Changelog
This release fixes some issues that were raised about false positives with Log4j 2.15.0. This cli tool is also tested on both apache libraries and maven libraries since their hashes were observered to be different in some cases.
ab5abab Basic technical analysis of the Log4Shell exploit
99d8996 Better phrasing
5aadc82 Blog post updates
9a159fd CLI UX improvements and more legalish warnings
861c385 Fix bad image links by using MDX syntax instead
13cd33f Fix formatting
4395867 Fix image link for bad image also
d74964c Fix image links to be persistent
a60fddc Fix some typos
a582d5c Merge branch 'hotpatch-improvements' of github.com:lunasec-io/lunasec into hotpatch-improvements
6e4314a Merge branch 'master' into improve-scanner-reliability
53d0b1c Merge pull request #311 from lunasec-io/hotpatch-improvements
64254cd Merge pull request #312 from lunasec-io/update-patch-section
c7043c6 Merge pull request #313 from lunasec-io/fix-bad-image-links
e74319f Merge pull request #319 from natrem/detect-elastic-apm
6b8618e Merge pull request #322 from lunasec-io/fix-post-warning
4126b0b Merge pull request #329 from dhoizner/feat/scan-zip-archives
9e91702 Merge pull request #331 from lunasec-io/fix-typo-in-property-name
cf60212 Merge pull request #333 from lunasec-io/log4j-exploit-analysis-blog-post
bb8d253 Tweaks
9f24892 Update Patch section with new notes
254ade8 Update timestamps
fbf14b1 Wordsmithing
195cbc4 add payload url to the print out in the cli
65dbfe8 bump version
400c6e3 feat: scan into zip archives in addition to jar+war
34c7611 fix typo
0e27f16 log4shell and 2.15.0 cves are distinct in findings now
1f0f3bf pull all maven and apache versions of log4j
fc35788 scan library before browsing it
ea2f1af script for downloading all log4j versions
4a3d922 update blog post to fix changes suggested in issues
79aab2e update blog to include java decomp
f42427a use webarchive to reference zero day tweet