Background

sudo grep -r '${jndi:ldap://' /var/log sudo egrep -i -r '\$\{jndi:(ldap[s]?|rmi)://' /var/log #log4j #log_4jrce #RCE #apache

Log4j2 RCE Passive Scanner plugin for BurpSuite. Contribute to whwlsfb/Log4j2Scan development by creating an account on GitHub.

We decided to dedicate our June edition to a very current and recurring topic - Ransomware and Vulnerability Management. During the COVID pandemic, the ransomware industry was more powerful than ever. That’s why it’s so crucial to understand how ransomware…

در ورژن 2.15 #log4j یک #CVE جدید کشف شد:))) این بار بجای #log4shell ما #log4dos داریم که روی تارگت میخوره :) باید به ورژن 2.16 آپدیت کنید یا #jndi رو کلا غیر فعال کنید. cve.org/CVERecord?id=C… zdnet.com/article/second… #hack #log4j #bugbounty #redteam #pentest…

Understand the impact of the zero-day remote code execution (RCE) vulnerability, CVE-2021-44228, affecting Apache Log4j to Operational Technology (OT) networks.

Posted by Ian Beer & Samuel Groß of Google Project Zero We want to thank Citizen Lab for sharing a sample of the FORCEDENTRY exploit with us, and...

Kaspersky products blocked PseudoManuscrypt on more than 35,000 computers in 195 countries of the world. Targets of attacks include a significant number of industrial and government organizations, including enterprises in the military-industrial complex and…

CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter. - cube0x0/noPac

Bugbounty Resources. Contribute to aufzayed/bugbounty development by creating an account on GitHub.

Let's try to make sense of the Log4j vulnerability called Log4Shell. First we look at the Log4j features and JNDI, and then we explore the history of the recent log4shell vulnerability. This is part 1 of a two part series into log4j.

Log4j Issues:
2013:…

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc. - toniblyx/my-arsenal-of-aws-security-tools