title

Public Hunt for log4j / log4shell Evasions / WAF Bypasses | CRS Project

charset

utf-8

viewport

width=device-width,initial-scale=1

Content-Security-Policy

upgrade-insecure-requests

description

We have been updating our detection for the infamous CVE-2021-44228 vulnerability and its siblings for several days now. With the new experimental rule 1005, we …

og:url

https://coreruleset.org/20211216/public-hunt-for-log4j-log4shell-evasions-waf-bypasses/

og:site_name

CRS Project

og:title

Public Hunt for log4j / log4shell Evasions / WAF Bypasses

og:description

We have been updating our detection for the infamous CVE-2021-44228 vulnerability and its siblings for several days now. With the new experimental rule 1005, we think we really have decent detection capabilities now. Read up on this development in the separate blog post CRS and Log4j / Log4Shell / CVE-2021-44228. Right before the log4j CVE was published, we took up our CRS Sandbox that lets you test payloads against various CRS installations.

og:locale

en

twitter:card

summary_large_image

twitter:image

https://coreruleset.org/images/social-preview.svg

twitter:title

Public Hunt for log4j / log4shell Evasions / WAF Bypasses

twitter:description

We have been updating our detection for the infamous CVE-2021-44228 vulnerability and its siblings for several days now. With the new experimental rule 1005, we think we really have decent detection capabilities now. Read up on this development in the separate blog post CRS and Log4j / Log4Shell / CVE-2021-44228. Right before the log4j CVE was published, we took up our CRS Sandbox that lets you test payloads against various CRS installations.

apple-touch-icon

https://coreruleset.org/apple-touch-icon.png

icon

https://coreruleset.org/favicon.ico

icon

https://coreruleset.org/favicon.svg

icon

https://coreruleset.org/favicon-32x32.png

preload

https://coreruleset.org/fonts/nunito-v25-latin-regular.woff2