log4j-finder

A Python3 script to scan the filesystem to find Log4j2 that is vulnerable to Log4Shell (CVE-2021-44228) It scans recursively both on disk and inside Java Archive files (JARs).

Usage

Example usage to scan a path (defaults to /):

$ python3 log4j-finder.py /path/to/scan

Or directly a JAR file:

$ python3 log4j-finder.py /path/to/jarfile.jar

Or multiple directories and or files:

$ python3 log4j-finder.py /path/to/dir1 /path/to/dir2 /path/to/jarfile.jar

Files or directories that cannot be accessed (Permission denied errors) are not printed. If you want to see more output, you can give the -v flag for verbose, or -vv for debug mode (only recommended for debugging purposes).

Name		Name	Last commit message	Last commit date
Latest commit History 8 Commits
.github/workflows		.github/workflows
README.md		README.md
log4j-finder.py		log4j-finder.py
log4j-finder.spec		log4j-finder.spec
screenshot.png		screenshot.png

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

log4j-finder

Usage

About

Releases

Packages

Languages

CyberSecOps/log4j-finder

Folders and files

Latest commit

History

Repository files navigation

log4j-finder

Usage

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages