curated-intel/Log4Shell-IOCs external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

curated-intel/Log4Shell-IOCs

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/curated-intel/Log4Shell-IOCs)

Close

curated-intel / Log4Shell-IOCsView on GitHubMore

• External links
• Readme badge

A collection of intelligence about Log4Shell and its exploitation activity.

☆182Mar 4, 2022Updated 4 years ago

Alternatives and similar repositories for Log4Shell-IOCs

Users that are interested in Log4Shell-IOCs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• 2igosha / sunburst_dga

  View on GitHub
  ☆22Dec 22, 2020Updated 5 years ago
• curated-intel / attack-lookup

  View on GitHub
  A MITRE ATT&CK Lookup Tool
  ☆46Apr 25, 2024Updated 2 years ago
• CronUp / Malware-IOCs

  View on GitHub
  ☆96Apr 8, 2026Updated 2 months ago
• mubix / CVE-2021-44228-Log4Shell-Hashes

  View on GitHub
  Hashes for vulnerable LOG4J versions
  ☆155Dec 17, 2021Updated 4 years ago
• Malwar3Ninja / Exploitation-of-Log4j2-CVE-2021-44228

  View on GitHub
  IP addresses exploiting recent log4j2 vulnerability CVE-2021-44228
  ☆16Dec 19, 2021Updated 4 years ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• cisagov / log4j-affected-db

  View on GitHub
  A community sourced list of log4j-affected software
  ☆1,123Nov 9, 2022Updated 3 years ago
• BinaryDefense / log4j-honeypot-flask

  View on GitHub
  Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228
  ☆151Dec 20, 2021Updated 4 years ago
• telekom-security / malware_analysis

  View on GitHub
  This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.
  ☆123Mar 4, 2026Updated 3 months ago
• OllieJC / tbat

  View on GitHub
  Threat Box Assessment Tool
  ☆19Mar 5, 2026Updated 3 months ago
• nasbench / MindMaps

  View on GitHub
  #ThreatHunting #DFIR #Malware #Detection Mind Maps
  ☆306Nov 13, 2021Updated 4 years ago
• NCSC-NL / log4shell

  View on GitHub
  Operational information regarding the log4shell vulnerabilities in the Log4j logging library.
  ☆1,885Jun 15, 2022Updated 3 years ago
• StrangerealIntel / DailyIOC

  View on GitHub
  IOC from articles, tweets for archives
  ☆318Dec 12, 2023Updated 2 years ago
• deepinstinct / DeMotet

  View on GitHub
  Unpacking and decryption tools for the Emotet malware
  ☆44Dec 5, 2021Updated 4 years ago
• cado-security / rip_raw

  View on GitHub
  Rip Raw is a small tool to analyse the memory of compromised Linux systems.
  ☆132Jan 31, 2022Updated 4 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• executemalware / Malware-IOCs

  View on GitHub
  ☆507Oct 7, 2024Updated last year
• dwmetz / CyberPipe

  View on GitHub
  An easy to use PowerShell script to collect memory and disk forensics for DFIR investigations.
  ☆340Dec 3, 2025Updated 6 months ago
• Neo23x0 / log4shell-detector

  View on GitHub
  Detector for Log4Shell exploitation attempts
  ☆726Feb 12, 2022Updated 4 years ago
• sophoslabs / IoCs

  View on GitHub
  Sophos-originated indicators-of-compromise from published reports
  ☆667May 14, 2026Updated 3 weeks ago
• GossiTheDog / ThreatHunting

  View on GitHub
  Tools for hunting for threats.
  ☆601Apr 30, 2025Updated last year
• blackberry / threat-research-and-intelligence

  View on GitHub
  BlackBerry Threat Research & Intelligence
  ☆100Oct 20, 2023Updated 2 years ago
• mandiant / thiri-notebook

  View on GitHub
  The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…
  ☆154Apr 25, 2022Updated 4 years ago
• Orange-Cyberdefense / russia-ukraine_IOCs

  View on GitHub
  Russia / Ukraine 2022 conflict related IOCs from CERT Orange Cyberdefense Threat Intelligence Datalake
  ☆174Dec 9, 2022Updated 3 years ago
• joshlemon / DFIR-Reference-Frameworks

  View on GitHub
  Repository of public reference frameworks for the DFIR community.
  ☆122Jul 4, 2023Updated 2 years ago
• AI Agents on DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• curated-intel / Ukraine-Cyber-Operations

  View on GitHub
  Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for…
  ☆936Jun 26, 2023Updated 2 years ago
• MHaggis / ShellSweep

  View on GitHub
  ShellSweeping the evil.
  ☆53Jun 18, 2024Updated last year
• NVISOsecurity / nviso-cti

  View on GitHub
  ☆44Jul 11, 2025Updated 11 months ago
• 0xDanielLopez / TweetFeed

  View on GitHub
  TweetFeed collects Indicators of Compromise (IOCs) shared by the infosec community at Twitter. Here you will find malicious URLs, domains…
  ☆659Updated this week
• k3idii / ION

  View on GitHub
  Indicators of Normality
  ☆11Jul 22, 2022Updated 3 years ago
• vadim-hunter / Detection-Ideas-Rules

  View on GitHub
  Detection Ideas & Rules repository.
  ☆178Sep 10, 2021Updated 4 years ago
• f0wl / blackCatConf

  View on GitHub
  Configuration Extractor for BlackCat Ransomware
  ☆29Mar 18, 2022Updated 4 years ago
• ninoseki / iocingestor

  View on GitHub
  An extendable tool to extract and aggregate IoCs from threat feeds
  ☆33Feb 6, 2024Updated 2 years ago
• pan-unit42 / tweets

  View on GitHub
  ☆130Jan 29, 2024Updated 2 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• MISP / misp-training-lea

  View on GitHub
  Practical Information Sharing between Law Enforcement and CSIRT communities using MISP
  ☆35Sep 18, 2023Updated 2 years ago
• StrangerealIntel / Orion

  View on GitHub
  A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...
  ☆141Nov 19, 2023Updated 2 years ago
• stuhli / awesome-event-ids

  View on GitHub
  Collection of Event ID ressources useful for Digital Forensics and Incident Response
  ☆656Jun 19, 2024Updated last year
• woanware / etw-event-dumper

  View on GitHub
  ☆33Feb 26, 2022Updated 4 years ago
• ANSSI-FR / sftp2misp

  View on GitHub
  Automation script to download JSON MISP files from a SFTP server and import them via API to a MISP instance.
  ☆15May 12, 2023Updated 3 years ago
• cudeso / misp-tip-of-the-week

  View on GitHub
  A collection of tips for using MISP.
  ☆76Dec 11, 2024Updated last year
• volexity / threat-intel

  View on GitHub
  Signatures and IoCs from public Volexity blog posts.
  ☆366Jun 4, 2026Updated last week