Spyderbat Log4j Resources

On Dec 9, 2021, a zero-day exploit (CVE-2021-44228) was made public impacting Apache's Log4J Utility.

The Spyderbat Platform does not use the Log4J utility. Spyderbat is not vulnerable to remote code execution through this vulnerability.

Here are more resources from Spyderbat on the Log4j RCE

Screen Shot 2021-12-29 at 8.31.50 AM.png
Log4J Capture_edited.png
Screen Shot 2021-12-21 at 11.32.01 AM.png
Screen Shot 2021-12-22 at 8.48.39 AM.png

Spyderbat Log4jTool

Spyderbat released a free command-line tool to scan for vulnerable versions of Log4j on Linux systems.

Weaponized Log4j Exploit In Action

Spyderbat examines the log4j exploit to understand its impact, including a trace you can interact with.

How to Detect Successful Log4J Attacks with Spyderbat

Detect and fully mitigate successful log4j exploit attacks in your environment.

Data Exfiltration using the Log4j Vulnerability

See a proof of concept of how the Log4j vulnerability can be used to exfiltrate data