GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → boundaryx → cloudrasp-log4j2

boundaryx / cloudrasp-log4j2

Licence: Apache-2.0 license
一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense.

Programming Languages

java
68154 projects - #9 most used programming language
shell
77523 projects

Labels

securityprotectionlog4jrcevulnerabilityhardeningdefenselog4j2security-toolsraspcve-2021-44228

Projects that are alternatives of or similar to cloudrasp-log4j2

Log4j-RCE-Scanner
Remote command execution vulnerability scanner for Log4j.
Stars: ✭ 200 (+90.48%)
Mutual labels:  log4j, rce, log4j2, cve-2021-44228
log4shell-finder
Fastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excellent performance and low memory footprint.
Stars: ✭ 22 (-79.05%)
Mutual labels:  log4j, vulnerability, log4j2, cve-2021-44228
log4j-sniffer
A tool that scans archives to check for vulnerable log4j versions
Stars: ✭ 180 (+71.43%)
Mutual labels:  log4j, log4j2, cve-2021-44228
log4jpwn
log4j rce test environment and poc
Stars: ✭ 306 (+191.43%)
Mutual labels:  log4j, rce, cve-2021-44228
log4jscanwin
Log4j Vulnerability Scanner for Windows
Stars: ✭ 142 (+35.24%)
Mutual labels:  log4j, vulnerability, cve-2021-44228
log4jshield
Log4j Shield - fast ⚡, scalable and easy to use Log4j vulnerability CVE-2021-44228 finder and patcher
Stars: ✭ 13 (-87.62%)
Mutual labels:  log4j, log4j2, cve-2021-44228
log4shelldetect
Rapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or "that Log4j JNDI exploit" by inspecting the class paths inside files
Stars: ✭ 40 (-61.9%)
Mutual labels:  log4j, log4j2, cve-2021-44228
python-log4rce
An All-In-One Pure Python PoC for CVE-2021-44228
Stars: ✭ 179 (+70.48%)
Mutual labels:  log4j, rce, cve-2021-44228
HackLog4j
《HackLog4j-永恒之恶龙》致敬全宇宙最无敌的Java日志库!Tribute to the most invincible Java logging library in the universe!
Stars: ✭ 161 (+53.33%)
Mutual labels:  log4j, log4j2, cve-2021-44228
Log4jPatcher
A mitigation for CVE-2021-44228 (log4shell) that works by patching the vulnerability at runtime. (Works with any vulnerable java software, tested with java 6 and newer)
Stars: ✭ 43 (-59.05%)
Mutual labels:  log4j, log4j2, cve-2021-44228
safelog4j
Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading
Stars: ✭ 38 (-63.81%)
Mutual labels:  log4j, vulnerability, rasp
nmap-log4shell
Nmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)
Stars: ✭ 54 (-48.57%)
Mutual labels:  log4j, vulnerability, cve-2021-44228
awesome-list-of-secrets-in-environment-variables
🦄🔒 Awesome list of secrets in environment variables 🖥️
Stars: ✭ 538 (+412.38%)
Mutual labels:  log4j, cve-2021-44228
Ansible Ssh Hardening
This Ansible role provides numerous security-related ssh configurations, providing all-round base protection.
Stars: ✭ 746 (+610.48%)
Mutual labels:  protection, hardening
PayloadsAll
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (-70.48%)
Mutual labels:  rce, vulnerability
Personal Security Checklist
🔒 A curated checklist of 300+ tips for protecting digital security and privacy in 2021
Stars: ✭ 2,388 (+2174.29%)
Mutual labels:  protection, defense
Ansible Collection Hardening
This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL
Stars: ✭ 2,543 (+2321.9%)
Mutual labels:  protection, hardening
Ansible Mysql Hardening
This Ansible role provides security configuration for MySQL.
Stars: ✭ 132 (+25.71%)
Mutual labels:  protection, hardening
Portforge
Lightweight utility to fool port scanners
Stars: ✭ 23 (-78.1%)
Mutual labels:  protection, defense
log4j-shell-poc
A Proof-Of-Concept for the CVE-2021-44228 vulnerability.
Stars: ✭ 1,536 (+1362.86%)
Mutual labels:  log4j, cve-2021-44228
View All Similar Projects ➔

CloudArmor · Runtime Application Self-Protection Module - Log4j2 Version

简体中文

This project is a local version from CloudArmor specifically built for defending Log4j2 CVE-2021-44228 . No network connection is required to run this project.

Please DO TESTING before deploying it to production environment.

The application self-defense module uses RASP technology to inject probes into Java applications. The detection of log4j2 is achieved by detecting the execution context, which can also provide protection for non-Web business programs.

The defense module will block JNDI injection initiated through log4j2 by default.

It is worth noting that although Oracle no longer loads remote classes through JNDI by default in 6u211, 7u201, 8u191, and 11.0.1, attackers have discovered that remote command execution can still be accomplished through third-party components such as tomcat-el.

Installation

This project includes two JAR packages, rasp-loader.jar and rasp-core.jar, which have been compiled to dist.

The self-defense module supports normal and restart-free installation.

Normal installation

Append -javaagent:rasp-loader.jar to Java program startup script argument list

Example: for SpringBoot applications, modify the argument list to append java -javaagent:rasp-loader.jar -jar springboot.jar

Restart-free installation

Execute java -jar rasp-loader.jar, and follow the prompts to inject into specific JVM processes

img.png

Interception test

img.png

Compile from source

Run build.sh

Compatibility

Support JDK from version 6 to 16

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].