Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
awesome-log4shell
An Awesome List of Log4Shell resources to help you stay informed and secure! 🔒
https://github.com/snyk-labs/awesome-log4shell
Last synced: 2 days ago
JSON representation
-
Explanation
- MITRE CVE - Official CVE page from MITRE.
- Snyk Blog Writeup - Java Champion Brian Vermeer's in depth explanation of the Log4Shell vuln.
- SANS - Initiall analysis and [follow up](https://isc.sans.edu/diary/rss/28122).
- Fastly Blog - Impact, how it works, and timeline.
- Luna Sec - Good tips for detection and remediation.
- Tech Solvency - List of affected vendors and writeups.
- Cado Security - Analysis of the attacks in the wild.
- Rapid7 - Analysis, remediation, and detection.
- Exploiting JNDI injections in Java - Previous article on JNDI injection exploits.
- SLF4J - Comments from SLF4J project.
- MOGWAI LABS vulnerability notes: Log4Shell - General explanation of Log4Shell (CVE-2021-44228).
- Log4j Vulnerability – Things You Should Know - Redhunt Labs coverage around log4shell: Explanation, detection and remediation. Along with tool for mass scanning targets.
- TL;DR: Log4j Vulnerability - Bite sized technical summary of the vulnerability.
- SLF4J - Comments from SLF4J project.
- Luna Sec - Good tips for detection and remediation.
- Cloudflare - Cloudflare analysis of payloads in the wild.
- Understanding Log4Shell: vulnerability, attacks and mitigations - Slide deck for webcast (see under [videos](#Videos)) by Roy van Rijn & Bert Jan Schrijver (OpenValue).
-
Videos
- CVE-2021-44228 - Log4j - MINECRAFT VULNERABLE! (and SO MUCH MORE) - John Hammond, Cybersecurity Researcher @HuntressLabs.
- Blackhat2016 - JNDI manipulation to RCE Dream Land - Blackhat talk from 2016 describing the exploit path.
- Understanding Log4Shell: vulnerability, attacks and mitigations - Webcast by Roy van Rijn & Bert Jan Schrijver (OpenValue).
- Log4Shell Deep Dive - breakpoint your way through the JNDI and HTTP calls leading to an RCE.
- Log4JShell Vulnerability Explained in Simple Terms
- The Log4j vulnerability | The Backend Engineering Show - Explanation of the Log4Shell vulnerability(CVE-2021-44228).
- Can we find Log4Shell with Java Fuzzing? 🔥 (CVE-2021-44228 - Log4j RCE) - Finding the famous Java Log4Shell RCE (CVE-2021-44228) using fuzzing.
-
Vulnerable Software
- NCSC-NL repository - National Cyber Security Centrum list of vulnerable/non-vulnerable software.
- Swithak - List of vendor advisories related to log4shell.
- Elastic - Deep dive into which versions of Elastic are vulnerable and how to fix.
- CISA - CISA list of vulnerable software.
-
Detection & Remediation
- Snyk Detection and Remediation - Find and fix using Snyk.
- Remediation cheat sheet - Remediation cheat sheet from Snyk.
- Log4Shell Tester from Trendmicro - Tool to determine vulnerability.
- Exploiting and Mitigating CVE-2021-44228: Log4j Remote Code Execution (RCE) by Sysdig - Mitigation steps and explanation using Falco and Sysdig Secure.
- MSSP Alert - Good mitigation practices.
- Huntress vulnerability tester - Web based tester.
- Container scanners - How to detect using container scanners.
- Burp Plugin detector - Burp plugin to detect vulnerable hosts.
- LizardLabs query tool - Search for vulnerable jar files using MS Log Parser.
- Canary tokens - Use a canary token to test for vulnerable systems.
- Exploit Strings data - JNDI exploit strings seen in the wild by Rapid7.
- Mitigate attacks using Nginx - A simple and effective way to use Nginx (using a Lua block) to protect against attacks.
- OWASP Core Rule Set - Modsecurity CRS rules.
- How Traefik Plugins Protect Your Apps Against the Log4j Vulnerability - How Traefik Plugins Protect Your Apps Against the Log4j Vulnerability.
- Security Vulnerability in Minecraft: Java Edition - Remediation for Java minecraft servers affected by log4j
- Curated Intelligence Trust Group - Aggregated list of indicators of compromise feeds and threat reports.
- Community Sourced Log4J Attack Surface - List of Log4j attack vectors in popular manufacturers' products.
- log4shell-detector - Checks logs for exploitation attempts.
- Bash IOC scanner - Latest Fenrir supports checking for log4shell compromise and vulnerability.
- Threatview IP list - List of IP addresses currently exploiting log4shell.
- log4j-detector - Detects vulnerable log4j versions on your file-system within any application.
- log4jshell-bytecode-detector from CodeShield - Analyses jar files and detects the vulnerability on a class file level. The repository additionally contains a list of Artifacts on Maven Central that are also affected.
- AWS daemonset - Daemonset from AWS to mitigate vulnerable instances in Kubernetes.
- Hotpatch tool - JVM level hotpatch tool from AWS.
- Log4Shell Tester from Trendmicro - Tool to determine vulnerability.
- Google Cloud recommendations for investigating and responding to the Apache “Log4j 2” vulnerability - Google Cloud recommendations for Detection and Remediation of the Log4Shell vulnerability.
- Public hunt for WAF bypasses - Public hunt for WAF bypasses.
- log4j-resources - Resources and guides collected by GitLab's Developer Evangelism team.
-
Articles
-
Twitter Discussions
- Log4Shell spreadsheet - Spreadsheet for defenders listing vendors and products.
- Incredible discussion around Log4j - Best list of vulnerable software, services and patches
-
Examples & Proofs of Concept
- Various Log4Shell PoC - Analysis of various products with curl-based proof of concepts. Includes Struts2, Solr, VSphere, Druid, James, and more.
- Gamifying Log4j Vulnerability - Exploit Log4J in example code.
- CVE-2021-44228 log4j Exploitation in Action: RCE reverse shell on AWS cloud - Log4Shell exploitation with RCE reverse shell on AWS Cloud.
- Log4Shell PoC - Full stack demo including Java LDAP and HTTP servers and vulnerable Java client. **NOTE**: It's part of the larger `java-goof` repo. Look at the `log4shell-goof` module.
- Log4Shell vulnerable Java application - Spring Boot web application vulnerable to Log4shell for easy reproduction.
- Analysis
- Tool
Categories
Sub Categories
Keywords
log4shell
6
cve-2021-44228
3
log4j2
3
cybersecurity
2
scanner
2
log4j
2
sitesloader
1
muhstik
1
mirai
1
m8220
1
kirabash
1
kinsing
1
khonsari
1
java
1
ioc
1
cti
1
cobalt-strike
1
swrort
1
threatintel
1
threatintelligence
1
ttp
1
cve-2021-45046
1
cve-2021-45105
1
detector
1
pentest
1
sca
1
vulnerability-scanner
1
bytecode
1
log4jshell
1
security
1
development
1
incident-response-tooling
1
java-8
1