This repo contains operational information regarding the Log4shell vulnerability in the Log4j logging library. Especially CVE-2021-44228 / CVE-2021-45046 and also covers CVE-2021-4104 / CVE-2021-45105. For additional information see:
Directory | Purpose |
---|---|
hunting | Contains info regarding hunting for exploitation |
iocs | Contains any Indicators of Compromise, such as scanning IPs, etc |
detection & mitigation | Contains info regarding detection and mitigation, such as regexes for detecting scanning activity and more |
scanning | Contains references to methods and tooling used for scanning for the Log4j vulnerability |
software | Contains a list of known vulnerable and not vulnerable software |
tools | Contains a list of tools for automatically parsing info on this repo |
Please note that these directories are not complete, and are currently being expanded.
NCSC-NL has published a HIGH/HIGH advisory for the Log4j vulnerability. Normally we would update the HIGH/HIGH advisory for vulnerable software packages, however due to the extensive amounts of expected updates we have created a list of known vulnerable software in the software directory.
If you have any additional information to share relevant to the Log4j vulnerability, please feel free to open a Pull request. New to this? Read how to contribute in GitHub's documentation.
Dear contributors, partners all over the world,
We have received an impressive/enormous number of pull requests on this repo. It contains vital information that contributes to the situational overview around the Log4j vulnerability. The list of vulnerable applications is currently one of the most up-to-date ones with continuous input from across the globe. It is still expanding and we are working hard to process all the contributions.
Due to our joint efforts and strong cooperation we are confident that we will be better equipped to manage this situation.
Thank you all very much for your hard work and we keep welcoming your input via GitHub.