Log4j Scanner | Blacklock
Log4j Scanner | Blacklock
Explore Blacklock in action

Blacklock Log4j Scanner

Blacklock’s custom-built log4j scanner crawls your web application to identify the URLs, parameters, request headers and probe them with log4j attack payloads to detect the vulnerability. The log4j scan report is directly delivered to your inbox.

Find answers to common queries

Frequently Asked Questions (FAQs)

What is the Blacklock's free online Log4j scanner? FAQ-Plus-Icon

The Blacklock's free online Log4j scanner performs an in-depth analysis of an unauthenticated section of your web application to identify the Log4j RCE vulnerability, specifically CVE-2021-4428 (hyperlink: https://www.cve.org/CVERecord?id=CVE-2021-44228). It does not detect or report any other web application vulnerabilities.

How does the scanner ensure the privacy of my submitted information? FAQ-Plus-Icon

The information you submit for the scanning service is used solely to provide the service. We ensure that this information is not released, sold, published, or given away to any other person or organization unless required by law or with your explicit consent. The service complies with our Data Handling Policy (https://blacklock.webflow.io/data-policy) and Privacy Policy (https://blacklock.webflow.io/privacy-policy).

Does the scanner detect vulnerabilities other than CVE-2021-4428? FAQ-Plus-Icon

No, the scanner is specifically designed to identify only the Log4j RCE vulnerability known as CVE-2021-4428. It does not detect or report any other web application vulnerabilities.

Is the scan conducted on authenticated sections of the web application? FAQ-Plus-Icon

No, the Log4j scanner performs its analysis on the unauthenticated sections of your web application only.

What actions should I take if a vulnerability is detected? FAQ-Plus-Icon

If the scanner identifies the Log4j RCE vulnerability CVE-2021-4428, it is recommended to follow the provided remediation guidelines to address the vulnerability immediately. You should also consider performing a thorough security assessment of your entire web application to ensure that there are no other vulnerabilities

Do you still have a question?