log4shell guides & articles
10 in-depth guides on Log4Shell Tools and related topics.
Log4j versions & CVEs
Log4j versions & CVEs
CVE-2021-45046 vs 45105: The Log4Shell Follow-On Flaws
A defender's comparison of CVE-2021-45046 and CVE-2021-45105, explaining why the first Log4Shell fix was incomplete, what the denial-of-service follow-up was, and why only 2.17.1 is the safe endpoint.
Log4j versions & CVEs
Is My Log4j Version Vulnerable? A Defender's Checklist
A defender's checklist for deciding whether a Log4j version is vulnerable, mapping version numbers to the Log4Shell CVEs and explaining how to find your true version including transitive dependencies.
Log4j versions & CVEs
The Log4j Patch Timeline: Every Version and What It Fixed
A defender's timeline of the Log4j patch releases, explaining what 2.15.0, 2.16.0, 2.17.0, and 2.17.1 each fixed, the 2.12.4 and 2.3.2 backports, and which version is the safe endpoint.
Detecting exploitation
Detecting exploitation
How to Detect Log4Shell Exploitation in Your Logs
A practical guide for defenders on detecting Log4Shell exploitation attempts in existing logs, covering which fields to search, the JNDI patterns to look for, and how to triage real findings.
Detecting exploitation
Triaging Log4Shell Across Your Estate With a Scanner
A defender's playbook for triaging Log4Shell across a large estate, covering scanning and inventory, prioritising by exposure, confirming versions, hunting logs, and tracking remediation to closure.
Log4Shell explained
Log4Shell explained
How the Log4Shell JNDI Lookup RCE Worked, Conceptually
A conceptual, defender-focused walkthrough of how the Log4Shell JNDI lookup led to remote code execution, explaining each link in the chain and where defenders can break it.
Log4Shell explained
What Is Log4Shell? CVE-2021-44228 Explained for Defenders
A defender-focused introduction to Log4Shell (CVE-2021-44228) explaining what the Log4j flaw is, which versions are affected, how the JNDI lookup worked conceptually, and the first steps to respond.
Remediation & patching
Remediation & patching
How to Patch Log4j Against Log4Shell: A Step-by-Step Guide
A step-by-step guide to patching Log4j against Log4Shell, covering which version to upgrade to, handling transitive dependencies, verifying the fix, and avoiding regressions.
Remediation & patching
Log4Shell Mitigation Without Upgrading: Stopgaps That Help
A defender's guide to mitigating Log4Shell when you cannot upgrade yet, covering removing JndiLookup.class, formatMsgNoLookups, WAF limits, and why these are stopgaps rather than fixes.