Mitigate log4shell (CVE-2021-44228 and CVE-2021-45046) vulnerability attacks using Nginx LUA script Requires the Nginx lua module (wwwnginxcom/resources/wiki/modules/lua/) to be enabled Use include /path/to/mitigate-log4shellconf; in the server {} context Can be included in multiple server contexts Can also be placed in the http {} c

log4jscan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs Fuzzing for more than 60 HTTP request headers (not only 3-4 headers as previously seen tools) Fuzzing for HTTP POST Data parameters Fuzzing for JSON data parameters Supports DNS callback for vulnerability discovery and validation WAF Bypass p

This repository contains all gathered resources we used during our Incident Reponse on CVE-2021-44228 and CVE-2021-45046 aka Log4Shell.

CVE-2021-44228: Log4j / Log4Shell Security Research Summary This repository contains all gathered resources we used during our Incident Reponse on CVE-2021-44228 and CVE-2021-45046 aka Log4Shell Threat Intel Mitigations / Fixes Malware Reports Advisory IOCs / Callback Domains / IP Addresses Honeypots Payloads / Obfuscation / WAF Bypass Vulnerability Scanning Exploitation

Using code search to help fix/mitigate log4j CVE-2021-44228

Using code search to help fix/mitigate log4j CVE-2021-44228 and log4j CVE-2021-45046

Fast filesystem scanner for CVE-2021-44228

Filesystem log4j_scanner for windows and Unix Scanning for CVE-2021-44228, CVE-2021-45046, CVE-2019-17571, CVE-2021-44832 Requires a minimum of Python 27 Can be executed as Custom Script Rule of an Audit or via a Server Script with Server Automation Also executable standalone from the command line Reference githubcom/hillu/local-log4j-vuln-scanner/ github

Tools and scripts by Arctic Wolf

wolf-tools Open source tools and scripts by Arctic Wolf: Arctic Wolf Log4Shell Deep Scan: detects Java application packages subject to CVE-2021-44228 and CVE-2021-45046 Arctic Wolf Spring4Shell Deep Scan: detects Java application packages subject to CVE-2022-22965

The log4j vulnerability test

TestLog4j The log4j vulnerability test Details of the vulnerability is at loggingapacheorg/log4j/2x/securityhtml CHECK THE CVE-2021-45046 CVE-2021-44228

Log4Shell(CVE-2021-45046) Sandbox Signature

Log4Shell-Sandbox-Signature Log4Shell(CVE-2021-45046) Sandbox Signature Regex : githubcom/back2root/log4shell-rex Cape Sandbox Signature Cuckoo Sandbox Signature

log4j2 logging examples

Log4j2 XML Configuration: Log4j2xml Example Lokesh Gupta September 19, 2023 Log4j2 Java Logging Learn to configure log4j2xml file to output the log statements to the console, rolling files etc Learn to configure log4j2 appenders, levels and patterns Apache Log4j2 is an upgrade to Log4j 1x that provides significant improvements over its predecessor such as performance impro

A collection of Github gists.

awesome-gists Terraform AWS WAFv2 for Log4JRCE (CVE-2021-44228, CVE-2021-45046) and Spring4ShellRCE (CVE-2022-22963, CVE-2022-22965)

Tool that runs a test to check whether one of your applications is affected by the recent vulnerabilities in log4j: CVE-2021-44228 and CVE-2021-45046

log4shelltools log4shelltools is a tool that allows you to run a test to check whether one of your applications is affected by the recent vulnerabilities in log4j: CVE-2021-44228 and CVE-2021-45046 This is the code that runs log4shellalexbakkerme If you'd like to inspect the code or run an instance in your own environment, you've come to the right place

Provides deep dependency scanning for vulnerable log4j-core usage in Git repositories.

Deep scanning for log4j IAS created an open source project, dependency-deep-scan-utilities which detects log4j vulnerabilities (CVE-2021-44228 and CVE-2021-45046) in your source code Because of the widespread use of log4j, ease of exploit, and ability to perform remote code execution, IAS open sourced this project to help everyone mitigate this exploit dependency-deep-scan-ut

Log4Shell Scanner Scanner for the log4j < 2170 RCE vulnerability CVE-2021-44228 CVE-2021-45056 The scanner can interact with servers over various protocols to test for the vulnerability How to Run The tool runs with python 39< usage: A scanner to check for the log4j vulnerability [-h] (-t TARGET | --target-list TARGET_LIST)

This repository contains all gathered resources we used during our Incident Reponse on CVE-2021-44228 and CVE-2021-45046 aka Log4Shell.

CVE-2021-44228: Log4j / Log4Shell Security Research Summary This repository contains all gathered resources we used during our Incident Reponse on CVE-2021-44228 and CVE-2021-45046 aka Log4Shell Threat Intel Mitigations / Fixes Malware Reports Advisory IOCs / Callback Domains / IP Addresses Honeypots Payloads / Obfuscation / WAF Bypass Vulnerability Scanning Exploitation

Test this content before applying it to production systems Usage Download the latest package from releases here: githubcom/VerveIndustrialProtection/CVE-2021-44228-Log4j/releases and then Import the Fixlets, Analyses, and Computer Group into a site and apply computer subscriptions Detection Methods There are three detection methods available for each supported Operat

Workshop Objectives 악성코드탐지 플랫폼 SonaType Nexus Firewall (IQ Server) 을 이용하여, SDLC 내에 위협요소가 유입되는 것을 방지할 수 있도록 Nexus Repository와 Nexus Firewall을 통한 실습을 수행합니다 가장 많이 사용하는 NPM, MAVEN, PYPI를 통해서 위협요소를 평가 실습하며, 주어진 미션을 완성함을 목적

A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228

log4j-scan A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs Fuzzing for more than 60 HTTP request headers (not only 3-4 headers as previously seen tools) Fuzzing for HTTP POST Data parameters Fuzzing for JSON data parameters Supports DNS callback for vulnerability discovery and validation WAF Bypass

Jmeter Cluster for k8s/docker/dockerswarm

Copy from githubcom/justb4/docker-jmeter docker-jmeter Image on Docker Hub Docker image for Apache JMeter This Docker image can be run as the jmeter command Find Images of this repo on Docker Hub Starting version 54 Docker builds/pushes are executed via GitHub Workflows Security Patches As you may have seen in the news, a new zero-day exploit has been reported aga

log4j RCE (CVE-2021-44228)이 215에서 패치되었지만, CVE-2021-45046 (DoS 유발) 취약점이 새로 발견되었음 아래는 테스트 해본 결과 [테스트 환경] log4j-2150 (api , core) JRE-180 jdk180_151 Eclipse IDE (Maven Project) Log4j RCE (CVE-2021-44228) 구문 테스트 -> Not Vuln 임의의 ctx 객체명을 삽입 -> Not vuln

A Smart Log4Shell/Log4j/CVE-2021-44228 Scanner

Log4Shell Sentinel - A Smart CVE-2021-44228 Scanner Introduction While there have some excellent tools released to help organizations scan their environments for applications vulnerable to the critical Log4J / CVE-2021-44228 vulnerability, I felt that: none of the tools I ran into were made for analysts to track a given finding throughout the remediation process Log4Shell Sen

docker-jmeter Image on Docker Hub Docker image for Apache JMeter This Docker image can be run as the jmeter command Find Images of this repo on Docker Hub Starting version 54 Docker builds/pushes are executed via GitHub Workflows Donate With over 10 Million Pulls from DockerHub, this Docker Image is increasingly popular To support its active maintainance consider making a

A standard pkg installer to apply the IBM SPSS Statistics log4j fixes.

Fix pack for SPSS log4j vulnerabilities Applies the log4j 2171 fixes recomended by IBM for log4j vulnerabilities (Security bulletin copied below) There is a prebuilt signed pkg located in the build directory You can deploy it using whatever means ** created using munkipkg Document Source: wwwibmcom/support/pages/apache-log4j-cve-2021-44228-vulnerability-ibm-spss

Scanner to send specially crafted requests and catch callbacks of systems that are impacted by log4j log4shell vulnerability and to detect vulnerable log4j versions on your local file-system

scan4log4shell Scanner to send specially crafted requests and catch callbacks of systems that are impacted by log4j log4shell vulnerability and to detect vulnerable log4j versions on your local file-system Features Local and remote scanner Supports URL and CIDR scans Supports DNS, LDAP & TCP callbacks for vulnerability discovery and validation Fuzzing of 50 HTTP requ

Use Log4Shell vulnerability to vaccinate a victim server against Log4Shell

Logout4Shell Description A vulnerability impacting Apache Log4j versions 20 through 2141 was disclosed on the project’s Github on December 9, 2021 The flaw has been dubbed “Log4Shell,”, and has the highest possible severity rating of 10 Software made or managed by the Apache Software Foundation (From here on just "Apache") is pervasive and comp

Nmap NSE scripts to check against log4shell or LogJam vulnerabilities (CVE-2021-44228)

nse-log4shell Nmap NSE scripts to check against log4shell or LogJam vulnerabilities (CVE-2021-44228) NSE scripts check most popular exposed services on the Internet It is basic script where you can customize payload Examples Note that NSE scripts will only issue the requests to the services Nmap will not report vulnerable hosts, but you have to check DNS logs to determine v

Oh no another one

CVE-2021-45046-Info Oh no another one POC ${ctx:apiversion} - %d{yyyy-MM-dd HH:mm:ss} %-5p %c{1}:%L - %m{nolookups}%n LINKS nvdnistgov/vuln/detail/CVE-2021-45046 wwwdatadoghqcom/blog/log4j-log4shell-vulnerability-overview-and-remediation/ wwwlunasecio/docs/blog/log4j-zero-day-update-on-cve-2021-45046/

docker-jmeter Image on Docker Hub Docker image for Apache JMeter This Docker image can be run as the jmeter command Find Images of this repo on Docker Hub Starting version 54 Docker builds/pushes are executed via GitHub Workflows Donate With over 10 Million Pulls from DockerHub, this Docker Image is increasingly popular To support its active maintainance consider making a

Tool to search system for log4j-*.jar files

find_log4j Searches all disks for Apache Log4j Security Vulnerabilities (CVE-2021-45046 and CVE-2021-44228) Description This command line application searches all disks for Apache Log4j Security Vulnerabilities (CVE-2021-45046 and CVE-2021-44228) and writes the matching paths to txt in the same folder as the executable or to a specified file If no matches were found the resu

Getting up and running with Snyk CLI

Getting Started with Snyk CLI This guide is provided as a quick reference to getting started with Snyk CLI We will use an existing repository during a set of tests we run showing how to perform common tasks with the Snyk CLI Note: This does not attempt to replace the Snyk Docs which go into far more details but instead aid in a quick start with the snyk CLI Step 1 - Installing

PowerShell scripts for Log4Shell So far, it only includes the script Remove-ArchiveItemps1, which removes a specified class file from JAR files (or any ZIP file, for that matter) This allows to implement one of the proposed workarounds for the Log4Shell vulnerability found in Log4j 2X Java library (CVE-2021-44228 and CVE-2021-45046) The workaround consists in removing the o