Ashish Bansal ashishsecdev

## log4j_rce_detection.md

      
              1 file
            
          
              72 forks
            
          
              70 comments
            
          
              512 stars
            
          
                Neo23x0
                / log4j_rce_detection.md
            
            
              Last active
              January 28, 2024 08:19
            
              
                Log4j RCE CVE-2021-44228 Exploitation Detection
              
          
    log4j RCE Exploitation Detection

You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228
Grep / Zgrep

This command searches for exploitation attempts in uncompressed files in folder /var/log and all sub folders
sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log

  
## 18.04-openscap.md

      
              1 file
            
          
              2 forks
            
          
              1 comment
            
          
              8 stars
            
          
                CalvinHartwell
                / 18.04-openscap.md
            
            
              Last active
              November 15, 2021 20:53
            
              
                Using OpenSCAP on Ubuntu 18.04 LTS 
              
          
    Using OpenSCAP on Ubuntu 18.04 LTS

Installation Instructions

First we install the following packages to use the openscap command-line tool:
sudo apt-get install libopenscap8 python-openscap
We will also install the SCAP security guide:
sudo apt install ssg-base ssg-debderived ssg-debian ssg-nondebian ssg-applications