Operational information regarding the log4shell vulnerabilities in the Log4j logging library.

A Proof-Of-Concept for the CVE-2021-44228 vulnerability.

Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228, CVE-2021-45046, CVE-2021-45105)

log4j rce test environment and poc

Log4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.

A collection of intelligence about Log4Shell and its exploitation activity.

An All-In-One Pure Python PoC for CVE-2021-44228

Deobfuscate Log4Shell payloads with ease.

A script that checks for vulnerable Log4j (CVE-2021-44228) systems using injection of the payload in common HTTP headers.

Simulating Log4j Remote Code Execution (RCE) vulnerability in a flask web server using python's logging library with custom formatter that simulates lookup substitution by executing remote exploit code.

用于探测Log4j漏洞, 将它POC的威力最大化, POC验证成功后会立即收到目标机器的系统主机名、时间、版本号、用户名、环境变量以及Log4j路径、java版本号、中间件信息等信息.

Fastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excellent performance and low memory footprint.

Generate primary obfuscated or secondary obfuscated CVE-2021-44228 or CVE-2021-45046 payloads to evade WAF detection.

Log4j2 CVE-2021-44228 revshell, ofc it suck!!

Writing PySpark logs in Apache Spark and Databricks

Python3 script for scanning CVE-2021-44228 (Log4shell) vulnerable machines.

A simple automatic tool for finding vulnerable log4j hosts

yet another log4shell scanner

A scanner and a proof of sample exploit for log4j RCE CVE-2021-44228

Mass Check Vulnerable Log4j CVE-2021-44228