Log4j RCE Scanner

Using this tool, you can scan for remote command execution vulnerability CVE-2021-44228 on Apache Log4j at multiple addresses.

Features:

It can scan according to the url list you provide.
It can scan all of them by finding the subdomains of the domain name you give.
It adds the source domain as a prefix to determine from which source the incoming dns queries are coming from.

Requirements

httpx
curl

If you want to scan with a domain name, you must additionally install subfinder, assetfinder and amass.

-h, --help - Display help
-l, --url-list - List of domain/subdomain/ip to be used for scanning.
-d, --domain - The domain name to which all subdomains and itself will be checked.
-b, --burpcollabid - Burp collabrator client id address or interactsh domain address.

Example uses:

./log4j-rce-scanner.py -l subdomains.txt -b 1bd6icqah2823eieuo5wdiw09rfi38rx.oastify.com

./log4j-rce-scanner.py -d evil.com -b 1bd6icqah2823eieuo5wdiw09rfi38rx.oastify.com