151 Open source projects that are alternatives of or similar to log4j-cve-2021-44228

《HackLog4j-永恒之恶龙》致敬全宇宙最无敌的Java日志库！Tribute to the most invincible Java logging library in the universe!

Tool that runs a test to check whether one of your applications is affected by the recent vulnerabilities in log4j: CVE-2021-44228 and CVE-2021-45046

A mitigation for CVE-2021-44228 (log4shell) that works by patching the vulnerability at runtime. (Works with any vulnerable java software, tested with java 6 and newer)

Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too!

Remote command execution vulnerability scanner for Log4j.

Log4j Vulnerability Scanner for Windows

log4j rce test environment and poc

Log4j Shield - fast ⚡, scalable and easy to use Log4j vulnerability CVE-2021-44228 finder and patcher

Rapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or "that Log4j JNDI exploit" by inspecting the class paths inside files

Nmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)

Fastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excellent performance and low memory footprint.

An All-In-One Pure Python PoC for CVE-2021-44228

Log4j jndi injection fuzz tool

A Proof-Of-Concept for the CVE-2021-44228 vulnerability.

一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense.

An Awesome List of Log4Shell resources to help you stay informed and secure! 🔒

log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

Log4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.

A tool that scans archives to check for vulnerable log4j versions

🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks

A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.

Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading

🦄🔒 Awesome list of secrets in environment variables 🖥️

Lists of affected components and affected apps/vendors by CVE-2021-44228 (aka Log4shell or Log4j RCE). This list is meant as a resource for security responders to be able to find and address the vulnerability

A tool for detect&exploit vmware product log4j(cve-2021-44228) vulnerability.Support VMware HCX/vCenter/NSX/Horizon/vRealize Operations Manager

INTERCEPT / Policy as Code Static Analysis Auditing / SAST

This repository includes cloud security policies for IaC and live resources.

GitHub Advance Security Compliance Action

A command line tool for detecting vulnerabilities in Python dependencies and doing safe package installs

An open source, multi-cloud DevSecOps compliance checker

CdkGoat is Bridgecrew's "Vulnerable by Design" AWS CDK repository. CdkGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

Внедрение и эксплуатация PT Application Inspector. Подробнее: https://habr.com/ru/company/pt/blog/557142/

Git Anti-Virus Scan Action - Detect trojans, viruses, malware & other malicious threats.

Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.

GitHub Data Loss Prevention (DLP) Action: Scan Pull Requests for sensitive data, like credentials & secrets, PII, credit card numbers, and more.

Liquibase SLF4J Logger.

一个LDAP请求监听器，摆脱dnslog平台和java

Checklist for container security - devsecops practices

OWASP Security Logging library for Java

La intención de la workshop es mostrar y orientar a los equipos de desarrollo, seguridad y devops (entre otros) que quieran comenzar en DevSecOps, a segurar sus aplicaciones o bien a conocer un poco más acerca del desarrollo seguro, para esto, estaremos otorgando algunos tips e información que fuimos aprendiendo para armar un Pipeline DevSecOps …

Java Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynamic hooks.

Improve your code security by running different security checks/validation in a simple way.

tfquery: Run SQL queries on your Terraform infrastructure. Query resources and analyze its configuration using a SQL-powered framework.

Growing repository of Infrastructure as Code demos (initially created for DevOps Wall Street)

A curated list of policy-as-code resources like blogs, videos, and tools to practice on for learning Policy-as-Code.

Logging backend for Akka based on Log4j

https://proandroiddev.com/logging-in-kotlin-8ecfb97a4840

Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayHub project contain one click docker-compose file which configure and run images from docker hub.

Checks Minecraft, MultiMC, Lunar and Badlion logs folder to see if you've been affected by the exploit!

Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228).

JLine 3 appender for Log4j2, allows extending command line apps using colors and command completion

Protect and discover secrets using Gitleaks 🔑

Simple message routing system that receives input messages through a webhook interface and can enforce actions using predefined outputs via integrations.

Vimana is an experimental security framework that aims to provide resources for auditing Python web applications.

Stamp your code with a trackable digital copyright

Log annotation for logging frameworks

微信小程序+微信管理后台+微信用户前台

Vulnerability assessment and penetration testing automation and reporting platform for teams.

Detections for CVE-2021-44228 inside of nested binaries