Home / Linux / Miscellaneous

A Simple Log4j Indicator of Compromise Linux Detector

log4j Linux IoC Detector A basic Bash script to detect log4j Indicator of Compromise (IoC) in Linux. How to Use Clone this repository: git clone https
Information
Category: Linux / Miscellaneous
Watchers: 1
Star: 9
Fork: 2
Last update: Dec 17, 2021
Resource links
https://github.com/santosomar/log4j-ioc-detector

log4j Linux IoC Detector

A basic Bash script to detect log4j Indicator of Compromise (IoC) in Linux.

How to Use

  1. Clone this repository:
git clone https://github.com/santosomar/log4j-ioc-detector
  1. Run the the log4j_ioc_detector.sh script, as demonstrated below:
# bash sudo log4j_ioc_detector.sh
A basic Bash script to detect log4j Indicator of Compromise (IoC) in Linux.
Author: Omar Santos (@santosomar)
+------------------------------------------+
Scan Started:
| Tue Dec 14 17:26:36 UTC 2021             |
Searching for exploitation attempts in uncompressed files in folder /var/log and all sub folders
Searching for  exploitation attempts in compressed files in folder /var/log and all sub folders
Searching for obfuscated variants

Any IoCs in the logs will be reported to the screen...

0 Open More issues
Closed

Update log4j_ioc_detector.sh

Added sudo for individual commands because user may not have access to the filesystem where the GZIP logs exist.

enhancement 
opened Dec 14, 2021 by bswilson 0
Closed

Create LICENSE

null

opened Dec 14, 2021 by santosomar 0

Contents

    lucab85 Ansible detector scanner playbook to verify target Linux hosts using the official Red Hat Log4j detector script Remote Code Execution - log4j (CVE-2021-44228)
    coderdiaz vue-status-indicator - A Vue.js component to show status indicator as colored dots.
    spencermountain modest natural-language processing
    egoist 👣 Simple step indicator for Vue.js
    ollyxar PHP malware detector
    YonghaoHe A light and fast one class detection framework for edge devices. We provide face detector, head detector, pedestrian detector, vehicle detector......
    becauseofAI A light and fast one class detection framework for edge devices. We provide face detector, head detector, pedestrian detector, vehicle detector......
    IntruderShanky Flare provide the easy implementation of circular indicator with ViewPager. (ViewPager Indicator)
    uias ™️ A powerful paging view controller with interactive indicator bars
    pigfly High Performance Custom Dot Loading Indicator in iOS
    praetorian-inc Log4j detector and reporting server for scalable detection of vulnerable running processes.
    jeffli1024 CVE-2021-44228 - Apache log4j RCE quick test
    ravindu1024 A simple customizable indicator for ViewPagers
    24ark A simple react-native implementation of step indicator widget compatible with the ViewPager and ListView.
    aditya-vora Code for FCHD - A fast and accurate head detector
    BeloborodovDS Caffe implementation of Mobilenet-SSD face detector (NCS compatible)
    snakers4 Silero VAD: pre-trained enterprise-grade Voice Activity Detector, Language Classifier and Spoken Number Detector
    Neo23x0 Detector for Log4Shell exploitation attempts
    mergebase Detects log4j versions on your file-system, including deeply recursively nested copies (zips inside zips inside zips).
    apache Mirror of Apache Logging Log4J2
    momos1337 Log4j RCE - (CVE-2021-44228)
    Share this repo

    Related Repos


    Miscellaneous
    14
    the ultimate compact fzf gh extension
    gennaro-tedesco the ultimate compact fzf gh extension Installation • Usage • Customisation • Feedback gh-f is the ultimate, compact and snappy fzf extension for gh cl
     
    Miscellaneous
    6
    MacOS Wallpapers for linux desktop
    vinceliuice MacOS Wallpapers for linux desktop WhiteSur (Big Sur) Wallpapers Monterey Wallpapers Installation Install Gnome Backgrounds (wallpaper will change acc
     
    Miscellaneous
    3
    A docker bundle with *arr apps ready to deploy on your linux machine.
    bolchisb Plex Home Media integrations This package is created for those who are not experts in linux servers and docker. If you follow these steps you'll be ab
     
    Miscellaneous
    3
    Vim-textobj-string is a Vim plugin to provide text objects to select a string
    rbtnn vim-textobj-string is a Vim plugin to provide text objects (as and is by default) to select a string.
     
    Miscellaneous
    3
    automatically quote arguments to commands like `git commit -m`
    ianthehenry zsh-autoquoter zsh-autoquoter is a zle widget ("zsh plugin") that will automatically put quotes around arguments to certain commands. So instead of ha
     
    Miscellaneous
    34
    PyTorchCV: A PyTorch-Based Framework for Deep Learning in Computer Vision.
    donnyyou PyTorchCV: A PyTorch-Based Framework for Deep Learning in Computer Vision @misc{CV2018, author = {Donny You ([email protected])}, howpubl
     
    Miscellaneous
    276
    Documentation on building a HTTPS stack in AWS with HAProxy
    jvehent Guidelines for HAProxy termination in AWS Document status NOT READY $Revision: $ @ 2022-01-14 19:00 PST Author Julien Vehent Review CloudOps Table of
     
    Miscellaneous
    8.3k
    Spinnaker is an open source, multi-cloud continuous delivery platform for releasing softwa...
    Spinnaker Welcome to the Spinnaker Project Spinnaker is an open-source continuous delivery platform for releasing software changes with high velocity and confid
     
    Miscellaneous
    52
    A must-have configuration for Spacemacs users after defecting to Vim
    yetone 🪐 My Neovim Configuration 🚀 A must-have configuration for Spacemacs users after defecting to Vim If you want the power of VSCode, the interactivity
     
    Miscellaneous
    12
    This repo is for firmware updates, software files, and other important resources for the M...
    Takiiiiiiii Miyoo Mini Firmware and Configured SD This repository contains a debloated and improved SD card image for the Miyoo Mini. Latest Firmware Update Packa
     
    Miscellaneous
    7
    This app is created that using with Shell Script and Zenity Library.
    kaansertel CV Hazırlama (Shell Script - Zenity Kütüphanesi) Linux Araçları ve Kabuk Programlama dersi kapsamında,Shell script ve Zenity Kütüphanesi kullanılarak
     
    Miscellaneous
    7
    Docker container for PlexAutoSkip
    mdhiggins PlexAutoSkip Official Docker Container Docker container for PlexAutoSkip Version Tags Tag Description latest Stable release Usage docker-compose ple
     
    Miscellaneous
    29
    An open source meme???
    KCGD Open source spiderman meme Haha spiderman make a presentation lol Install gimp This meme requires gimp, install through install_deps.sh chmod +x insta
     
    Miscellaneous
    35
    Script to patch iOS app so we can later use it on Apple Silicon devices.
    Co2333 AppleSiliconUIKitPatch Script to patch iOS app so we can later use it on Apple Silicon devices. App should be decrypted if was downloaded from App Sto
     
    Miscellaneous
    20
    dots configured after setting up NixOS on tmpfs
    Sam1431 λ Idempotent Dotfiles SETTING UP NIXOS , MY WAY NixOS with tmpfs (Sway WM) Disclaimer: This is not a community framework or distribution. It's a priva