Skip to content

Log4j Shield - fast ⚡, scalable and easy to use Log4j vulnerability CVE-2021-44228 finder and patcher

Notifications You must be signed in to change notification settings

xsultan/log4jshield

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
 
 
 
 
 
 

Repository files navigation

Log4j Shield

GitHub last commit

DemoFeaturesRequirementsInstallationUsageContributingContact

Log4j Shield - fast ⚡, scalable and easy to use finder and patcher

No Log4j vulnerability left behind

You can use this tool to scan for all JAR files affected by Apache Log4J vulnerability CVE-2021-44228 and patch them on the fly.

Affected versions < 2.15.0

Features

  • Scan for the vulnerability within your system regardless of the naming convention of the library.
  • Deep scan for the vulnerability within nested libraries, compressed and concatenated libraries.
  • Creates a report of all Java ARchives (JAR), WAR, EAR, and AAR within your system or directory, the reports will contain the safe (for asset management) and vulnerable JARs.
  • Blazing fast ⚡, scalable and easy to use, (a system with more than 20k JARs takes about 3 mins)

Demo

demo

Requirements

  1. Nothing, just grab the script that's suitable for your system.

Installation

  1. git clone https://github.com/xsultan/log4jshield.git
  2. cd log4jshield
  3. chmod +x log4jshield.sh
  4. If you'd like to make it callable move the script to your bin folder: export PATH=$PATH:$(cd -)/log4jshield.sh

Usage

  1. Navigate to your desired directory or go to your root path by typing cd /

  2. Then run the tool

    ./log4jshield.sh

This will start scanning for all the JARs, then it will generate a report which will be created in the same path you ran the tool at.

Contributing

Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are greatly appreciated.

If you have a suggestion that would make this better, please fork the repo and create a pull request. You can also simply open an issue with the tag "enhancement". Don't forget to give the project a star! Thanks again!

  1. Fork the Project
  2. Create your Feature Branch (git checkout -b feature/AmazingFeature)
  3. Commit your Changes (git commit -m 'Add some AmazingFeature')
  4. Push to the Branch (git push origin feature/AmazingFeature)
  5. Open a Pull Request

Contact

Email Linkedin Twitter

About

Log4j Shield - fast ⚡, scalable and easy to use Log4j vulnerability CVE-2021-44228 finder and patcher

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages