A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228

A log4j vulnerability filesystem scanner and Go package for analyzing JAR files.

log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.

A public open sourced tool. Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too! TAG_OS_TOOL, OWNER_KELLY, DC_PUBLIC

log4jScanner provides the ability to scan internal subnets for vulnerable log4j web services

Simple local scanner for vulnerable log4j instances

Remote command execution vulnerability scanner for Log4j.

Log4j Vulnerability Scanner for Windows

Burp extension to scan Log4Shell (CVE-2021-44228) vulnerability pre and post auth.

Log4j 漏洞本地检测脚本。 Scan all java processes on your host to check whether it's affected by log4j2 remote code execution vulnerability (CVE-2021-45046)

Ansible detector scanner playbook to verify target Linux hosts using the official Red Hat Log4j detector script RHSB-2021-009 Remote Code Execution - log4j (CVE-2021-44228)

Log4jScanner is a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains.

Scan systems and docker images for potential log4j vulnerabilities. Able to patch (remove JndiLookup.class) from layered archives. Will detect in-depth (layered archives jar/zip/tar/war and scans for vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046 and CVE-2021-45105). Binaries for Windows, Linux and OsX, but can be build on each platform supported by supported Golang.

Fastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excellent performance and low memory footprint.

Multithreaded log4j vulnerability scanner using only bash! Tests all JNDI protocols, HTTP GET/POST, and 84 headers.

Log4j-Scanner with Bind-Receipt and custom hostnames

A Smart Log4Shell/Log4j/CVE-2021-44228 Scanner

Public testing data. Samples of log4j library versions to help log4j scanners / detectors improve their accuracy for detecting CVE-2021-45046 and CVE-2021-44228. TAG_TESTING, OWNER_KEN, DC_PUBLIC

Just simple log4j scanner

Scanner to send specially crafted requests and catch callbacks of systems that are impacted by log4j log4shell vulnerability and to detect vulnerable log4j versions on your local file-system

Scanner for Log4j RCE CVE-2021-44228

log4j2 rce漏洞扫描器

BurpSuite Extension: Log4j RCE Scanner

open detection and scanning tool for discovering and fuzzing for Log4J RCE CVE-2021-44228 vulnerability

A scanner and a proof of sample exploit for log4j RCE CVE-2021-44228

Scanner that scans local files for log4shell vulnerability. Does bytecode analysis so it does not rely on metadata. Will find vulnerable log4j even it has been self-compiled/repackaged/shaded/nested (e.g. uberjar, fatjar) and even obfuscated.

A simple powershells script to scan for known affected file hashes in the December 2021 Log4j zero-day flaw

A scanning tool to check if the system is vuln and report it to the log4j-collector

Generic Scanner for Apache log4j RCE CVE-2021-44228

Fast filesystem scanner for CVE-2021-44228