Log4j Vulnerability

Log4j vulnerability was publicly disclosed on December 10, 2021, and it is considered the most severe security breach of all time. Hundreds of millions of devices were vulnerable to attackers executing malicious code remotely on any target device. For that reason, the name Log4jShell was given to the vulnerability. This article is going to talk about the impact that has on the world. Black-Hat Hackers leveraging log4jShell for personal gain. How federal governments, security researchers, security companies responded, and organizations protect themselves. A practical section that shows how a Log4j vulnerability can be discovered and exploited. Showing a methodology to look for log4jShell on a large scope to then explain how to exploit by manual testing in one application.