Take the log4j exploit string and pull down the second-stage payload

Log4Shell CVE-2021-44228 Demo

A Java application intentionally vulnerable to CVE-2021-44228

A simple batch script to download a minecraft mod that fixes log4j, 1.12.2 only

If you are sad and blue scan for Log4J in Sytem32...

The goal of this project is to demonstrate the log4j cve-2021-44228 exploit vulnerability in a spring-boot setup, and to show how to fix it.

A web application vulnerable to Log4Shell. It's a target for https://github.com/nth347/JNDI-injection-servers

A collection of stuff from my senior project about Log4Shell.

Script to combine all host specific json outputs from log4j-detector into one single csv file. Requires only standard python installation, no further dependencies.

Log4Shell (CVE-2021-44228): Descrizione, Exploitation e Mitigazione

Fork of Original Capstone project created with Derek Lin; Includes a custom-made PoC instead of utilizing kozmer's PoC.

Python script designed to iterate over .jar, .jar inside .jar, and .class files in attached file systems for instances of Apache's JndiLookup.class. Compatible with Python 2 and Python 3.

Web Security Experimental Spring Application for TIC4304

Simple proof of concept of Log4Shell vulnerability in a spring boot vulnerable application environment.

Script for checking log4j version

log based detection

Script for downloading newest log4j jar files and upgrades it on a Linux-system.

Scans the file system to find Log4Shell vulnerabilities.

Материалы к вебинару «Обнаружение Log4shell в CI/CD с помощью GitLab».

A lab & assignment for CSC427