This repo contains operational information regarding the Log4shell vulnerability in the Log4j logging library. Especially CVE-2021-44228 / CVE-2021-45046 and also covers CVE-2021-4104 / CVE-2021-45105. For additional information see:
For affected organisations and CISOs searching for concise mitigation guidance, the Log4Shell for OES - Full presentation slides for CISOs and techies describes the vulnerability and explains all steps necessary to successfully mitigate the vulnerability (patching is not enough).
Directory | Purpose |
---|---|
hunting | Contains info regarding hunting for exploitation |
iocs | Contains any Indicators of Compromise, such as scanning IPs, etc |
detection & mitigation | Contains info regarding detection and mitigation, such as regexes for detecting scanning activity and more |
scanning | Contains references to methods and tooling used for scanning for the Log4j vulnerability |
software | Contains a list of known vulnerable and not vulnerable software |
tools | Contains a list of tools for automatically parsing info on this repo |
Please note that these directories are not complete, and are currently being expanded.
NCSC-NL has published a HIGH/HIGH advisory for the Log4j vulnerability. Normally we would update the HIGH/HIGH advisory for vulnerable software packages, however due to the extensive amounts of expected updates we have created a list of known vulnerable software in the software directory.
If you have any additional information to share relevant to the Log4j vulnerability, please feel free to open a Pull request. New to this? Read how to contribute in GitHub's documentation.
We would like to thank every single one of you that contributed to our GitHub page. NCSC-NL believes the GitHub page is a succes and you made that possible. Below we present a very incomplete list of contributants we consider the repository's hall of fame:
-
@DFFSpace
-
@tintinhamans
-
@milankowww
-
@MrSeccubus
-
@Goldshop
-
@RemkoSikkema
-
@MetzieNL
-
@RobinFlikkema
-
@lucasjellema
-
@iglocska