Blacklock’s custom-built log4j scanner crawls your web application to identify the URLs, parameters, request headers and probe them with log4j attack payloads to detect the vulnerability. The log4j scan report is directly delivered to your inbox.
The Blacklock's free online Log4j scanner performs an in-depth analysis of an unauthenticated section of your web application to identify the Log4j RCE vulnerability, specifically CVE-2021-4428 (hyperlink: https://www.cve.org/CVERecord?id=CVE-2021-44228). It does not detect or report any other web application vulnerabilities.
The information you submit for the scanning service is used solely to provide the service. We ensure that this information is not released, sold, published, or given away to any other person or organization unless required by law or with your explicit consent. The service complies with our Data Handling Policy (https://blacklock.webflow.io/data-policy) and Privacy Policy (https://blacklock.webflow.io/privacy-policy).
No, the scanner is specifically designed to identify only the Log4j RCE vulnerability known as CVE-2021-4428. It does not detect or report any other web application vulnerabilities.
No, the Log4j scanner performs its analysis on the unauthenticated sections of your web application only.
If the scanner identifies the Log4j RCE vulnerability CVE-2021-4428, it is recommended to follow the provided remediation guidelines to address the vulnerability immediately. You should also consider performing a thorough security assessment of your entire web application to ensure that there are no other vulnerabilities