Log in
Register
Cyber Forum
More options
Toggle width
Share this page
Share this page
Share
Share
Cyber Forum
Log in
Register
More options
Toggle width
Share this page
Share this page
Share
Share
Menu
Install the app
Install
Home
CyberWeekly Podcast
Breaking News! Podcast
Cyber Risk Rating
Forums
New posts
Forum list
Trending
Leaderboards
News Feeds
Resources
Latest reviews
Sophos X-Ops Intelix
Threat Reports
Members
Current visitors
My.CompTIA
Help Documents
Preference Center
Forums
Security
Active Exploits Discussion/Recommendations
Log4j Vulnerability Information
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="Jonathan Braley" data-source="post: 2498" data-attributes="member: 77"><p>NCSC - Log4j Overview Scanning Software</p><p></p><p><a href="https://github.com/NCSC-NL/log4shell/blob/main/scanning/README.md" target="_blank">https://github.com/NCSC-NL/log4shell/blob/main/scanning/README.md</a></p><p></p><p>DISCLAIMER: We do not endorse any products or services. Please use these tools at your own risk. These have been provided by the UK’s NCSC.</p><p></p><p>--</p><p></p><p></p><p>Checks if the application is vulnerable to CVE-2021-44228:</p><p></p><table style='width: 100%' class=''><tr><td>Source</td><td>Notes</td><td>Links</td></tr><tr><td>Canary Tokens</td><td>Log4Shell Vulnerability Tester</td><td><a href="https://canarytokens.org/generate" target="_blank">https://canarytokens.org/generate</a></td></tr><tr><td>crypt0jan</td><td>Perform a scan of a single host (using Powershell) to see if it's vulnerable</td><td><a href="https://github.com/crypt0jan/log4j-powershell-checker" target="_blank">https://github.com/crypt0jan/log4j-powershell-checker</a></td></tr><tr><td>Diverto</td><td>Nmap NSE scripts to check against log4shell</td><td><a href="https://github.com/Diverto/nse-log4shell" target="_blank">https://github.com/Diverto/nse-log4shell</a></td></tr><tr><td>Dtact</td><td>DIVD-2021-00038 log4j scanner Scan paths including archives for vulnerable log4</td><td><a href="https://github.com/dtact/divd-2021-00038--log4j-scanner" target="_blank">https://github.com/dtact/divd-2021-00038--log4j-scanner</a></td></tr><tr><td>Deepfence ThreatMapper</td><td>Apache v2, powerful runtime vulnerability scanner for kubernetes, virtual machines and serverless</td><td><a href="https://github.com/deepfence/ThreatMapper" target="_blank">https://github.com/deepfence/ThreatMapper</a></td></tr><tr><td>FullHunt</td><td>Open detection and scanning tool (Python) for discovering and fuzzing for Log4J vulnerability</td><td><a href="https://github.com/fullhunt/log4j-scan" target="_blank">https://github.com/fullhunt/log4j-scan</a></td></tr><tr><td>Fox-IT</td><td>A script to scan the filesystem to find Log4j2 that is vulnerable to Log4Shell (CVE-2021-44228) (Python)</td><td><a href="https://github.com/fox-it/log4j-finder" target="_blank">https://github.com/fox-it/log4j-finder</a></td></tr><tr><td>Grype</td><td>Open source vulnerability scanner (docker), picks up nested JARs containing log4j</td><td><a href="https://github.com/anchore/grype" target="_blank">https://github.com/anchore/grype</a></td></tr><tr><td>Huntress</td><td>Online Log4Shell Vulnerability Tester</td><td><a href="https://log4shell.huntress.com/" target="_blank">https://log4shell.huntress.com/</a></td></tr><tr><td>logpresso</td><td>Scans for java files that are vulnerable and may rename it for mitigation</td><td><a href="https://github.com/logpresso/CVE-2021-44228-Scanner" target="_blank">https://github.com/logpresso/CVE-2021-44228-Scanner</a></td></tr><tr><td>Northwave Security</td><td>Northwave Log4j CVE-2021-44228 checker (python)</td><td><a href="https://github.com/NorthwaveSecurity/log4jcheck" target="_blank">https://github.com/NorthwaveSecurity/log4jcheck</a></td></tr><tr><td>Northwave Security</td><td>Northwave Log4j CVE-2021-44228 checker Powershell version</td><td><a href="https://github.com/crypt0jan/log4j-powershell-checker" target="_blank">https://github.com/crypt0jan/log4j-powershell-checker</a></td></tr><tr><td>OlafHaalstra</td><td>Scans a list of URLs with GET or POST request with user defined parameters (python)</td><td><a href="https://github.com/OlafHaalstra/log4jcheck" target="_blank">https://github.com/OlafHaalstra/log4jcheck</a></td></tr><tr><td>righel</td><td>Nmap NSE script to inject jndi payloads with customizable templates into HTTP targets</td><td><a href="https://github.com/righel/log4shell_nse" target="_blank">https://github.com/righel/log4shell_nse</a></td></tr><tr><td>silentsignal</td><td>Log4Shell scanner for Burp Suite</td><td><a href="https://github.com/silentsignal/burp-log4shell" target="_blank">https://github.com/silentsignal/burp-log4shell</a></td></tr></table><h2>Log4j2 Detection</h2><p>Checks if the application or system is using Log4j2.</p><p></p><table style='width: 100%' class=''><tr><td>Source</td><td>Notes</td><td>Links</td></tr><tr><td>1lann</td><td>Scans a file or folder recursively for jar files that may be vulnerable</td><td><a href="https://github.com/1lann/log4shelldetect" target="_blank">https://github.com/1lann/log4shelldetect</a></td></tr><tr><td>Devotech</td><td>Powershell: Queries domain servers and scans for log4j-core files. (slow)</td><td><a href="https://github.com/devotech/check-log4j" target="_blank">https://github.com/devotech/check-log4j</a></td></tr><tr><td>NCCgroup</td><td>Version hashes (MD5, SHA1 and SHA256) for log4j2 versions</td><td><a href="https://github.com/nccgroup/Cyber-Defence/tree/master/Intelligence/CVE-2021-44228" target="_blank">https://github.com/nccgroup/Cyber-Defence/tree/master/Intelligence/CVE-2021-44228</a></td></tr><tr><td>Neo23x0</td><td>Florian Roth Log4j2 detection script</td><td><a href="https://gist.github.com/Neo23x0/e4c8b03ff8cdf1fa63b7d15db6e3860b" target="_blank">https://gist.github.com/Neo23x0/e4c8b03ff8cdf1fa63b7d15db6e3860b</a></td></tr><tr><td>sp4ir</td><td>Powershell script to detect Log4Shell</td><td><a href="https://github.com/sp4ir/incidentresponse/blob/35a2faae8512884bcd753f0de3fa1adc6ec326ed/Get-Log4shellVuln.ps1" target="_blank">https://github.com/sp4ir/incidentresponse/blob/35a2faae8512884bcd753f0de3fa1adc6ec326ed/Get-Log4shellVuln.ps1</a></td></tr><tr><td>Syft</td><td>Open source SBOM scanner, can detect all dependencies including log4j</td><td><a href="https://github.com/anchore/syft/" target="_blank">https://github.com/anchore/syft/</a></td></tr><tr><td>Kelvin Tegelaar</td><td>Open sourced(MIT license) PowerShell log4j detection. Uses "Everything" to prevent high system load</td><td><a href="https://www.cyberdrain.com/monitoring-with-powershell-detecting-log4j-files/" target="_blank">https://www.cyberdrain.com/monitoring-with-powershell-detecting-log4j-files/</a></td></tr></table></blockquote><p></p>
[QUOTE="Jonathan Braley, post: 2498, member: 77"] NCSC - Log4j Overview Scanning Software [URL]https://github.com/NCSC-NL/log4shell/blob/main/scanning/README.md[/URL] DISCLAIMER: We do not endorse any products or services. Please use these tools at your own risk. These have been provided by the UK’s NCSC. -- Checks if the application is vulnerable to CVE-2021-44228: [TABLE] [TR] [TD]Source[/TD] [TD]Notes[/TD] [TD]Links[/TD] [/TR] [TR] [TD]Canary Tokens[/TD] [TD]Log4Shell Vulnerability Tester[/TD] [TD][URL]https://canarytokens.org/generate[/URL][/TD] [/TR] [TR] [TD]crypt0jan[/TD] [TD]Perform a scan of a single host (using Powershell) to see if it's vulnerable[/TD] [TD][URL]https://github.com/crypt0jan/log4j-powershell-checker[/URL][/TD] [/TR] [TR] [TD]Diverto[/TD] [TD]Nmap NSE scripts to check against log4shell[/TD] [TD][URL]https://github.com/Diverto/nse-log4shell[/URL][/TD] [/TR] [TR] [TD]Dtact[/TD] [TD]DIVD-2021-00038 log4j scanner Scan paths including archives for vulnerable log4[/TD] [TD][URL]https://github.com/dtact/divd-2021-00038--log4j-scanner[/URL][/TD] [/TR] [TR] [TD]Deepfence ThreatMapper[/TD] [TD]Apache v2, powerful runtime vulnerability scanner for kubernetes, virtual machines and serverless[/TD] [TD][URL]https://github.com/deepfence/ThreatMapper[/URL][/TD] [/TR] [TR] [TD]FullHunt[/TD] [TD]Open detection and scanning tool (Python) for discovering and fuzzing for Log4J vulnerability[/TD] [TD][URL]https://github.com/fullhunt/log4j-scan[/URL][/TD] [/TR] [TR] [TD]Fox-IT[/TD] [TD]A script to scan the filesystem to find Log4j2 that is vulnerable to Log4Shell (CVE-2021-44228) (Python)[/TD] [TD][URL]https://github.com/fox-it/log4j-finder[/URL][/TD] [/TR] [TR] [TD]Grype[/TD] [TD]Open source vulnerability scanner (docker), picks up nested JARs containing log4j[/TD] [TD][URL]https://github.com/anchore/grype[/URL][/TD] [/TR] [TR] [TD]Huntress[/TD] [TD]Online Log4Shell Vulnerability Tester[/TD] [TD][URL]https://log4shell.huntress.com/[/URL][/TD] [/TR] [TR] [TD]logpresso[/TD] [TD]Scans for java files that are vulnerable and may rename it for mitigation[/TD] [TD][URL]https://github.com/logpresso/CVE-2021-44228-Scanner[/URL][/TD] [/TR] [TR] [TD]Northwave Security[/TD] [TD]Northwave Log4j CVE-2021-44228 checker (python)[/TD] [TD][URL]https://github.com/NorthwaveSecurity/log4jcheck[/URL][/TD] [/TR] [TR] [TD]Northwave Security[/TD] [TD]Northwave Log4j CVE-2021-44228 checker Powershell version[/TD] [TD][URL]https://github.com/crypt0jan/log4j-powershell-checker[/URL][/TD] [/TR] [TR] [TD]OlafHaalstra[/TD] [TD]Scans a list of URLs with GET or POST request with user defined parameters (python)[/TD] [TD][URL]https://github.com/OlafHaalstra/log4jcheck[/URL][/TD] [/TR] [TR] [TD]righel[/TD] [TD]Nmap NSE script to inject jndi payloads with customizable templates into HTTP targets[/TD] [TD][URL]https://github.com/righel/log4shell_nse[/URL][/TD] [/TR] [TR] [TD]silentsignal[/TD] [TD]Log4Shell scanner for Burp Suite[/TD] [TD][URL]https://github.com/silentsignal/burp-log4shell[/URL][/TD] [/TR] [/TABLE] [HEADING=1]Log4j2 Detection[/HEADING] Checks if the application or system is using Log4j2. [TABLE] [TR] [TD]Source[/TD] [TD]Notes[/TD] [TD]Links[/TD] [/TR] [TR] [TD]1lann[/TD] [TD]Scans a file or folder recursively for jar files that may be vulnerable[/TD] [TD][URL]https://github.com/1lann/log4shelldetect[/URL][/TD] [/TR] [TR] [TD]Devotech[/TD] [TD]Powershell: Queries domain servers and scans for log4j-core files. (slow)[/TD] [TD][URL]https://github.com/devotech/check-log4j[/URL][/TD] [/TR] [TR] [TD]NCCgroup[/TD] [TD]Version hashes (MD5, SHA1 and SHA256) for log4j2 versions[/TD] [TD][URL]https://github.com/nccgroup/Cyber-Defence/tree/master/Intelligence/CVE-2021-44228[/URL][/TD] [/TR] [TR] [TD]Neo23x0[/TD] [TD]Florian Roth Log4j2 detection script[/TD] [TD][URL]https://gist.github.com/Neo23x0/e4c8b03ff8cdf1fa63b7d15db6e3860b[/URL][/TD] [/TR] [TR] [TD]sp4ir[/TD] [TD]Powershell script to detect Log4Shell[/TD] [TD][URL]https://github.com/sp4ir/incidentresponse/blob/35a2faae8512884bcd753f0de3fa1adc6ec326ed/Get-Log4shellVuln.ps1[/URL][/TD] [/TR] [TR] [TD]Syft[/TD] [TD]Open source SBOM scanner, can detect all dependencies including log4j[/TD] [TD][URL]https://github.com/anchore/syft/[/URL][/TD] [/TR] [TR] [TD]Kelvin Tegelaar[/TD] [TD]Open sourced(MIT license) PowerShell log4j detection. Uses "Everything" to prevent high system load[/TD] [TD][URL]https://www.cyberdrain.com/monitoring-with-powershell-detecting-log4j-files/[/URL][/TD] [/TR] [/TABLE] [/QUOTE]
Name
Verification
Post reply
Forums
Security
Active Exploits Discussion/Recommendations
Log4j Vulnerability Information
Top
Bottom
Home
Forums
Threat Reports
My.CompTIA
Menu