Skip to content
/ Log4j2Scan Public
forked from izj007/Log4j2Scan

Log4j2 RCE Passive Scanner plugin for BurpSuite

0 stars 260 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

yusuppunk/Log4j2Scan

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
screenshots
screenshots
 
 
src/main/java/burp
src/main/java/burp
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
pom.xml
pom.xml
 
 

Repository files navigation

Log4j2Scan

本工具仅供学习研究自查使用,切勿用于非法用途,由使用该工具产生的一切风险均与本人无关!

dnslog.cn由于请求人数过多,时有无法访问接口的问题,若出现无法扫描的情况时,请确认插件日志中是否提示Dnslog加载成功

Log4j2 远程代码执行漏洞,BurpSuite被动扫描插件。

v0.4版本已加入RC1补丁的绕过poc。

暂只支持Url、Cookie、POST(x-www-form-urlencoded)类型的参数fuzz。

鸣谢

插件中部分代码借鉴于以下项目

https://github.com/pmiaowu/BurpShiroPassiveScan/

About

Log4j2 RCE Passive Scanner plugin for BurpSuite

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

6 tags

Packages

No packages published

Languages

  • Java 100.0%