Log4Shell scanner for Burp Suite

screenshot

Detailed description can be found in our blog post about this plugin.

Comparison

Feature Log4Shell scanner (this one) ActiveScan++ (PortSwigger/[email protected])
Synchronous detection ✔️ ✔️
Asynchronous detection ✔️
Hostname detection ✔️
Username detection ✔️

Building

Execute ./gradlew build and you’ll have the plugin ready in
build/libs/burp-log4shell.jar

License

The whole project is available under the GNU General Public License v3.0,
see LICENSE.md.

GitHub

View Github