Log4j Scan

Posted Under: Free Downloads, Linux, Log4j, Open Source, Tutorials on Dec 16, 2021
Log4j Scan
Apache Log4j is a Java-based logging utility. The Log4j vulnerability also know as Log4Shell is tracked as CVE-2021-44228. It was disclosed last week by LunaSec researchers. It allows attackers to execute arbitrary code remotely on a target computer. Afterward an attacker can steal data, install malware or take control silently. In order to detect if your application is vulnerable to or might have silently be compromised by an attacker. To prevent any incoming attack deploy Snort or YARA rules for Log4Shell Log4j Vulnerability.


log4j-scan is an a fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228. It is provided by FullHunt.io. log4j-scan can scan lists of URLs with more than 60 HTTPS request header types. It has the ability to scan in any textual type of HTTP request methods GET, POST or JSON. It supports DNS callback for vulnerability discovery and validation and WAF Bypass payloads. Download the following log4j-scan.

log4j scan

pip3 install -r requirements.txt #Installation
python3 log4j-scan.py -l urls.txt #Scan list of Urls
python3 log4j-scan.py -u https://log4j.instance.com --waf-bypass #WAF bypass scanning
python3 log4j-scan.py -u https://log4j.instance.com --run-all-tests #Check or everything
Log4j-scan is testing from a URL i.e. via web, if you have access to the Linux command shell you can use the following.

log4jscan by Intezer

Log4jscan is a free script file by Intezar that can scan Linux hosts for active usage of log4j (log4j-core) for the purpose of identifying potentially vulnerable versions. This scanner is designed to be lightweight, fast, require no dependencies and support containerized/K8s environments.

log4jscan by intezer