Reading Time: < 1 minute

A tiny articles to show that I implemented a Log4J scanner into XDR as a script you can run.

XDR is not a vulnerability management tool, even do host-insight offers some kind of list of vulnerabilities.

I used the original code created by the CERT/CC : https://www.kb.cert.org/vuls/id/930724

Here is a sample result of the script while it’s running at a customer.

source code of the XDR script can be found here : https://github.com/k4nfr3/XDR_scripts/blob/main/xdr_log4j.py

0