Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Apache Software Foundation | Apache Log4j2 | 2.0-beta9 ~ log4j-core* | - |
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | Apache Log4j 远程代码执行 | https://github.com/tangxiaofeng7/CVE-2021-44228-Apache-Log4j-Rce | POC Details |
| 2 | Patch up CVE-2021-44228 for minecraft forge 1.7.10 - 1.12.2 | https://github.com/Glease/Healer | POC Details |
| 3 | This tool patches the CVE-2021-44228 Log4J vulnerability present in all minecraft versions NOTE THIS TOOL MUST BE RE-RUN after downloading or updating versions of minecraft as its not a perminent patch | https://github.com/jacobtread/L4J-Vuln-Patch | POC Details |
| 4 | Remote Code Injection In Log4j | https://github.com/jas502n/Log4j2-CVE-2021-44228 | POC Details |
| 5 | Log4j-RCE (CVE-2021-44228) Proof of Concept with additional information | https://github.com/HyCraftHD/Log4J-RCE-Proof-Of-Concept | POC Details |
| 6 | 一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense. | https://github.com/boundaryx/cloudrasp-log4j2 | POC Details |
| 7 | Apache Log4j 2 a remote code execution vulnerability via the ldap JNDI parser. | https://github.com/dbgee/CVE-2021-44228 | POC Details |
| 8 | A mitigation for CVE-2021-44228 (log4shell) that works by patching the vulnerability at runtime. (Works with any vulnerable java software, tested with java 6 and newer) | https://github.com/CreeperHost/Log4jPatcher | POC Details |
| 9 | CVE-2021-44228 fix | https://github.com/DragonSurvivalEU/RCE | POC Details |
| 10 | Deploys an agent to fix CVE-2021-44228 (Log4j RCE vulnerability) in a running JVM process | https://github.com/simonis/Log4jPatch | POC Details |
| 11 | A small server for verifing if a given java program is succeptibel to CVE-2021-44228 | https://github.com/zlepper/CVE-2021-44228-Test-Server | POC Details |
| 12 | Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228). | https://github.com/christophetd/log4shell-vulnerable-app | POC Details |
| 13 | A script that checks for vulnerable Log4j (CVE-2021-44228) systems using injection of the payload in common HTTP headers. | https://github.com/NorthwaveSecurity/log4jcheck | POC Details |
| 14 | Vulnerable to CVE-2021-44228. trustURLCodebase is not required. | https://github.com/nkoneko/VictimApp | POC Details |
| 15 | Patch Pulsar Docker images with Log4J 2.17.1 update to mitigate Apache Log4J Security Vulnerabilities including Log4Shell | https://github.com/lhotari/pulsar-docker-images-patch-CVE-2021-44228 | POC Details |
| 16 | Apache Log4j2 RCE( CVE-2021-44228)验证环境 | https://github.com/1in9e/Apache-Log4j2-RCE | POC Details |
| 17 | vulnerability POC | https://github.com/KosmX/CVE-2021-44228-example | POC Details |
| 18 | Vulnerability CVE-2021-44228 checker | https://github.com/greymd/CVE-2021-44228 | POC Details |
| 19 | Hashes for vulnerable LOG4J versions | https://github.com/mubix/CVE-2021-44228-Log4Shell-Hashes | POC Details |
| 20 | CVE-2021-44228 server-side fix for minecraft servers. | https://github.com/OopsieWoopsie/mc-log4j-patcher | POC Details |
| 21 | None | https://github.com/wheez-y/CVE-2021-44228-kusto | POC Details |
| 22 | Mitigation for Log4Shell Security Vulnerability CVE-2021-44228 | https://github.com/izzyacademy/log4shell-mitigation | POC Details |
| 23 | log4shell sample application (CVE-2021-44228) | https://github.com/0xst4n/CVE-2021-44228-poc | POC Details |
| 24 | Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URLs with multithreading | https://github.com/takito1812/log4j-detect | POC Details |
| 25 | Java agent that disables Apache Log4J's JNDI Lookup. Fixes CVE-2021-44228, aka "Log4Shell." | https://github.com/winnpixie/log4noshell | POC Details |
| 26 | CVE-2021-44228 DFIR Notes | https://github.com/Azeemering/CVE-2021-44228-DFIR-Notes | POC Details |
| 27 | 🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks | https://github.com/Puliczek/CVE-2021-44228-PoC-log4j-bypass-words | POC Details |
| 28 | A Proof-Of-Concept for the CVE-2021-44228 vulnerability. | https://github.com/kozmer/log4j-shell-poc | POC Details |
| 29 | Buildpack providing a workaround for CVE-2021-44228 (Log4j RCE exploit) | https://github.com/alexandreroman/cve-2021-44228-workaround-buildpack | POC Details |
| 30 | Minecraft Honeypot for Log4j exploit. CVE-2021-44228 Log4Shell LogJam | https://github.com/Adikso/minecraft-log4j-honeypot | POC Details |
| 31 | None | https://github.com/racoon-rac/CVE-2021-44228 | POC Details |
| 32 | None | https://github.com/TheArqsz/CVE-2021-44228-PoC | POC Details |
| 33 | Rapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or "that Log4j JNDI exploit" by inspecting the class paths inside files | https://github.com/1lann/log4shelldetect | POC Details |
| 34 | Log4j2 CVE-2021-44228 复现和回显利用 | https://github.com/binganao/Log4j2-RCE | POC Details |
| 35 | A short demo of CVE-2021-44228 | https://github.com/phoswald/sample-ldap-exploit | POC Details |
| 36 | A minimalistic LDAP server that is meant for test vulnerability to JNDI+LDAP injection attacks in Java, especially CVE-2021-44228. | https://github.com/rakutentech/jndi-ldap-test-server | POC Details |
| 37 | CVE-2021-44228 POC - Spring / Hibernate | https://github.com/uint0/cve-2021-44228--spring-hibernate | POC Details |
| 38 | Fixes CVE-2021-44228 in log4j by patching JndiLookup class | https://github.com/saharNooby/log4j-vulnerability-patcher-agent | POC Details |
| 39 | CVE-2021-44228 Log4j2 BurpSuite Scanner,Customize ceye.io api or other apis,including internal networks | https://github.com/f0ng/log4j2burpscanner | POC Details |
| 40 | None | https://github.com/M1ngGod/CVE-2021-44228-Log4j-lookup-Rce | POC Details |
| 41 | None | https://github.com/byteboycn/CVE-2021-44228-Apache-Log4j-Rce | POC Details |
| 42 | Log4Shell CVE-2021-44228 mitigation tester | https://github.com/lhotari/log4shell-mitigation-tester | POC Details |
| 43 | A Nuclei Template for Apache Log4j RCE (CVE-2021-44228) Detection with WAF Bypass Payloads | https://github.com/toramanemre/log4j-rce-detect-waf-bypass | POC Details |
| 44 | Vulnerability scanner and mitigation patch for Log4j2 CVE-2021-44228 | https://github.com/logpresso/CVE-2021-44228-Scanner | POC Details |
| 45 | None | https://github.com/vorburger/Log4j_CVE-2021-44228 | POC Details |
| 46 | Test the CVE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228 | https://github.com/gauthamg/log4j2021_vul_test | POC Details |
| 47 | None | https://github.com/b-abderrahmane/CVE-2021-44228-playground | POC Details |
| 48 | List of company advisories log4j | https://github.com/leetxyz/CVE-2021-44228-Advisories | POC Details |
| 49 | Content to help the community responding to the Log4j Vulnerability Log4Shell CVE-2021-44228 | https://github.com/cado-security/log4shell | POC Details |
| 50 | Log4j-RCE (CVE-2021-44228) Proof of Concept | https://github.com/WYSIIWYG/Log4J_0day_RCE | POC Details |
| 51 | A Terraform to deploy vulnerable app and a JDNIExploit to work with CVE-2021-44228 | https://github.com/MKhazamipour/log4j-vulnerable-app-cve-2021-44228-terraform | POC Details |
| 52 | Public IoCs about log4j CVE-2021-44228 | https://github.com/Sh0ckFR/log4j-CVE-2021-44228-Public-IoCs | POC Details |
| 53 | CVE-2021-44228 | https://github.com/zzzz0317/log4j2-vulnerable-spring-app | POC Details |
| 54 | Simple demo of CVE-2021-44228 | https://github.com/datadavev/test-44228 | POC Details |
| 55 | Небольшой мод направленный на устранение уязвимости CVE-2021-44228 | https://github.com/LemonCraftRu/JndiRemover | POC Details |
| 56 | Apache Log4j CVE-2021-44228 漏洞复现 | https://github.com/zhangxvx/Log4j-Rec-CVE-2021-44228 | POC Details |
| 57 | Detections for CVE-2021-44228 inside of nested binaries | https://github.com/darkarnium/Log4j-CVE-Detect | POC Details |
| 58 | None | https://github.com/chilliwebs/CVE-2021-44228_Example | POC Details |
| 59 | This enforces signatures for CVE-2021-44228 across all policies on a BIG-IP ASM device | https://github.com/irgoncalves/f5-waf-enforce-sig-CVE-2021-44228 | POC Details |
| 60 | docker compose solution to run a vaccine environment for the log4j2 vulnerability CVE-2021-44228 | https://github.com/jeffbryner/log4j-docker-vaccine | POC Details |
| 61 | A public open sourced tool. Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too! TAG_OS_TOOL, OWNER_KELLY, DC_PUBLIC | https://github.com/mergebase/log4j-detector | POC Details |
| 62 | A bare minimum proof-of-concept for Log4j2 JNDI RCE vulnerability (CVE-2021-44228/Log4Shell). | https://github.com/unlimitedsola/log4j2-rce-poc | POC Details |
| 63 | CVE-2021-44228,log4j2 burp插件 Java版本,dnslog选取了非dnslog.cn域名 | https://github.com/Jeromeyoung/log4j2burpscanner | POC Details |
| 64 | An agent to hotpatch the log4j RCE from CVE-2021-44228. | https://github.com/corretto/hotpatch-for-apache-log4j2 | POC Details |
| 65 | An All-In-One Pure Python PoC for CVE-2021-44228 | https://github.com/alexandre-lavoie/python-log4rce | POC Details |
| 66 | None | https://github.com/RedDrip7/Log4Shell_CVE-2021-44228_related_attacks_IOCs | POC Details |
| 67 | Apache Log4j2 CVE-2021-44228 RCE Demo with RMI and LDAP | https://github.com/mzlogin/CVE-2021-44228-Demo | POC Details |
| 68 | Script to apply official workaround for VMware vCenter log4j vulnerability CVE-2021-44228 | https://github.com/blake-fm/vcenter-log4j | POC Details |
| 69 | log4j2漏洞复现 | https://github.com/creamIcec/CVE-2021-44228-Apache-Log4j-Rce__review | POC Details |
| 70 | None | https://github.com/uint0/cve-2021-44228-helpers | POC Details |
| 71 | CVE-2021-44228(Apache Log4j Remote Code Execution) | https://github.com/RK800-DEV/apache-log4j-poc | POC Details |
| 72 | CVE-2021-44228 | https://github.com/sud0x00/log4j-CVE-2021-44228 | POC Details |
| 73 | None | https://github.com/DiCanio/CVE-2021-44228-docker-example | POC Details |
| 74 | None | https://github.com/mute1997/CVE-2021-44228-research | POC Details |
| 75 | Log4J CVE-2021-44228 Minecraft PoC | https://github.com/myyxl/cve-2021-44228-minecraft-poc | POC Details |
| 76 | An awesome curated list of repos for CVE-2021-44228. ``Apache Log4j 2`` | https://github.com/RrUZi/Awesome-CVE-2021-44228 | POC Details |
| 77 | Abuse Log4J CVE-2021-44228 to patch CVE-2021-44228 in vulnerable Minecraft game sessions to prevent exploitation in the session :) | https://github.com/future-client/CVE-2021-44228 | POC Details |
| 78 | Local Bytecode Scanner for the Log4JShell Vulnerability (CVE-2021-44228) | https://github.com/CodeShield-Security/Log4JShell-Bytecode-Detector | POC Details |
| 79 | Poc of log4j2 (CVE-2021-44228) | https://github.com/Crane-Mocker/log4j-poc | POC Details |
| 80 | Scan systems and docker images for potential log4j vulnerabilities. Able to patch (remove JndiLookup.class) from layered archives. Will detect in-depth (layered archives jar/zip/tar/war and scans for vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046 and CVE-2021-45105). Binaries for Windows, Linux and OsX, but can be build on each platform supported by supported Golang. | https://github.com/dtact/divd-2021-00038--log4j-scanner | POC Details |
| 81 | Sample log4j shell exploit | https://github.com/kali-dass/CVE-2021-44228-log4Shell | POC Details |
| 82 | None | https://github.com/pravin-pp/log4j2-CVE-2021-44228 | POC Details |
| 83 | IP addresses exploiting recent log4j2 vulnerability CVE-2021-44228 | https://github.com/Malwar3Ninja/Exploitation-of-Log4j2-CVE-2021-44228 | POC Details |
| 84 | Dockerized Go app for testing the CVE-2021-44228 vulnerability | https://github.com/urholaukkarinen/docker-log4shell | POC Details |
| 85 | Python script that sends CVE-2021-44228 log4j payload requests to url list | https://github.com/ssl/scan4log4j | POC Details |
| 86 | Mitigate log4shell (CVE-2021-44228) vulnerability attacks using Nginx LUA script | https://github.com/infiniroot/nginx-mitigate-log4shell | POC Details |
| 87 | None | https://github.com/lohanichaten/log4j-cve-2021-44228 | POC Details |
| 88 | Lists of affected components and affected apps/vendors by CVE-2021-44228 (aka Log4shell or Log4j RCE). This list is meant as a resource for security responders to be able to find and address the vulnerability | https://github.com/authomize/log4j-log4shell-affected | POC Details |
| 89 | Known IoCs for log4j framework vulnerability | https://github.com/guardicode/CVE-2021-44228_IoCs | POC Details |
| 90 | CVE-2021-44228 test demo | https://github.com/fireflyingup/log4j-poc | POC Details |
| 91 | None | https://github.com/qingtengyun/cve-2021-44228-qingteng-patch | POC Details |
| 92 | A Byte Buddy Java agent-based fix for CVE-2021-44228, the log4j 2.x "JNDI LDAP" vulnerability. | https://github.com/nccgroup/log4j-jndi-be-gone | POC Details |
| 93 | Hot-patch CVE-2021-44228 by exploiting the vulnerability itself. | https://github.com/qingtengyun/cve-2021-44228-qingteng-online-patch | POC Details |
| 94 | A micro lab for CVE-2021-44228 (log4j) | https://github.com/tasooshi/horrors-log4shell | POC Details |
| 95 | An evil RMI server that can launch an arbitrary command. May be useful for CVE-2021-44228 | https://github.com/Hydragyrum/evil-rmi-server | POC Details |
| 96 | Spring Boot Log4j - CVE-2021-44228 Docker Lab | https://github.com/twseptian/spring-boot-log4j-cve-2021-44228-docker-lab | POC Details |
| 97 | Check list of URLs against Log4j vulnerability CVE-2021-44228 | https://github.com/OlafHaalstra/log4jcheck | POC Details |
| 98 | A tool to analyze the log files from minecraft to scan potential security risks from the CVE-2021-44228 Log4J library exploit. | https://github.com/psychose-club/Saturn | POC Details |
| 99 | None | https://github.com/Panyaprach/Proof-CVE-2021-44228 | POC Details |
| 100 | Log4j RCE - (CVE-2021-44228) | https://github.com/momos1337/Log4j-RCE | POC Details |
| 101 | Mitigate against log4j vulnerability | https://github.com/palominoinc/cve-2021-44228-log4j-mitigation | POC Details |
| 102 | A Docker based LDAP RCE exploit demo for CVE-2021-44228 Log4Shell | https://github.com/cyberxml/log4j-poc | POC Details |
| 103 | Log4J (CVE-2021-44228) Exploit with Remote Command Execution (RCE) | https://github.com/corneacristian/Log4J-CVE-2021-44228-RCE | POC Details |
| 104 | Nmap NSE scripts to check against log4shell or LogJam vulnerabilities (CVE-2021-44228) | https://github.com/Diverto/nse-log4shell | POC Details |
| 105 | pythonic pure python RCE exploit for CVE-2021-44228 log4shell | https://github.com/dotPY-hax/log4py | POC Details |
| 106 | CVE-2021-44228 (Log4Shell) Proof of Concept | https://github.com/sunnyvale-it/CVE-2021-44228-PoC | POC Details |
| 107 | None | https://github.com/maxant/log4j2-CVE-2021-44228 | POC Details |
| 108 | fail2ban filter that catches attacks againts log4j CVE-2021-44228 | https://github.com/atnetws/fail2ban-log4j | POC Details |
| 109 | Some files for red team/blue team investigations into CVE-2021-44228 | https://github.com/kimobu/cve-2021-44228 | POC Details |
| 110 | Fun things against the abuse of the recent CVE-2021-44228 (Log4Shell) vulnerability using common web servers. | https://github.com/KainsRache/anti-jndi | POC Details |
| 111 | log4J burp被扫插件、CVE-2021-44228、支持dnclog.cn和burp内置DNS、可配合JNDIExploit生成payload | https://github.com/bigsizeme/Log4j-check | POC Details |
| 112 | This is a proof-of-concept exploit for Log4j RCE Unauthenticated (CVE-2021-44228). | https://github.com/pedrohavay/exploit-CVE-2021-44228 | POC Details |
| 113 | Ingest GreyNoise.io malicious feed for CVE-2021-44228 and apply null routes | https://github.com/0xRyan/log4j-nullroute | POC Details |
| 114 | OpenIOC rules to facilitate hunting for indicators of compromise | https://github.com/fireeye/CVE-2021-44228 | POC Details |
| 115 | A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 | https://github.com/fullhunt/log4j-scan | POC Details |
| 116 | a fast check, if your server could be vulnerable to CVE-2021-44228 | https://github.com/rubo77/log4j_checker_beta | POC Details |
| 117 | Scanner for Log4j RCE CVE-2021-44228 | https://github.com/thecyberneh/Log4j-RCE-Exploiter | POC Details |
| 118 | CVE-2021-44228 | https://github.com/halibobor/log4j2 | POC Details |
| 119 | Using code search to help fix/mitigate log4j CVE-2021-44228 | https://github.com/sourcegraph/log4j-cve-code-search-resources | POC Details |
| 120 | Log4J CVE-2021-44228 : Mitigation Cheat Sheet | https://github.com/thedevappsecguy/Log4J-Mitigation-CVE-2021-44228--CVE-2021-45046--CVE-2021-45105--CVE-2021-44832 | POC Details |
| 121 | None | https://github.com/helsecert/CVE-2021-44228 | POC Details |
| 122 | CVE-2021-44228 log4j mitigation using aws wafv2 with ansible | https://github.com/markuman/aws-log4j-mitigations | POC Details |
| 123 | A lab for playing around with the Log4J CVE-2021-44228 | https://github.com/tuyenee/Log4shell | POC Details |
| 124 | Log4j Remote Code Injection (Apache Log4j 2.x < 2.15.0-rc2) | https://github.com/JiuBanSec/Log4j-CVE-2021-44228 | POC Details |
| 125 | Log4Shell Docker Env | https://github.com/ycdxsb/Log4Shell-CVE-2021-44228-ENV | POC Details |
| 126 | This repository contains a script that you can run on your (windows) machine to mitigate CVE-2021-44228 | https://github.com/avwolferen/Sitecore.Solr-log4j-mitigation | POC Details |
| 127 | Simple tool for scanning entire directories for attempts of CVE-2021-44228 | https://github.com/kek-Sec/log4j-scanner-CVE-2021-44228 | POC Details |
| 128 | Research into the implications of CVE-2021-44228 in Spring based applications. | https://github.com/Camphul/log4shell-spring-framework-research | POC Details |
| 129 | CVE-2021-4428 复现 | https://github.com/lov3r/cve-2021-44228-log4j-exploits | POC Details |
| 130 | simple python scanner to check if your network is vulnerable to CVE-2021-44228 | https://github.com/sinakeshmiri/log4jScan | POC Details |
| 131 | Burp extension to scan Log4Shell (CVE-2021-44228) vulnerability pre and post auth. | https://github.com/0xDexter0us/Log4J-Scanner | POC Details |
| 132 | None | https://github.com/LutziGoz/Log4J_Exploitation-Vulnerabiliy__CVE-2021-44228 | POC Details |
| 133 | This repository contains all gathered resources we used during our Incident Reponse on CVE-2021-44228 and CVE-2021-45046 aka Log4Shell. | https://github.com/0xsyr0/Log4Shell | POC Details |
| 134 | log4j2 CVE-2021-44228 POC | https://github.com/1hakusai1/log4j-rce-CVE-2021-44228 | POC Details |
| 135 | CVE-2021-44228 - Apache log4j RCE quick test | https://github.com/jeffli1024/log4j-rce-test | POC Details |
| 136 | None | https://github.com/zsolt-halo/Log4J-Log4Shell-CVE-2021-44228-Spring-Boot-Test-Service | POC Details |
| 137 | Log4j CVE-2021-44228 examples: Remote Code Execution (through LDAP, RMI, ...), Forced DNS queries, ... | https://github.com/manuel-alvarez-alvarez/log4j-cve-2021-44228 | POC Details |
| 138 | Mass recognition tool for CVE-2021-44228 | https://github.com/VNYui/CVE-2021-44228 | POC Details |
| 139 | None | https://github.com/flxhaas/Scan-CVE-2021-44228 | POC Details |
| 140 | Mass Check Vulnerable Log4j CVE-2021-44228 | https://github.com/justakazh/Log4j-CVE-2021-44228 | POC Details |
| 141 | This tool creates a custom signature set on F5 WAF and apply to policies in blocking mode | https://github.com/irgoncalves/f5-waf-quick-patch-cve-2021-44228 | POC Details |
| 142 | Some tools to help mitigating Apache Log4j 2 CVE-2021-44228 | https://github.com/madCdan/JndiLookup | POC Details |
| 143 | A singular file to protect as many Minecraft servers and clients as possible from the Log4j exploit (CVE-2021-44228). | https://github.com/Koupah/MC-Log4j-Patcher | POC Details |
| 144 | Apply class remove process from ear/war/jar/zip archive, see https://logging.apache.org/log4j/2.x/ | https://github.com/AlexandreHeroux/Fix-CVE-2021-44228 | POC Details |
| 145 | demo project to highlight how to execute the log4j (CVE-2021-44228) vulnerability | https://github.com/kossatzd/log4j-CVE-2021-44228-test | POC Details |
| 146 | None | https://github.com/tobiasoed/log4j-CVE-2021-44228 | POC Details |
| 147 | log4j / log4shell IoCs from multiple sources put together in one big file (IPs) more coming soon (CVE-2021-44228) | https://github.com/hackinghippo/log4shell_ioc_ips | POC Details |
| 148 | log4j version 1 with a patch for CVE-2021-44228 vulnerability | https://github.com/p3dr16k/log4j-1.2.15-mod | POC Details |
| 149 | Find Log4Shell CVE-2021-44228 on your system | https://github.com/claranet/ansible-role-log4shell | POC Details |
| 150 | None | https://github.com/taurusxin/CVE-2021-44228 | POC Details |
| 151 | Log4j Exploit Detection Logic for Zeek | https://github.com/corelight/cve-2021-44228 | POC Details |
| 152 | CVE-2021-44228 | https://github.com/rodfer0x80/log4j2-prosecutor | POC Details |
| 153 | Log4Shell A test for CVE-2021-44228 | https://github.com/yanghaoi/CVE-2021-44228_Log4Shell | POC Details |
| 154 | Python3 script for scanning CVE-2021-44228 (Log4shell) vulnerable machines. | https://github.com/lfama/log4j_checker | POC Details |
| 155 | Public IOCs about log4j CVE-2021-44228 | https://github.com/threatmonit/Log4j-IOCs | POC Details |
| 156 | Compiling links of value i find regarding CVE-2021-44228 | https://github.com/ben-smash/l4j-info | POC Details |
| 157 | Demonstration of CVE-2021-44228 with a possible strategic fix. | https://github.com/strawhatasif/log4j-test | POC Details |
| 158 | Nmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228) | https://github.com/giterlizzi/nmap-log4shell | POC Details |
| 159 | None | https://github.com/tica506/Siem-queries-for-CVE-2021-44228 | POC Details |
| 160 | The goal of this project is to demonstrate the log4j cve-2021-44228 exploit vulnerability in a spring-boot setup, and to show how to fix it. | https://github.com/chilit-nl/log4shell-example | POC Details |
| 161 | Bash and PowerShell scripts to scan a local filesystem for Log4j .jar files which could be vulnerable to CVE-2021-44228 aka Log4Shell. | https://github.com/Occamsec/log4j-checker | POC Details |
| 162 | Just a personal proof of concept of CVE-2021-44228 on log4j2 | https://github.com/snatalius/log4j2-CVE-2021-44228-poc-local | POC Details |
| 163 | Professional Service scripts to aid in the identification of affected Java applications in TeamServer | https://github.com/Contrast-Security-OSS/CVE-2021-44228 | POC Details |
| 164 | PCRE RegEx matching Log4Shell CVE-2021-44228 IOC in your logs | https://github.com/back2root/log4shell-rex | POC Details |
| 165 | Tool that runs a test to check whether one of your applications is affected by the recent vulnerabilities in log4j: CVE-2021-44228 and CVE-2021-45046 | https://github.com/alexbakker/log4shell-tools | POC Details |
| 166 | Find log4j for CVE-2021-44228 on some places * Log4Shell | https://github.com/perryflynn/find-log4j | POC Details |
| 167 | Scan your logs for CVE-2021-44228 related activity and report the attackers | https://github.com/5l1v3r1/jndiRep | POC Details |
| 168 | Sample docker-compose setup to show how this exploit works | https://github.com/alpacamybags118/log4j-cve-2021-44228-sample | POC Details |
| 169 | Demo project to evaluate Log4j2 Vulnerability | CVE-2021-44228 | https://github.com/sandarenu/log4j2-issue-check | POC Details |
| 170 | None | https://github.com/roticagas/CVE-2021-44228-Demo | POC Details |
| 171 | Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading | https://github.com/Woahd/log4j-urlscanner | POC Details |
| 172 | Log4j2 CVE-2021-44228 revshell, ofc it suck!! | https://github.com/faisalfs10x/Log4j2-CVE-2021-44228-revshell | POC Details |
| 173 | Some siimple checks to see if JAR file is vulnerable to CVE-2021-44228 | https://github.com/gcmurphy/chk_log4j | POC Details |
| 174 | A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability. | https://github.com/0xInfection/LogMePwn | POC Details |
| 175 | A Nuclei template for Apache Solr affected by Apache Log4J CVE-2021-44228 | https://github.com/toramanemre/apache-solr-log4j-CVE-2021-44228 | POC Details |
| 176 | Check CVE-2021-44228 vulnerability | https://github.com/codiobert/log4j-scanner | POC Details |
| 177 | Little recap of the log4j2 remote code execution (CVE-2021-44228) | https://github.com/cbuschka/log4j2-rce-recap | POC Details |
| 178 | Endpoint to test CVE-2021-44228 – Log4j 2 | https://github.com/andrii-kovalenko-celonis/log4j-vulnerability-demo | POC Details |
| 179 | On Thursday (December 9th), a 0-day exploit in the popular Java logging library log4j (version 2) was discovered that results in Remote Code Execution (RCE) by logging a certain string. Given how ubiquitous this library is, the impact of the exploit (full server control), and how easy it is to exploit, the impact of this vulnerability is quite severe. We're calling it "Log4Shell" for short. | https://github.com/jan-muhammad-zaidi/Log4j-CVE-2021-44228 | POC Details |
| 180 | Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228, CVE-2021-45046, CVE-2021-45105) | https://github.com/fox-it/log4j-finder | POC Details |
| 181 | Details : CVE-2021-44228 | https://github.com/34zY/JNDI-Exploit-1.2-log4shell | POC Details |
| 182 | None | https://github.com/didoatanasov/cve-2021-44228 | POC Details |
| 183 | The vulnerability, which can allow an attacker to execute arbitrary code by sending crafted log messages, has been identified as CVE-2021-44228 and given the name Log4Shell. | https://github.com/ReynerGonzalez/Security-Log4J-Tester | POC Details |
| 184 | CVE-2021-44228 | https://github.com/ShaneKingBlog/org.shaneking.demo.cve.y2021.s44228 | POC Details |
| 185 | Repo containing all info, scripts, etc. related to CVE-2021-44228 | https://github.com/wortell/log4j | POC Details |
| 186 | None | https://github.com/municipalparkingservices/CVE-2021-44228-Scanner | POC Details |
| 187 | Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228 | https://github.com/BinaryDefense/log4j-honeypot-flask | POC Details |
| 188 | Tools for investigating Log4j CVE-2021-44228 | https://github.com/MalwareTech/Log4jTools | POC Details |
| 189 | A firewall reverse proxy for preventing Log4J (Log4Shell aka CVE-2021-44228) attacks. | https://github.com/mufeedvh/log4jail | POC Details |
| 190 | Simple Spring Boot application vulnerable to CVE-2021-44228 (a.k.a log4shell) | https://github.com/guerzon/log4shellpoc | POC Details |
| 191 | None | https://github.com/ab0x90/CVE-2021-44228_PoC | POC Details |
| 192 | Tools for remediating the recent log4j2 RCE vulnerability (CVE-2021-44228) | https://github.com/stripe/log4j-remediation-tools | POC Details |
| 193 | Log4j Shield - fast ⚡, scalable and easy to use Log4j vulnerability CVE-2021-44228 finder and patcher | https://github.com/xsultan/log4jshield | POC Details |
| 194 | CVE-2021-44228 Response Scripts | https://github.com/0xThiebaut/CVE-2021-44228 | POC Details |
| 195 | Scanners for Jar files that may be vulnerable to CVE-2021-44228 | https://github.com/CERTCC/CVE-2021-44228_scanner | POC Details |
| 196 | None | https://github.com/CrackerCat/CVE-2021-44228-Log4j-Payloads | POC Details |
| 197 | Fast filesystem scanner for CVE-2021-44228 | https://github.com/dbzoo/log4j_scanner | POC Details |
| 198 | Aims to find JndiLookup.class in nearly any directory or zip, jar, ear, war file, even deeply nested. | https://github.com/jeremyrsellars/CVE-2021-44228_scanner | POC Details |
| 199 | Quick Deploy to show case cve-2021-44228 | https://github.com/JustinDPerkins/C1-WS-LOG4SHELL | POC Details |
| 200 | Log4J Updater Bash Script to automate the framework update process on numerous machines and prevent the CVE-2021-44228 | https://github.com/VinniMarcon/Log4j-Updater | POC Details |
| 201 | This project is just to show Apache Log4j2 Vulnerability - aka CVE-2021-44228 | https://github.com/bhprin/log4j-vul | POC Details |
| 202 | None | https://github.com/avirahul007/CVE-2021-44228 | POC Details |
| 203 | A playground for poking at the Log4Shell (CVE-2021-44228) vulnerability mitigations | https://github.com/rgl/log4j-log4shell-playground | POC Details |
| 204 | A one-stop repo/ information hub for all log4j vulnerability-related information. | https://github.com/anuvindhs/how-to-check-patch-secure-log4j-CVE-2021-44228 | POC Details |
| 205 | Identifying all log4j components across all windows servers, entire domain, can be multi domain. CVE-2021-44228 | https://github.com/KeysAU/Get-log4j-Windows.ps1 | POC Details |
| 206 | Apache Log4j Zero Day Vulnerability aka Log4Shell aka CVE-2021-44228 | https://github.com/kubearmor/log4j-CVE-2021-44228 | POC Details |
| 207 | Vulnerability scanner and mitigation patch for Log4j2 CVE-2021-44228 | https://github.com/jyotisahu98/logpresso-CVE-2021-44228-Scanner | POC Details |
| 208 | This repository is designed to be a collection of resources to learn about, detect and mitigate the impact of the Log4j vulnerability - more formally known as CVE-2021-44228 and CVE-2021-45046 (mirror from GitLab.com) | https://github.com/gitlab-de/log4j-resources | POC Details |
| 209 | An automated, reliable scanner for the Log4Shell (CVE-2021-44228) vulnerability. | https://github.com/redhuntlabs/Log4JHunt | POC Details |
| 210 | Test case to check if the Log4Shell/CVE-2021-44228 hotfix will raise any unexpected exceptions | https://github.com/mss/log4shell-hotfix-side-effect | POC Details |
| 211 | None | https://github.com/111coding/log4j_temp_CVE-2021-44228 | POC Details |
| 212 | A simple project to check coverage of Log4J vuln CVE-2021-44228 (and related) | https://github.com/MeterianHQ/log4j-vuln-coverage-check | POC Details |
| 213 | fix cve 44228 for windows | https://github.com/sebiboga/jmeter-fix-cve-2021-44228-windows | POC Details |
| 214 | we are providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account. The script enables security teams to identify external-facing AWS assets by running the exploit on them, and thus be able to map them and quickly patch them | https://github.com/mitiga/log4shell-cloud-scanner | POC Details |
| 215 | A scanner and a proof of sample exploit for log4j RCE CVE-2021-44228 | https://github.com/isuruwa/Log4j | POC Details |
| 216 | Data we are receiving from our honeypots about CVE-2021-44228 | https://github.com/honeynet/log4shell-data | POC Details |
| 217 | Scans for Log4j versions effected by CVE-2021-44228 | https://github.com/inettgmbh/checkmk-log4j-scanner | POC Details |
| 218 | CVE-2021-44228 demo webapp | https://github.com/b1tm0n3r/CVE-2021-44228 | POC Details |
| 219 | None | https://github.com/VerveIndustrialProtection/CVE-2021-44228-Log4j | POC Details |
| 220 | An automated header extensive scanner for detecting log4j RCE CVE-2021-44228 | https://github.com/alenazi90/log4j | POC Details |
| 221 | Very simple Ansible playbook that scan filesystem for JAR files vulnerable to Log4Shell | https://github.com/pmontesd/log4j-cve-2021-44228 | POC Details |
| 222 | Small example repo for looking into log4j CVE-2021-44228 | https://github.com/LiveOverflow/log4shell | POC Details |
| 223 | None | https://github.com/aws-samples/kubernetes-log4j-cve-2021-44228-node-agent | POC Details |
| 224 | Dockerized honeypot for CVE-2021-44228. | https://github.com/michaelsanford/Log4Shell-Honeypot | POC Details |
| 225 | A honeypot for the Log4Shell vulnerability (CVE-2021-44228). | https://github.com/thomaspatzke/Log4Pot | POC Details |
| 226 | A Remote Code Execution PoC for Log4Shell (CVE-2021-44228) | https://github.com/ubitech/cve-2021-44228-rce-poc | POC Details |
| 227 | This script is used to perform a fast check if your server is possibly affected by CVE-2021-44228 (the log4j vulnerability). | https://github.com/rv4l3r3/log4v-vuln-check | POC Details |
| 228 | log4j vulnerability wrapper scanner for CVE-2021-44228 | https://github.com/dpomnean/log4j_scanner_wrapper | POC Details |
| 229 | This Log4j RCE exploit originated from https://github.com/tangxiaofeng7/CVE-2021-44228-Apache-Log4j-Rce | https://github.com/roxas-tan/CVE-2021-44228 | POC Details |
| 230 | log4shell (CVE-2021-44228) scanning tool | https://github.com/shamo0/CVE-2021-44228 | POC Details |
| 231 | Log4j漏洞(CVE-2021-44228)的Burpsuite检测插件 | https://github.com/snow0715/log4j-Scan-Burpsuite | POC Details |
| 232 | CVE-2021-44228 vulnerability in Apache Log4j library | Log4j vulnerability scanner on Windows machines. | https://github.com/Joefreedy/Log4j-Windows-Scanner | POC Details |
| 233 | Detect and fix log4j log4shell vulnerability (CVE-2021-44228) | https://github.com/Nanitor/log4fix | POC Details |
| 234 | Simple bash script to scan multiples url for log4j vulnerability (CVE-2021-44228) | https://github.com/Gyrfalc0n/scanlist-log4j | POC Details |
| 235 | Simple webapp that is vulnerable to Log4Shell (CVE-2021-44228) | https://github.com/korteke/log4shell-demo | POC Details |
| 236 | Simple Vulnerable Spring Boot Application to Test the CVE-2021-44228 | https://github.com/recanavar/vuln_spring_log4j2 | POC Details |
| 237 | Burp Active Scan extension to identify Log4j vulnerabilities CVE-2021-44228 and CVE-2021-45046 | https://github.com/DXC-StrikeForce/Burp-Log4j-HammerTime | POC Details |
| 238 | Scanner recursivo de arquivos desenvolvido em Python 3 para localização e varredura de versões vulneráveis do Log4j2, contemplando análise interna de arquivos JAR (CVE-2021-44228, CVE-2021-45046, CVE-2021-45105 e CVE-2021-44832) | https://github.com/andalik/log4j-filescan | POC Details |
| 239 | CVE-2021-44228-Apache-Log4j | https://github.com/lonecloud/CVE-2021-44228-Apache-Log4j | POC Details |
| 240 | Log4Shell CVE-2021-44228 Vulnerability Scanner and POC | https://github.com/gyaansastra/CVE-2021-44228 | POC Details |
| 241 | log4j mitigation work | https://github.com/axisops/CVE-2021-44228 | POC Details |
| 242 | Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URLs with multithreading | https://github.com/kal1gh0st/MyLog4Shell | POC Details |
| 243 | Applications that are vulnerable to the log4j CVE-2021-44228/45046 issue may be detectable by scanning jar, war, ear, zip files to search for the presence of JndiLookup.class. | https://github.com/hozyx/log4shell | POC Details |
| 244 | Log4J checker for Apache CVE-2021-44228 | https://github.com/andypitcher/Log4J_checker | POC Details |
| 245 | None | https://github.com/Vulnmachines/log4j-cve-2021-44228 | POC Details |
| 246 | None | https://github.com/kannthu/CVE-2021-44228-Apache-Log4j-Rce | POC Details |
| 247 | Log4Shell Proof of Concept (CVE-2021-44228) | https://github.com/Kr0ff/CVE-2021-44228 | POC Details |
| 248 | Log4shell - Multi-Toolkit. Find, Fix & Test possible CVE-2021-44228 vulneraries - provides a complete LOG4SHELL test/attack environment on shell | https://github.com/suuhm/log4shell4shell | POC Details |
| 249 | Test exploit of CVE-2021-44228 | https://github.com/wajda/log4shell-test-exploit | POC Details |
| 250 | A lab demonstration of the log4shell vulnerability: CVE-2021-44228 | https://github.com/obscuritylabs/log4shell-poc-lab | POC Details |
| 251 | Script - Workaround instructions to address CVE-2021-44228 in vCenter Server | https://github.com/Fazmin/vCenter-Server-Workaround-Script-CVE-2021-44228 | POC Details |
| 252 | PoC RCE Log4j CVE-2021-4428 para pruebas | https://github.com/Grupo-Kapa-7/CVE-2021-44228-Log4j-PoC-RCE | POC Details |
| 253 | None | https://github.com/rohankumardubey/CVE-2021-44228_scanner | POC Details |
| 254 | Log4Shell mitigation (CVE-2021-44228) - search and remove JNDI class from *log4j*.jar files on the system with Powershell (Windows) | https://github.com/sysadmin0815/Fix-Log4j-PowershellScript | POC Details |
| 255 | Log4j2 Vulnerability (CVE-2021-44228) | https://github.com/RenYuH/log4j-lookups-vulnerability | POC Details |
| 256 | Scanner for the Log4j vulnerability dubbed Log4Shell (CVE-2021-44228) | https://github.com/scheibling/py-log4shellscanner | POC Details |
| 257 | Log4Shell (CVE-2021-44228): Descrizione, Exploitation e Mitigazione | https://github.com/zaneef/CVE-2021-44228 | POC Details |
| 258 | Scan your IP network and determine hosts with possible CVE-2021-44228 vulnerability in log4j library. | https://github.com/metodidavidovic/log4j-quick-scan | POC Details |
| 259 | A collection of IOCs for CVE-2021-44228 also known as Log4Shell | https://github.com/WatchGuard-Threat-Lab/log4shell-iocs | POC Details |
| 260 | Provide patched version of Log4J against CVE-2021-44228 and CVE-2021-45046 as well as a script to manually patch it yourself | https://github.com/Aschen/log4j-patched | POC Details |
| 261 | A simple simulation of the infamous CVE-2021-44228 issue. | https://github.com/Nikolas-Charalambidis/cve-2021-44228 | POC Details |
| 262 | CVE-2021-44228 | https://github.com/m0rath/detect-log4j-exploitable | POC Details |
| 263 | None | https://github.com/nu11secur1ty/CVE-2021-44228-VULN-APP | POC Details |
| 264 | Docker images and k8s YAMLs for Log4j Vulnerability POC (Log4j (CVE-2021-44228 RCE Vulnerability) | https://github.com/ankur-katiyar/log4j-docker | POC Details |
| 265 | This project will help to test the Log4j CVE-2021-44228 vulnerability. | https://github.com/immunityinc/Log4j-JNDIServer | POC Details |
| 266 | can find, analyse and patch Log4J files because of CVE-2021-44228, CVE-2021-45046 | https://github.com/DANSI/PowerShell-Log4J-Scanner | POC Details |
| 267 | A scanning suite to find servers affected by the log4shell flaw (CVE-2021-44228) with example to test it | https://github.com/suniastar/scan-log4shell | POC Details |
| 268 | An attempt to understand the log4j vulnerability by looking through the code | https://github.com/shivakumarjayaraman/log4jvulnerability-CVE-2021-44228 | POC Details |
| 269 | Self-contained lab environment that runs the exploit safely, all from docker compose | https://github.com/j3kz/CVE-2021-44228-PoC | POC Details |
| 270 | A fun activity using a packet capture file from the log4j exploit (CVE-2021-44228) | https://github.com/Apipia/log4j-pcap-activity | POC Details |
| 271 | Log4Shell (CVE-2021-44228) docker lab | https://github.com/axelcurmi/log4shell-docker-lab | POC Details |
| 272 | This is a showcase how the Log4J vulnerability (CVE-2021-44228) could be explored. This code is safe to run, but understand what it does and how it works! | https://github.com/otaviokr/log4j-2021-vulnerability-study | POC Details |
| 273 | None | https://github.com/kkyehit/log4j_CVE-2021-44228 | POC Details |
| 274 | An Inspec profile to check for Log4j CVE-2021-44228 and CVE-2021-45046 | https://github.com/trickyearlobe/inspec-log4j | POC Details |
| 275 | Vulnerability analysis, patch management and exploitation tool forCVE-2021-44228 / CVE-2021-45046 / CVE-2021-4104 | https://github.com/TheInterception/Log4J-Simulation-Tool | POC Details |
| 276 | Identifying all log4j components across on local windows servers. CVE-2021-44228 | https://github.com/KeysAU/Get-log4j-Windows-local | POC Details |
| 277 | Demo to show how Log4Shell / CVE-2021-44228 vulnerability works | https://github.com/mschmnet/Log4Shell-demo | POC Details |
| 278 | A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 | https://github.com/Rk-000/Log4j_scan_Advance | POC Details |
| 279 | Exploiting CVE-2021-44228 in vCenter for remote code execution and more. | https://github.com/puzzlepeaches/Log4jCenter | POC Details |
| 280 | A Proof of Concept of the Log4j vulnerabilities (CVE-2021-44228) over Java-RMI | https://github.com/Labout/log4shell-rmi-poc | POC Details |
| 281 | a project written in go and java i abandoned for CVE-2021-44228 try to fix it if you can XD | https://github.com/TotallyNotAHaxxer/f-for-java | POC Details |
| 282 | log4j2 Log4Shell CVE-2021-44228 proof of concept | https://github.com/spasam/log4j2-exploit | POC Details |
| 283 | None | https://github.com/bumheehan/cve-2021-44228-log4j-test | POC Details |
| 284 | A script to search, scrape and scan for Apache Log4j CVE-2021-44228 affected files using Google dorks | https://github.com/JagarYousef/log4j-dork-scanner | POC Details |
| 285 | Shell script to remove JndiLookup class from Log4J 2 jar file, inside WAR file, in order to mitigate CVE-2021-44228, a.k.a., #Log4Shell | https://github.com/dmitsuo/log4shell-war-fixer | POC Details |
| 286 | log4j2 RCE漏洞(CVE-2021-44228)内网扫描器,可用于在不出网的条件下进行漏洞扫描,帮助企业内部快速发现Log4jShell漏洞。 | https://github.com/Y0-kan/Log4jShell-Scan | POC Details |
| 287 | Script en bash que permite identificar la vulnerabilidad Log4j CVE-2021-44228 de forma remota. | https://github.com/julian911015/Log4j-Scanner-Exploit | POC Details |
| 288 | None | https://github.com/intel-xeon/CVE-2021-44228---detection-with-PowerShell | POC Details |
| 289 | Windows Batch Scrip to Fix the log4j-issue-CVE-2021-44228 | https://github.com/chandru-gunasekaran/log4j-fix-CVE-2021-44228 | POC Details |
| 290 | Java application vulnerable to CVE-2021-44228 | https://github.com/erickrr-bd/TekiumLog4jApp | POC Details |
| 291 | Vulnerable web application to test CVE-2021-44228 / log4shell and forensic artifacts from an example attack | https://github.com/snapattack/damn-vulnerable-log4j-app | POC Details |
| 292 | Scan and patch tool for CVE-2021-44228 and related log4j concerns. | https://github.com/sassoftware/loguccino | POC Details |
| 293 | 相关的复现和文档 | https://github.com/xx-zhang/apache-log4j2-CVE-2021-44228 | POC Details |
| 294 | Python script to detect Log4Shell Vulnerability CVE-2021-44228 | https://github.com/r00thunter/Log4Shell-Scanner | POC Details |
| 295 | POC for CVE-2021-44228 within Springboot | https://github.com/mn-io/log4j-spring-vuln-poc | POC Details |
| 296 | Log4j2 CVE-2021-44228 hack demo for a springboot app | https://github.com/rejupillai/log4j2-hack-springboot | POC Details |
| 297 | Ansible detector scanner playbook to verify target Linux hosts using the official Red Hat Log4j detector script RHSB-2021-009 Remote Code Execution - log4j (CVE-2021-44228) | https://github.com/lucab85/log4j-cve-2021-44228 | POC Details |
| 298 | Log4Shell Demo with AWS | https://github.com/BabooPan/Log4Shell-CVE-2021-44228-Demo | POC Details |
| 299 | A Smart Log4Shell/Log4j/CVE-2021-44228 Scanner | https://github.com/ossie-git/log4shell_sentinel | POC Details |
| 300 | Generic Scanner for Apache log4j RCE CVE-2021-44228 | https://github.com/r00thunter/Log4Shell | POC Details |
| 301 | CVE-2021-44228-FIX-JARS | https://github.com/asyzdykov/cve-2021-44228-fix-jars | POC Details |
| 302 | Log4j 2 (CVE-2021-44228) vulnerability scanner for Windows OS | https://github.com/BJLIYANLIANG/log4j-scanner | POC Details |
| 303 | Proof of Concept of apache log4j LDAP lookup vulnerability. CVE-2021-44228 | https://github.com/badb33f/Apache-Log4j-POC | POC Details |
| 304 | open detection and scanning tool for discovering and fuzzing for Log4J RCE CVE-2021-44228 vulnerability | https://github.com/TaroballzChen/CVE-2021-44228-log4jVulnScanner-metasploit | POC Details |
| 305 | Ansible playbook to verify target Linux hosts using the official Red Hat Log4j detector script RHSB-2021-009 for Log4Shell (CVE-2021-44228). | https://github.com/lucab85/ansible-role-log4shell | POC Details |
| 306 | general purpose workaround for the log4j CVE-2021-44228 vulnerability | https://github.com/grimch/log4j-CVE-2021-44228-workaround | POC Details |
| 307 | A Proof-Of-Concept Exploit for CVE-2021-44228 vulnerability. | https://github.com/cybersecurityworks553/log4j-shell-csw | POC Details |
| 308 | CVE-2021-44228 检查工具 | https://github.com/Toolsec/log4j-scan | POC Details |
| 309 | Exploiting CVE-2021-44228 in Unifi Network Application for remote code execution and more. | https://github.com/puzzlepeaches/Log4jUnifi | POC Details |
| 310 | Log4j2 CVE-2021-44228 Vulnerability POC in Apache Tomcat | https://github.com/many-fac3d-g0d/apache-tomcat-log4j | POC Details |
| 311 | PoC for CVE-2021-44228. | https://github.com/marcourbano/CVE-2021-44228 | POC Details |
| 312 | Spring Boot web application vulnerable to CVE-2021-44228, nicknamed Log4Shell. | https://github.com/bsigouin/log4shell-vulnerable-app | POC Details |
| 313 | this repository contains a POC of CVE-2021-44228 (log4j2shell) as part of a security research | https://github.com/ToxicEnvelope/XSYS-Log4J2Shell-Ex | POC Details |
| 314 | Regra ModSec para proteção log4j2 - CVE-2021-44228 | https://github.com/felipe8398/ModSec-log4j2 | POC Details |
| 315 | CVE-2021-44228 | https://github.com/ceyhuncamli/Log4j_Attacker_IPList | POC Details |
| 316 | Log4Shell (CVE-2021-44228) is a zero-day vulnerability in Log4j | https://github.com/mazhar-hassan/log4j-vulnerability | POC Details |
| 317 | IOCs for CVE-2021-44228 | https://github.com/cungts/VTI-IOCs-CVE-2021-44228 | POC Details |
| 318 | Log4Shell (Cve-2021-44228) Proof Of Concept | https://github.com/s-retlaw/l4s_poc | POC Details |
| 319 | None | https://github.com/Ravid-CheckMarx/CVE-2021-44228-Apache-Log4j-Rce-main | POC Details |
| 320 | log4j-paylaod generator : A generic payload generator for Apache log4j RCE CVE-2021-44228 | https://github.com/yesspider-hacker/log4j-payload-generator | POC Details |
| 321 | Quick and dirty scanner, hitting common ports looking for Log4Shell (CVE-2021-44228) vulnerability | https://github.com/LinkMJB/log4shell_scanner | POC Details |
| 322 | A tool for detect&exploit vmware product log4j(cve-2021-44228) vulnerability.Support VMware HCX/vCenter/NSX/Horizon/vRealize Operations Manager | https://github.com/NS-Sp4ce/Vm4J | POC Details |
| 323 | A spigot plugin to fix CVE-2021-44228 Log4j remote code execution vulnerability, to protect Minecraft clients. | https://github.com/PoneyClairDeLune/LogJackFix | POC Details |
| 324 | Presents how to exploit CVE-2021-44228 vulnerability. | https://github.com/MarceloLeite2604/log4j-vulnerability | POC Details |
| 325 | This repository contains a Spring Boot web application vulnerable to CVE-2021-44228, known as log4shell. | https://github.com/romanutti/log4shell-vulnerable-app | POC Details |
| 326 | Log4j Vulnerability Scanner | https://github.com/marklindsey11/-CVE-2021-44228_scanner-Applications-that-are-vulnerable-to-the-log4j-CVE-2021-44228-https-nvd. | POC Details |
| 327 | Log4j-Scanner | https://github.com/marklindsey11/gh-repo-clone-marklindsey11--CVE-2021-44228_scanner-Applications-that-are-vulnerable-to-the-log4j-CV | POC Details |
| 328 | Log4j2 LDAP 취약점 테스트 (CVE-2021-44228) | https://github.com/mklinkj/log4j2-test | POC Details |
| 329 | Searchable page for CISA Log4j (CVE-2021-44228) Affected Vendor & Software List | https://github.com/4jfinder/4jfinder.github.io | POC Details |
| 330 | None | https://github.com/alexpena5635/CVE-2021-44228_scanner-main-Modified- | POC Details |
| 331 | A vulnerable web app for log4j2 RCE(CVE-2021-44228) exploit test. | https://github.com/kanitan/log4j2-web-vulnerable | POC Details |
| 332 | Backdoor detection for VMware view | https://github.com/mr-r3b00t/CVE-2021-44228 | POC Details |
| 333 | A simple program to demonstrate how Log4j vulnerability can be exploited ( CVE-2021-44228 ) | https://github.com/ChandanShastri/Log4j_Vulnerability_Demo | POC Details |
| 334 | Exploiting CVE-2021-44228 in VMWare Horizon for remote code execution and more. | https://github.com/puzzlepeaches/Log4jHorizon | POC Details |
| 335 | Log4jshell - CVE-2021-44228 | https://github.com/Vulnmachines/log4jshell_CVE-2021-44228 | POC Details |
| 336 | CVE-2021-44228 | https://github.com/mr-vill4in/log4j-fuzzer | POC Details |
| 337 | A vulnerable Java based REST API for demonstrating CVE-2021-44228 (log4shell). | https://github.com/nix-xin/vuln4japi | POC Details |
| 338 | This Log4j RCE exploit originated from https://github.com/tangxiaofeng7/CVE-2021-44228-Apache-Log4j-Rce | https://github.com/maximofernandezriera/CVE-2021-44228 | POC Details |
| 339 | Démo du fonctionnement de log4shell (CVE-2021-44228) | https://github.com/jxerome/log4shell | POC Details |
| 340 | None | https://github.com/solitarysp/Log4j-CVE-2021-44228 | POC Details |
| 341 | Script to create a log4j (CVE-2021-44228) exploit with support for different methods of getting a reverse shell | https://github.com/atlassion/log4j-exploit-builder | POC Details |
| 342 | Fix: CVE-2021-44228 4LOGJ | https://github.com/atlassion/RS4LOGJ-CVE-2021-44228 | POC Details |
| 343 | This work includes testing and improvement tools for CVE-2021-44228(log4j). | https://github.com/sdogancesur/log4j_github_repository | POC Details |
| 344 | This Pwsh script run AppScan Standard scans against a list of web sites (URLs.txt) checking for Log4J (CVE-2021-44228) vulnerability | https://github.com/jrocia/Search-log4Jvuln-AppScanSTD | POC Details |
| 345 | A Java application intentionally vulnerable to CVE-2021-44228 | https://github.com/aajuvonen/log4stdin | POC Details |
| 346 | Static detection of vulnerable log4j librairies on Windows servers, members of an AD domain. | https://github.com/arnaudluti/PS-CVE-2021-44228 | POC Details |
| 347 | POC for Infamous Log4j CVE-2021-44228 | https://github.com/ColdFusionX/CVE-2021-44228-Log4Shell-POC | POC Details |
| 348 | Testing WAF protection against CVE-2021-44228 Log4Shell | https://github.com/robrankin/cve-2021-44228-waf-tests | POC Details |
| 349 | vulnerable setup to display an attack chain of log4j CVE-2021-44228 with privilege escalation to root using the polkit exploit CVE-2021-4034 | https://github.com/0xalwayslucky/log4j-polkit-poc | POC Details |
| 350 | PortSwigger Burp Plugin for the Log4j (CVE-2021-44228) | https://github.com/y-security/yLog4j | POC Details |
| 351 | This repository is for Log4j 2021 (CVE-2021-44228) Vulnerability demonstration and mitigation. | https://github.com/FeryaelJustice/Log4Shell | POC Details |
| 352 | Log4j vulner testing environment based on CVE-2021-44228. It provide guidance to build the sample infrastructure and the exploit scripts. Supporting cooki3 script as the main exploit tools & integration | https://github.com/hotpotcookie/CVE-2021-44228-white-box | POC Details |
| 353 | Rust implementation of the Log 4 Shell (log 4 j - CVE-2021-44228) | https://github.com/s-retlaw/l4srs | POC Details |
| 354 | A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 | https://github.com/Ananya-0306/Log-4j-scanner | POC Details |
| 355 | Springboot web application accepts a name get parameter and logs its value to log4j2. Vulnerable to CVE-2021-44228. | https://github.com/paulvkitor/log4shellwithlog4j2_13_3 | POC Details |
| 356 | HERRAMIENTA AUTOMATIZADA PARA LA DETECCION DE LA VULNERABILIDAD CVE-2021-44228 | https://github.com/MiguelM001/vulescanjndilookup | POC Details |
| 357 | Log4j2组件命令执行RCE / Code By:Jun_sheng | https://github.com/Jun-5heng/CVE-2021-44228 | POC Details |
| 358 | None | https://github.com/honypot/CVE-2021-44228 | POC Details |
| 359 | None | https://github.com/honypot/CVE-2021-44228-vuln-app | POC Details |
| 360 | Java application vulnerable to the CVE-2021-44228 (a.k.a log4shell) vulnerability | https://github.com/vulnerable-apps/log4shell-honeypot | POC Details |
| 361 | A Log4j vulnerability scanner is used to identify the CVE-2021-44228 and CVE_2021_45046 | https://github.com/manishkanyal/log4j-scanner | POC Details |
| 362 | CVE-2021-44228 Log4j Summary | https://github.com/TPower2112/Writing-Sample-1 | POC Details |
| 363 | None | https://github.com/Willian-2-0-0-1/Log4j-Exploit-CVE-2021-44228 | POC Details |
| 364 | Generate primary obfuscated or secondary obfuscated CVE-2021-44228 or CVE-2021-45046 payloads to evade WAF detection. | https://github.com/r3kind1e/Log4Shell-obfuscated-payloads-generator | POC Details |
| 365 | Log4Shell Proof-Of-Concept derived from https://github.com/kozmer/log4j-shell-poc | https://github.com/Phineas09/CVE-2021-44228 | POC Details |
| 366 | CVE-2021-44228 vulnerability in Apache Log4j library | https://github.com/hassaanahmad813/log4j | POC Details |
| 367 | None | https://github.com/yuuki1967/CVE-2021-44228-Apache-Log4j-Rce | POC Details |
| 368 | This project files demostrate a proof-of-concept of log4j vulnerability (CVE-2021-44228) on AWS using Terraform Infrastructure-as-a-code means. | https://github.com/moshuum/tf-log4j-aws-poc | POC Details |
| 369 | Proof of concept of the Log4Shell vulnerability (CVE-2021-44228) | https://github.com/jaehnri/CVE-2021-44228 | POC Details |
| 370 | Log4Shell CVE-2021-44228 Demo | https://github.com/ra890927/Log4Shell-CVE-2021-44228-Demo | POC Details |
| 371 | A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 | https://github.com/bughuntar/log4j-scan | POC Details |
| 372 | :page_with_curl: A report about CVE-2021-44228 | https://github.com/vidrez/Ethical-Hacking-Report-Log4j | POC Details |
| 373 | Apache Log4j is a logging tool written in Java. This paper focuses on what is Log4j and log4shell vulnerability and how it works, how it affects the victim, and how can this be mitigated | https://github.com/vino-theva/CVE-2021-44228 | POC Details |
| 374 | None | https://github.com/tharindudh/tharindudh-Log4j-Vulnerability-in-Ghidra-tool-CVE-2021-44228 | POC Details |
| 375 | Simple Java Front and Back end with bad log4j version featuring CVE-2021-44228 | https://github.com/eurogig/jankybank | POC Details |
| 376 | This powershell script is intended to be used by anyone looking to remediate the Log4j Vulnerability within their environment. It can target multiple machines and run remotely as a job on all or only affected devices. | https://github.com/digital-dev/Log4j-CVE-2021-44228-Remediation | POC Details |
| 377 | A Proof-Of-Concept for the CVE-2021-44228 vulnerability. | https://github.com/ocastel/log4j-shell-poc | POC Details |
| 378 | CVE-2021-44228 POC / Example | https://github.com/bcdunbar/CVE-2021-44228-poc | POC Details |
| 379 | DO NOT USE FOR ANYTHING REAL. Simple springboot sample app with vulnerability CVE-2021-44228 aka "Log4Shell" | https://github.com/srcporter/CVE-2021-44228 | POC Details |
| 380 | None | https://github.com/Nexolanta/log4j2_CVE-2021-44228 | POC Details |
| 381 | Vulnerability CVE-2021-44228 allows remote code execution without authentication for several versions of Apache Log4j2 (Log4Shell). Attackers can exploit vulnerable servers by connecting over any protocol, such as HTTPS, and sending a specially crafted string. | https://github.com/demining/Log4j-Vulnerability | POC Details |
| 382 | CVE 2021-44228 Proof-of-Concept. Log4Shell is an attack against Servers that uses vulnerable versions of Log4J. | https://github.com/pierpaolosestito-dev/Log4Shell-CVE-2021-44228-PoC | POC Details |
| 383 | An educational Proof of Concept for the Log4j Vulnerability (CVE-2021-44228) in Minecraft | https://github.com/Sma-Das/Log4j-PoC | POC Details |
| 384 | CVE-2021-44228 | https://github.com/heeloo123/CVE-2021-44228 | POC Details |
| 385 | this web is vulnerable against CVE-2021-44228 | https://github.com/github-kyruuu/log4shell-vulnweb | POC Details |
| 386 | A vulnerable Spring Boot application that uses log4j and is vulnerable to CVE-2021-44228, CVE-2021-44832, CVE-2021-45046 and CVE-2021-45105 | https://github.com/demonrvm/Log4ShellRemediation | POC Details |
| 387 | 💣💥💀 Proof of Concept: пример запуска fork-бомбы на удаленном сервере благодаря уязвимости CVE-2021-44228 | https://github.com/funcid/log4j-exploit-fork-bomb | POC Details |
| 388 | Using this tool, you can scan for remote command execution vulnerability CVE-2021-44228 on Apache Log4j at multiple addresses. | https://github.com/MrHarshvardhan/PY-Log4j-RCE-Scanner | POC Details |
| 389 | None | https://github.com/Muhammad-Ali007/Log4j_CVE-2021-44228 | POC Details |
| 390 | Utilize Tai-e to identify the Log4shell (a.k.a. CVE-2021-44228) Vulnerability | https://github.com/Tai-e/CVE-2021-44228 | POC Details |
| 391 | Log4j Vulnerability RCE - CVE-2021-44228 | https://github.com/LucasPDiniz/CVE-2021-44228 | POC Details |
| 392 | Log4Shell (CVE-2021-44228) minecraft demo. Used for education fairs | https://github.com/felixslama/log4shell-minecraft-demo | POC Details |
| 393 | this web is vulnerable against CVE-2021-44228 | https://github.com/sebuahapel/log4shell-vulnweb | POC Details |
| 394 | Instructions for exploiting vulnerabilities CVE-2021-44228 and CVE-2023-46604 | https://github.com/dcm2406/CVELab | POC Details |
| 395 | None | https://github.com/dcm2406/CVE-2021-44228 | POC Details |
| 396 | this web is vulnerable against CVE-2021-44228 | https://github.com/s3buahapel/log4shell-vulnweb | POC Details |
| 397 | Instructions for exploiting vulnerabilities CVE-2021-44228 and CVE-2023-46604 | https://github.com/dcm2406/CVE-Lab | POC Details |
| 398 | jee web project with log4shell (CVE-2021-44228) vulnerability | https://github.com/scabench/l4j-tp1 | POC Details |
| 399 | jee web project with sanitised log4shell (CVE-2021-44228) vulnerability | https://github.com/scabench/l4j-fp1 | POC Details |
| 400 | A Terraform to deploy vulnerable app and a JDNIExploit to work with CVE-2021-44228 | https://github.com/mkhazamipour/log4j-vulnerable-app-cve-2021-44228-terraform | POC Details |
| 401 | this web is vulnerable against CVE-2021-44228 | https://github.com/53buahapel/log4shell-vulnweb | POC Details |
| 402 | Log4Shell CVE Analysis | https://github.com/ItsCbass/CVE-2021-44228 | POC Details |
| 403 | This is a potentially vulnerable Java web application containing Log4j affected by log4shell(CVE-2021-44228). | https://github.com/KtokKawu/l4s-vulnapp | POC Details |
| 404 | exploit CVE-2021-44228 | https://github.com/sec13b/CVE-2021-44228-POC | POC Details |
| 405 | CVE-2021-44228 | https://github.com/ShlomiRex/log4shell_lab | POC Details |
| 406 | Downloaded a packet capture (.pcapng) file from malware-traffic-analysis.net which was an example of an attempted attack against a webserver using the Log4J vulnerability (CVE-2021-44228). I examined teh amount of endpoints communicating with the server and knowing jnidi as a common in the vulnerbilty found it in clear text | https://github.com/KirkDJohnson/Wireshark | POC Details |
| 407 | None | https://github.com/YangHyperData/LOGJ4_PocShell_CVE-2021-44228 | POC Details |
| 408 | Created after the disclosure of CVE-2021-44228. Bash script that detects Log4j occurrences in your projects and systems, allowing you to get insight on versions used. Unpacks JARs and analyses their Manifest files. | https://github.com/mebibite/log4jhound | POC Details |
| 409 | None | https://github.com/Panyaprach/Prove-CVE-2021-44228 | POC Details |
| 410 | None | https://github.com/c0d3cr4f73r/CVE-2021-44228 | POC Details |
| 411 | On Thursday (December 9th), a 0-day exploit in the popular Java logging library log4j (version 2) was discovered that results in Remote Code Execution (RCE) by logging a certain string. Given how ubiquitous this library is, the impact of the exploit (full server control), and how easy it is to exploit, the impact of this vulnerability is quite severe. We're calling it "Log4Shell" for short. | https://github.com/dark-ninja10/Log4j-CVE-2021-44228 | POC Details |
| 412 | IOCs for CVE-2021-44228 | https://github.com/xungzzz/VTI-IOCs-CVE-2021-44228 | POC Details |
| 413 | None | https://github.com/Hoanle396/CVE-2021-44228-demo | POC Details |
| 414 | Objective: Demonstrate the exploitation of the Log4Shell vulnerability (CVE-2021-44228) within a simulated banking application environment. | https://github.com/tadash10/Exploiting-CVE-2021-44228-Log4Shell-in-a-Banking-Environment | POC Details |
| 415 | CVE-2021-44228 vulnerability study | https://github.com/asd58584388/CVE-2021-44228 | POC Details |
| 416 | None | https://github.com/OtisSymbos/CVE-2021-44228-Log4Shell- | POC Details |
| 417 | Log4J exploit CVE-2021-44228 | https://github.com/safeer-accuknox/log4j-shell-poc | POC Details |
| 418 | A script to search, scrape and scan for Apache Log4j CVE-2021-44228 affected files using Google dorks | https://github.com/cergo123/log4j-dork-scanner | POC Details |
| 419 | Fun things against the abuse of the recent CVE-2021-44228 (Log4Shell) vulnerability using common web servers. | https://github.com/ph0lk3r/anti-jndi | POC Details |
| 420 | log4shell sample application (CVE-2021-44228) | https://github.com/Kadantte/CVE-2021-44228-poc | POC Details |
| 421 | None | https://github.com/rohan-flutterint/CVE-2021-44228_scanner | POC Details |
| 422 | Proof of Concept (PoC) for the Log4Shell vulnerability (CVE-2021-44228), developed as part of the coursework for the curricular unit TPAS in the Master's degree in Information Security at FCUP. | https://github.com/Carlos-Mesquita/TPASLog4ShellPoC | POC Details |
| 423 | In December 2021, the world of cybersecurity was shaken by the discovery of the Log4Shell vulnerability (CVE-2021-44228), embedded within the widely-used Apache Log4j library. With a CVSS score of 10 | https://github.com/AhmedMansour93/-Unveiling-the-Lessons-from-Log4Shell-A-Wake-Up-Call-for-Cybersecurity- | POC Details |
| 424 | 这是安徽大学 “漏洞分析实验”(大三秋冬)期中作业归档。完整文档位于https://testgames.me/2024/11/10/cve-2021-44228/ | https://github.com/Super-Binary/cve-2021-44228 | POC Details |
| 425 | None | https://github.com/cve-2021-44228/cve-2021-44228 | POC Details |
| 426 | None | https://github.com/Sumitpathania03/LOG4J-CVE-2021-44228 | POC Details |
| 427 | None | https://github.com/JanICT/poc-ldap-cve-2021-44228 | POC Details |
| 428 | None | https://github.com/Kz0x-337/CVE-2021-44228 | POC Details |
| 429 | 调试环境 | https://github.com/ZacharyZcR/CVE-2021-44228 | POC Details |
| 430 | CVE-2021-44228 | https://github.com/c3-h2/Log4j_Attacker_IPList | POC Details |
| 431 | None | https://github.com/qw3rtyou/CVE-2021-44228_dockernize | POC Details |
| 432 | This repository provides an in-depth analysis of the Log4Shell vulnerability (CVE-2021-44228) and implements a machine learning-based approach to detect exploitation attempts in log data. | https://github.com/yadavmukesh/Log4Shell-vulnerability-CVE-2021-44228- | POC Details |
| 433 | Tool that runs a test to check whether one of your applications is affected by the recent vulnerabilities in log4j: CVE-2021-44228 and CVE-2021-45046 cve-2021-44228, cve-2021-45046, dns, jndi, ldap, log4j, log4shell | https://github.com/blackmidnig/log4shell-tools | POC Details |
| 434 | Tool that runs a test to check whether one of your applications is affected by the recent vulnerabilities in log4j: CVE-2021-44228 and CVE-2021-45046 cve-2021-44228, cve-2021-45046, dns, jndi, ldap, log4j, log4shell | https://github.com/lustrouscave/log4shell-tools | POC Details |
| 435 | None | https://github.com/wheezysec/CVE-2021-44228-kusto | POC Details |
| 436 | Tool that runs a test to check whether one of your applications is affected by the recent vulnerabilities in log4j: CVE-2021-44228 and CVE-2021-45046 cve-2021-44228, cve-2021-45046, dns, jndi, ldap, log4j, log4shell | https://github.com/surprisedmo/log4shell-tools | POC Details |
| 437 | CVE-2021-44228 | https://github.com/chihyeonwon/Log4shell | POC Details |
| 438 | None | https://github.com/Rainyseason-c/log4j2_CVE-2021-44228 | POC Details |
| 439 | CVE-2021-44228 | https://github.com/mr-won/Log4shell | POC Details |
| 440 | Spring Boot is susceptible to remote code execution via Apache Log4j. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/springboot/springboot-log4j-rce.yaml | POC Details |
| 441 | Multiple Code42 components are impacted by the logj4 vulnerability. Affected Code42 components include: - Code42 cloud: Updated Log4j from 2.15.0 to 2.17.1 on January 26, 2022 - Code42 app for Incydr Basic and Advanced and CrashPlan Cloud product plans: Updated Log4j from 2.16.0 to 2.17.1 on January 18, 2022 - Code42 User Directory Sync (UDS): Updated Log4j from 2.15.0 to 2.17.1 on February 2, 2022 - On-premises Code42 server: Mitigated from Log4j vulnerabilities by following these steps - On-premises Code42 app: Updated to Log4j 2.16 on December 17, 2021 | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/code42/code42-log4j-rce.yaml | POC Details |
| 442 | JamF is susceptible to remote code execution via the Apache log4j library. Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker-controlled LDAP and other JNDI-related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml | POC Details |
| 443 | Ivanti MobileIron is susceptible to remote code execution via the Apache Log4j2 library. Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker-controlled LDAP and other JNDI-related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml | POC Details |
| 444 | Sonicwall NSM is susceptible to Log4j JNDI remote code execution. SonicWall Network Security Manager (NSM) allows you to centrally orchestrate all firewall operations error-free, see and manage threats and risks across your firewall ecosystem from one place, and stay connected and compliant. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/sonicwall-nsm-log4j-rce.yaml | POC Details |
| 445 | Apache Druid is vulnerable to RCE due to Log4j. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/apache-druid-log4j.yaml | POC Details |
| 446 | UniFi Network Application is susceptible to a critical vulnerability in Apache Log4j (CVE-2021-44228) that may allow for remote code execution in an impacted implementation. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/unifi-network-log4j-rce.yaml | POC Details |
| 447 | OpenShift is susceptible to Log4j JNDI remote code execution. OpenShift is a unified platform to build, modernize, and deploy applications at scale. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/openshift-log4j-rce.yaml | POC Details |
| 448 | Jitsi Meet is susceptible to Log4j JNDI remote code execution. Jitsi is a collection of free and open-source multiplatform voice, video conferencing and instant messaging applications for the Web platforms. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/jitsi-meet-log4j-rce.yaml | POC Details |
| 449 | Symantec SPEM is susceptible to Log4j JNDI remote code execution. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/symantec-sepm-log4j-rce.yaml | POC Details |
| 450 | Citrix XenApp is susceptible to Log4j JNDI remote code execution. Citrix Virtual Apps is an application virtualization software produced by Citrix Systems that allows Windows applications to be accessed via individual devices from a shared server or cloud system. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/citrix-xenapp-log4j-rce.yaml | POC Details |
| 451 | Logstash is susceptible to Log4j JNDI remote code execution. Logstash is a free and open server-side data processing pipeline that ingests data from a multitude of sources, transforms it, and then sends it to your favorite "stash." | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/logstash-log4j-rce.yaml | POC Details |
| 452 | Papercut is susceptible to Log4j JNDI remote code execution. Papercut is a print management system. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/papercut-log4j-rce.yaml | POC Details |
| 453 | Rundeck is susceptible to remote code execution via the Apache Log4j framework. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/rundeck-log4j.yaml | POC Details |
| 454 | GoAnywhere Managed File Transfer is vulnerable to a remote command execution (RCE) issue via the included Apache Log4j. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/goanywhere-mft-log4j-rce.yaml | POC Details |
| 455 | Metabase is susceptible to remote code execution due to an incomplete patch in Apache Log4j 2.15.0 in certain non-default configurations. A remote attacker can pass malicious data and perform a denial of service attack, exfiltrate data, or execute arbitrary code. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/metabase-log4j.yaml | POC Details |
| 456 | Splunk Enterprise is susceptible to Log4j JNDI remote code execution. Splunk Enterprise enables you to search, analyze and visualize your data to quickly act on insights from across your technology landscape. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/splunk-enterprise-log4j-rce.yaml | POC Details |
| 457 | OpenNMS JNDI is susceptible to remote code execution via Apache Log4j 2.14.1 and before. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/opennms-log4j-jndi-rce.yaml | POC Details |
| 458 | Seeyon OA is susceptible to remote code execution via the Apache Log4j 2 library prior to 2.15.0 by recording its own log information, specifically with specially crafted values sent as user input. Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker-controlled LDAP and other JNDI-related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/seeyon-oa-log4j.yaml | POC Details |
| 459 | Elasticsearch 5 is susceptible to remote code execution via the Apache Log4j framework. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/elasticsearch5-log4j-rce.yaml | POC Details |
| 460 | Graylog is susceptible to remote code execution via the Apache Log4j 2 library prior to 2.15.0 by recording its own log information, specifically with specially crafted values sent as user input. Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker-controlled LDAP and other JNDI-related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/graylog-log4j.yaml | POC Details |
| 461 | Manage Engine Endpoint Central (formerly Desktop Central) is susceptible to Log4j JNDI remote code execution. Endpoint Central is a Unified Endpoint Management (UEM) & Endpoint protection suite that helps manage and secure various network devices | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/manage-engine-dc-log4j-rce.yaml | POC Details |
| 462 | F-Secure Policy Manager is susceptible to Log4j JNDI remote code execution. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/f-secure-policymanager-log4j-rce.yaml | POC Details |
| 463 | Pega is susceptible to Log4j JNDI remote code execution. Pega provides a powerful low-code platform that empowers the world's leading enterprises to Build for Change. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/pega-log4j-rce.yaml | POC Details |
| 464 | XenMobile Server is an on-premises enterprise mobility management solution and versions 10.14 RP2, 10.13 RP5 and 10.12 RP10 are vulnerable to CVE-2021-44228 (Apache Log4j). JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/xenmobile-server-log4j.yaml | POC Details |
| 465 | FortiPortal is susceptible to Log4j JNDI remote code execution. FortiPortal provides comprehensive security management and analytics within a multi-tenant, multi-tier management framework. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/fortiportal-log4j-rce.yaml | POC Details |
| 466 | VMware Site Recovery Manager is susceptible to remote code execution via the Apache Log4j framework. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/vmware-siterecovery-log4j-rce.yaml | POC Details |
| 467 | Okta is susceptible to Log4j JNDI remote code execution. Okta provides cloud software that helps companies manage and secure user authentication into applications, and for developers to build identity controls into applications, website web services and devices. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/okta-log4j-rce.yaml | POC Details |
| 468 | Cisco vManage is susceptible to remote code execution via the Apache Log4j framework. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. More information is available in the cisco-sa-apache-log4j-qRuKNEbd advisory. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/cisco/cisco-vmanage-log4j.yaml | POC Details |
| 469 | Cisco CloudCenter Suite is susceptible to remote code execution via the Apache Log4j library. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker-controlled LDAP and other JNDI-related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/cisco/cisco-cloudcenter-suite-log4j-rce.yaml | POC Details |
| 470 | Cisco BroadWorks is susceptible to Log4j JNDI remote code execution. Cisco BroadWorks is an enterprise-grade calling and collaboration platform delivering unmatched performance, security and scale. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/cisco/cisco-broadworks-log4j-rce.yaml | POC Details |
| 471 | Cisco WebEx is susceptible to Log4j JNDI remote code execution. Cisco WebEx provides web conferencing, videoconferencing and contact center as a service applications. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/cisco/cisco-webex-log4j-rce.yaml | POC Details |
| 472 | Cisco Unified Communications is susceptible to remote code execution via the Apache Log4j framework. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/cisco/cisco-unified-communications-log4j.yaml | POC Details |
| 473 | Apache OFBiz is affected by a remote code execution vulnerability in the bundled Apache Log4j logging library. Apache Log4j is vulnerable due to insufficient protections on message lookup substitutions when dealing with user controlled input. A remote, unauthenticated attacker can exploit this, via a web request, to execute arbitrary code with the permission level of the running Java process. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/apache/apache-ofbiz-log4j-rce.yaml | POC Details |
| 474 | Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. This vulnerability affects Solr 7+. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/apache/apache-solr-log4j-rce.yaml | POC Details |
| 475 | JamF is susceptible to Lof4j JNDI remote code execution. JamF is the industry standard when it comes to the management of iOS devices (iPhones and iPads), macOS computers (MacBooks, iMacs, etc.), and tvOS devices (Apple TV). | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/apache/log4j/jamf-pro-log4j-rce.yaml | POC Details |
| 476 | VMware vRealize Operations is susceptible to a critical vulnerability in Apache Log4j which may allow remote code execution in an impacted vRealize Operations Tenant application. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml | POC Details |
| 477 | VMware Operations Manager is susceptible to remote code execution via the Apache Log4j framework. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/vmware/vmware-operation-manager-log4j.yaml | POC Details |
| 478 | VMware VCenter is susceptible to remote code execution via the Apache Log4j framework. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/vmware/vmware-vcenter-log4j-jndi-rce.yaml | POC Details |
| 479 | VMware NSX is susceptible to remote code execution via the Apache Log4j framework. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/vmware/vmware-nsx-log4j.yaml | POC Details |
| 480 | VMware HCX is susceptible to remote code execution via the Apache Log4j framework. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/vmware/vmware-hcx-log4j.yaml | POC Details |
| 481 | VMware Horizon is susceptible to remote code execution via the Apache Log4j framework. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/vmware/vmware-horizon-log4j-jndi-rce.yaml | POC Details |
| 482 | Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-44228.yaml | POC Details |
| 483 | None | https://github.com/Threekiii/Awesome-POC/blob/master/%E4%B8%AD%E9%97%B4%E4%BB%B6%E6%BC%8F%E6%B4%9E/Apache%20Log4j2%20lookup%20JNDI%20%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E%20CVE-2021-44228.md | POC Details |
| 484 | https://github.com/vulhub/vulhub/blob/master/log4j/CVE-2021-44228/README.md | POC Details | |
| 485 | CVE-2021-44228 | https://github.com/user20252228/Log4shell | POC Details |
| 486 | Kiểm thử xâm nhập | https://github.com/khaidtraivch/CVE-2021-44228-Log4Shell- | POC Details |
| 487 | Log4Shell (CVE-2021-44228) PoC Application | https://github.com/NikitaPark/Log4Shell-PoC-Application | POC Details |
| 488 | CVE-2021-44228 | https://github.com/tpdlshdmlrkfmcla/Log4shell | POC Details |
| 489 | The Web Is Vulnerable to CVE-2021-44228 | https://github.com/Fauzan-Aldi/Log4j-_Vulnerability | POC Details |
| 490 | Log4Shell (CVE-2021-44228) exploit demo for SEAS 8405. Includes a vulnerable Spring Boot app, fake LDAP server, Docker setup, MITRE mapping, incident response, and a full screen recording. | https://github.com/SerpilRivas/log4shell-homework9 | POC Details |
| 491 | CVE-2021-44228 Vulnerability Reproduction Environment CVE-2021-44228 漏洞复现环境 | https://github.com/x1ongsec/CVE-2021-44228-Log4j-JNDI | POC Details |
| 492 | Praktische Demonstration der Log4Shell-Sicherheitslücke (CVE-2021-44228) | https://github.com/fabioeletto/hka-seminar-log4shell | POC Details |
| 493 | None | https://github.com/cuijiung/log4j-CVE-2021-44228 | POC Details |
| 494 | None | https://github.com/Alan-coder-eng/log4j-cve-2021-44228- | POC Details |
| 495 | A simple Log4j PoC written in Go | https://github.com/Sorrence/CVE-2021-44228 | POC Details |
| 496 | Log4Shell CVE-2021-44228 PoC | https://github.com/moften/Log4Shell | POC Details |
| 497 | None | https://github.com/Rohan-flutterint/CVE-2021-44228_scanner | POC Details |
| 498 | This repository documents how deployment of Microsoft Defender for Endpoint on a Windows 11 device, including onboarding via local script, enabling device discovery, configuring Log4j2 detection (CVE-2021-44228), and validating incident response workflows. | https://github.com/KamalideenAK/Microsoft-Defender-for-Endpoint-Deployment-on-Windows-10-11-device | POC Details |
| 499 | Log4Shell (CVE-2021-44228) PoC | https://github.com/arabindadora/log4shell | POC Details |
| 500 | None | https://github.com/d4ngkh04w/CVE-2021-44228-Apache-Log4j | POC Details |
| 501 | XenMobile Server is an on-premises enterprise mobility management solution and versions 10.14 RP2, 10.13 RP5 and 10.12 RP10 are vulnerable to CVE-2021-44228 (Apache Log4j). JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/xenmobile-server-log4j-rce.yaml | POC Details |
| 502 | Apache Druid is vulnerable to RCE due to Log4j. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/apache-druid-log4j-rce.yaml | POC Details |
| 503 | None | https://github.com/d4ngkh04w/CVE-2021-44228-Apache-Log4j2 | POC Details |
| 504 | Ivanti MobileIron is susceptible to remote code execution via the Apache Log4j2 library. Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker-controlled LDAP and other JNDI-related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/mobileiron/mobileiron-log4j-rce.yaml | POC Details |
| 505 | VMware NSX is susceptible to remote code execution via the Apache Log4j framework. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/vmware/vmware-nsx-log4j-rce.yaml | POC Details |
| 506 | VMware VCenter is susceptible to remote code execution via the Apache Log4j framework. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/vmware/vmware-vcenter-log4j-rce.yaml | POC Details |
| 507 | VMware Horizon is susceptible to remote code execution via the Apache Log4j framework. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/vmware/vmware-horizon-log4j-rce.yaml | POC Details |
| 508 | VMware HCX is susceptible to remote code execution via the Apache Log4j framework. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/vmware/vmware-hcx-log4j-rce.yaml | POC Details |
| 509 | VMware Operations Manager is susceptible to remote code execution via the Apache Log4j framework. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/vmware/vmware-operation-manager-log4j-rce.yaml | POC Details |
| 510 | Cisco Unified Communications is susceptible to remote code execution via the Apache Log4j framework. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/cisco/cisco-unified-communications-log4j-rce.yaml | POC Details |
| 511 | Cisco vManage is susceptible to remote code execution via the Apache Log4j framework. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. More information is available in the cisco-sa-apache-log4j-qRuKNEbd advisory. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/cisco/cisco-vmanage-log4j-rce.yaml | POC Details |
| 512 | JamF is susceptible to remote code execution via the Apache log4j library. Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker-controlled LDAP and other JNDI-related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/jamf/jamf-log4j-rce.yaml | POC Details |
| 513 | OpenNMS JNDI is susceptible to remote code execution via Apache Log4j 2.14.1 and before. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/opennms-log4j-rce.yaml | POC Details |
| 514 | Rundeck is susceptible to remote code execution via the Apache Log4j framework. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/rundeck-log4j-rce.yaml | POC Details |
| 515 | Seeyon OA is susceptible to remote code execution via the Apache Log4j 2 library prior to 2.15.0 by recording its own log information, specifically with specially crafted values sent as user input. Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker-controlled LDAP and other JNDI-related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/seeyon-oa-log4j-rce.yaml | POC Details |
| 516 | Graylog is susceptible to remote code execution via the Apache Log4j 2 library prior to 2.15.0 by recording its own log information, specifically with specially crafted values sent as user input. Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker-controlled LDAP and other JNDI-related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/graylog-log4j-rce.yaml | POC Details |
| 517 | Metabase is susceptible to remote code execution due to an incomplete patch in Apache Log4j 2.15.0 in certain non-default configurations. A remote attacker can pass malicious data and perform a denial of service attack, exfiltrate data, or execute arbitrary code. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/other/metabase-log4j-rce.yaml | POC Details |
| 518 | Apache Druid is vulnerable to RCE due to Log4j. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/vulnerabilities/apache/apache-druid-log4j-rce.yaml | POC Details |
| 519 | Demo of CVE-2021-44228 Log4Shell. | https://github.com/Mintimate/log4j2-bugmaker | POC Details |
| 520 | CVE-2021-44228 | https://github.com/B1ack4sh/Blackash-CVE-2021-44228 | POC Details |
| 521 | This repository contains my work for a cybersecurity assignment where I exploited the real-world Log4Shell (CVE-2021-44228) vulnerability inside a safe, controlled virtual machine. The project followed a Capture-the-Flag format with multiple exploitation tasks to retrieve hidden flags. | https://github.com/mgueye3/Log4Shell | POC Details |
| 522 | Technical deep dive into Apache Log4j2 JNDI injection vulnerability. Features static code analysis, patch comparison, attack vectors (LDAP/RMI/DNS), and enterprise mitigation guidance. | https://github.com/PCMKUIT/CVE-2021-44228---Log4Shell-Analysis | POC Details |
| 523 | Log4J CVE-2021-44228 Minecraft PoC | https://github.com/mrlnstk/cve-2021-44228-minecraft-poc | POC Details |
| 524 | CVE-2021-44228 | https://github.com/Ashwesker/Blackash-CVE-2021-44228 | POC Details |
| 525 | Hands-on lab for exploiting and understanding Log4Shell (CVE-2021-44228) using Docker, Kali Linux, Burp Suite and log4j-shell-poc. For teaching and defensive training in controlled lab environments only. | https://github.com/DrHaitham/Log4Shell-CVE-2021-44228 | POC Details |
| 526 | Étude technique et mise en œuvre d'un environnement de test pour la faille Apache Log4j (CVE-2021-44228). Contient un Proof of Concept (PoC) Dockerisé et une proposition de mise à jour de PSSI. Pour un objectif de TP | https://github.com/Loliverte/Log4j-Vulnerability | POC Details |
| 527 | None | https://github.com/IAmNewbieZ/CVE-2021-44228 | POC Details |
| 528 | None | https://github.com/dbwlsdnr95/CVE-2021-44228-log4shell | POC Details |
| 529 | **Log4Shell PoC is a high-fidelity exploitation environment designed to replicate the CVE-2021-44228 vulnerability.** It provides a containerized sandbox to demonstrate JNDI injection, LDAP/RMI referral redirection, and remote code execution (RCE) via the Log4j 2 library. | https://github.com/JoseMariaMicoli/Log4Shell-PoC | POC Details |
| 530 | Script en bash que permite identificar la vulnerabilidad Log4j CVE-2021-44228 de forma remota. | https://github.com/ssl-user-en/Log4j-Scanner-Exploit | POC Details |
| 531 | None | https://github.com/dbwlsdnr95/CVE-2021-44228 | POC Details |
| 532 | Log4Shell (CVE-2021-44228) security remediation demo - Showcasing Antigravity's ability to identify and fix critical security vulnerabilities in Java applications | https://github.com/agylabs/log4shell-remediation | POC Details |
No public POC found.
Login to generate AI POCHello team! I came across a 162 great website that I think you should dive into. This tool is packed with a lot of useful information that you might find interesting. It has everything you could possibly need, so be sure to give it a visit! [url=https://alternativeway.net/why-are-airports-so-confusing-the-psychology-of-terminal-design/]https://alternativeway.net/why-are-airports-so-confusing-the-psychology-of-terminal-design/[/url] Furthermore don't neglect, everyone, which you constantly may inside this particular piece find solutions to address the most most confusing questions. The authors attempted — explain the complete data via the most most easy-to-grasp way.