<!-- ABOUT THE PROJECT -->
## About The Project
This is a specially crafted automated Vulnerability Scanner, Patch Management and Exploitation tool for CVE-2021-44228. This is a combination of Python, Java and Linux shell program which will make it easier for a Network Administrator, Endpoint Security Developers and Cyber-Security Analysts to perform Penetration Testing and protect themselves from The Log4Shell vulnerability.
So the Security Analyst can perform the Log4J JNDI attack as well as mitigate the security issue using the integrated patch manager.
This vulnerability analysis tool will be regularly updated as soon as I get the security alerts.
<!-- Download link for Java JDK as a pre-requisite for exploitation tool-->
## System Pre-Requisite
<li><b>Download Java version 8 JDK from here, Extract it on the src directory and rename the Java jdk file as jdk1.8.0_20</b><br>
<a href="https://app.blackhole.run/#N4XaeQzCCF1N6AVWwhf36A5e7VfDjdNkCRogUcBzVhWE">Download for Debian Linux x64</a></li>
<li><b>Execute dependencies.sh file by changing permission (chmod +x dependencies.sh) than run ./dependencies.sh. This will automatically install all the required packages on your system to execute this tool.</b></li>
<li><b>In the same directory type the command pip install -r requirements.txt. This will install all the python based packages</b></li>
<li><b>Update your system using the command sudo apt dist-upgrade. Have a cup of tea or coffee for a meanwhile because it might take a moment to complete this upgrade</b></li>
<!-- Execution phase for exploitation tool -->
## Execute the Pentesting tool
<b>Run the tool by using the command (./automation.sh)</b>
<b>The use of this code is your responsibility.
I take NO responsibility and/or liability for how you choose to use any of the source code available here. By using any of the files available in this repository, you understand that you are AGREEING TO USE AT YOUR OWN RISK. Once again, ALL files available here are for EDUCATION and/or RESEARCH purposes ONLY.</b><p>