Skip to content
/ log4shelldetect Public

Rapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or "that Log4j JNDI exploit" by inspecting the class paths inside files

License

Unlicense license
45 stars 8 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

1lann/log4shelldetect

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
.gitignore
.gitignore
 
 
.goreleaser.yml
.goreleaser.yml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 
velocity-1.1.9.jar
velocity-1.1.9.jar
 
 

Repository files navigation

log4shelldetect

Scans a file or folder recursively for jar files that may be vulnerable to Log4Shell (CVE-2021-44228) by inspecting the class paths inside the jar.

If you only want possibly vulnerable jars to be printed rather than all jars, run with -mode list.

License

Code here is released to the public domain under unlicense.

With the exception of velocity-1.1.9.jar which is an example vulnerable .jar file part of Velocity which is licensed under GPLv3.

About

Rapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or "that Log4j JNDI exploit" by inspecting the class paths inside files

Topics

log4j scanner vulnerability-scanners log4j2 cve-2021-44228 log4shell cve-2021-45046

Resources

Readme

License

Unlicense license
Activity

Stars

45 stars

Watchers

6 watching

Forks

8 forks
Report repository

Releases 7

v0.0.7 Latest
Dec 18, 2021
+ 6 releases

Packages

No packages published

Languages