HackLog4j《HackLog4j-永恒之恶龙》致敬全宇宙最无敌的Java日志库!Tribute to the most invincible Java logging library in the universe!
Stars: ✭ 161 (+177.59%)
log4shell-toolsTool that runs a test to check whether one of your applications is affected by the recent vulnerabilities in log4j: CVE-2021-44228 and CVE-2021-45046
Stars: ✭ 55 (-5.17%)
Log4jPatcherA mitigation for CVE-2021-44228 (log4shell) that works by patching the vulnerability at runtime. (Works with any vulnerable java software, tested with java 6 and newer)
Stars: ✭ 43 (-25.86%)
log4j-detectorLog4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too!
Stars: ✭ 622 (+972.41%)
Log4j-RCE-ScannerRemote command execution vulnerability scanner for Log4j.
Stars: ✭ 200 (+244.83%)
log4jscanwinLog4j Vulnerability Scanner for Windows
Stars: ✭ 142 (+144.83%)
log4jpwnlog4j rce test environment and poc
Stars: ✭ 306 (+427.59%)
log4jshieldLog4j Shield - fast ⚡, scalable and easy to use Log4j vulnerability CVE-2021-44228 finder and patcher
Stars: ✭ 13 (-77.59%)
log4shelldetectRapidly scan filesystems for Java programs potentially vulnerable to Log4Shell (CVE-2021-44228) or "that Log4j JNDI exploit" by inspecting the class paths inside files
Stars: ✭ 40 (-31.03%)
nmap-log4shellNmap Log4Shell NSE script for discovery Apache Log4j RCE (CVE-2021-44228)
Stars: ✭ 54 (-6.9%)
log4shell-finderFastest filesystem scanner for log4shell (CVE-2021-44228, CVE-2021-45046) and other vulnerable (CVE-2017-5645, CVE-2019-17571, CVE-2022-23305, CVE-2022-23307 ... ) instances of log4j library. Excellent performance and low memory footprint.
Stars: ✭ 22 (-62.07%)
python-log4rceAn All-In-One Pure Python PoC for CVE-2021-44228
Stars: ✭ 179 (+208.62%)
logmapLog4j jndi injection fuzz tool
Stars: ✭ 60 (+3.45%)
log4j-shell-pocA Proof-Of-Concept for the CVE-2021-44228 vulnerability.
Stars: ✭ 1,536 (+2548.28%)
cloudrasp-log4j2一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense.
Stars: ✭ 105 (+81.03%)
awesome-log4shellAn Awesome List of Log4Shell resources to help you stay informed and secure! 🔒
Stars: ✭ 194 (+234.48%)
log4j-scannerlog4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.
Stars: ✭ 1,212 (+1989.66%)
lunasecLunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Stars: ✭ 1,261 (+2074.14%)
L4shLog4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.
Stars: ✭ 260 (+348.28%)
log4j-snifferA tool that scans archives to check for vulnerable log4j versions
Stars: ✭ 180 (+210.34%)
LogMePwnA fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.
Stars: ✭ 362 (+524.14%)
safelog4jSafelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading
Stars: ✭ 38 (-34.48%)
log4j-log4shell-affectedLists of affected components and affected apps/vendors by CVE-2021-44228 (aka Log4shell or Log4j RCE). This list is meant as a resource for security responders to be able to find and address the vulnerability
Stars: ✭ 49 (-15.52%)
Vm4JA tool for detect&exploit vmware product log4j(cve-2021-44228) vulnerability.Support VMware HCX/vCenter/NSX/Horizon/vRealize Operations Manager
Stars: ✭ 126 (+117.24%)
interceptINTERCEPT / Policy as Code Static Analysis Auditing / SAST
Stars: ✭ 54 (-6.9%)
prancer-compliance-testThis repository includes cloud security policies for IaC and live resources.
Stars: ✭ 32 (-44.83%)
ochrona-cliA command line tool for detecting vulnerabilities in Python dependencies and doing safe package installs
Stars: ✭ 46 (-20.69%)
cscannerAn open source, multi-cloud DevSecOps compliance checker
Stars: ✭ 19 (-67.24%)
cdkgoatCdkGoat is Bridgecrew's "Vulnerable by Design" AWS CDK repository. CdkGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
Stars: ✭ 27 (-53.45%)
dohq-ai-best-practicesВнедрение и эксплуатация PT Application Inspector. Подробнее: https://habr.com/ru/company/pt/blog/557142/
Stars: ✭ 22 (-62.07%)
gitavscanGit Anti-Virus Scan Action - Detect trojans, viruses, malware & other malicious threats.
Stars: ✭ 23 (-60.34%)
netmakerNetmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.
Stars: ✭ 4,147 (+7050%)
nightfall dlp actionGitHub Data Loss Prevention (DLP) Action: Scan Pull Requests for sensitive data, like credentials & secrets, PII, credit card numbers, and more.
Stars: ✭ 46 (-20.69%)
ldap-log一个LDAP请求监听器,摆脱dnslog平台和java
Stars: ✭ 33 (-43.1%)
workshop-devsecopsLa intención de la workshop es mostrar y orientar a los equipos de desarrollo, seguridad y devops (entre otros) que quieran comenzar en DevSecOps, a segurar sus aplicaciones o bien a conocer un poco más acerca del desarrollo seguro, para esto, estaremos otorgando algunos tips e información que fuimos aprendiendo para armar un Pipeline DevSecOps …
Stars: ✭ 14 (-75.86%)
DongTai-agent-javaJava Agent is a Java application probe of DongTai IAST, which collects method invocation data during runtime of Java application by dynamic hooks.
Stars: ✭ 592 (+920.69%)
secure-pipeline-advisorImprove your code security by running different security checks/validation in a simple way.
Stars: ✭ 25 (-56.9%)
tfquerytfquery: Run SQL queries on your Terraform infrastructure. Query resources and analyze its configuration using a SQL-powered framework.
Stars: ✭ 297 (+412.07%)
devops-infra-demoGrowing repository of Infrastructure as Code demos (initially created for DevOps Wall Street)
Stars: ✭ 31 (-46.55%)
awesome-policy-as-codeA curated list of policy-as-code resources like blogs, videos, and tools to practice on for learning Policy-as-Code.
Stars: ✭ 121 (+108.62%)
akka-log4jLogging backend for Akka based on Log4j
Stars: ✭ 28 (-51.72%)
log4khttps://proandroiddev.com/logging-in-kotlin-8ecfb97a4840
Stars: ✭ 12 (-79.31%)
MixewayHubMixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayHub project contain one click docker-compose file which configure and run images from docker hub.
Stars: ✭ 80 (+37.93%)
MC-Log4J-Exploit-CheckerChecks Minecraft, MultiMC, Lunar and Badlion logs folder to see if you've been affected by the exploit!
Stars: ✭ 19 (-67.24%)
log4shell-vulnerable-appSpring Boot web application vulnerable to Log4Shell (CVE-2021-44228).
Stars: ✭ 1,029 (+1674.14%)
TerminalConsoleAppenderJLine 3 appender for Log4j2, allows extending command line apps using colors and command completion
Stars: ✭ 49 (-15.52%)
gitleaksProtect and discover secrets using Gitleaks 🔑
Stars: ✭ 10,520 (+18037.93%)
posteeSimple message routing system that receives input messages through a webhook interface and can enforce actions using predefined outputs via integrations.
Stars: ✭ 160 (+175.86%)
vimana-frameworkVimana is an experimental security framework that aims to provide resources for auditing Python web applications.
Stars: ✭ 47 (-18.97%)
digital-copyrightStamp your code with a trackable digital copyright
Stars: ✭ 17 (-70.69%)
heraldLog annotation for logging frameworks
Stars: ✭ 71 (+22.41%)
hqc mp微信小程序+微信管理后台+微信用户前台
Stars: ✭ 69 (+18.97%)
reconmapVulnerability assessment and penetration testing automation and reporting platform for teams.
Stars: ✭ 242 (+317.24%)
Log4j-CVE-DetectDetections for CVE-2021-44228 inside of nested binaries
Stars: ✭ 33 (-43.1%)