log4shell.tools Scan logs

Log4Shell Scanner

Paste a log line, request header, or whole log file and instantly flag Log4Shell (CVE-2021-44228) exploitation attempts — including obfuscated JNDI payloads.

  • Free forever
  • No watermark
  • No signup
  • Batch ready
  1. Paste log lines, a header value, or a whole log file into the box.
  2. Click Scan — payloads are de-obfuscated and analysed locally.
  3. Review each finding: line, protocol, whether it was obfuscated, and why it's dangerous.

All log4shell tools

Log4Shell Scanner Scanner Paste a log line, request header, or whole log file and instantly flag Log4Shell (CVE-2021-44228) exploitation attempts — including obfuscated JNDI payloads. Log4j Version Checker Version Check Enter a Log4j version and find out whether it's vulnerable to Log4Shell — and exactly which fix you need.

log4shell.tools is a small set of defensive utilities for the Log4Shell vulnerability (CVE-2021-44228). The scanner flags JNDI exploitation attempts in your logs — even obfuscated ones — while the version checker tells you whether a given Log4j build is vulnerable and what to upgrade to. Detection only: nothing here executes payloads or contacts external hosts.

Below, our guides explain how Log4Shell works, how attackers obfuscate payloads, how to detect exploitation, and how to remediate for good.

Defensive by design

These tools exist to help defenders triage logs and inventory versions quickly during and after the Log4Shell crisis. They do not generate attack payloads. The scanner de-obfuscates Log4j lookup syntax purely to recognise hostile strings — it never resolves them.

Frequently asked questions

Is log4shell.tools an attack tool?
No — it's purely defensive. It detects exploitation attempts and assesses versions; it does not generate or send payloads.
What does the scanner detect?
JNDI lookup payloads (${jndi:ldap://…} and obfuscated variants) consistent with CVE-2021-44228 exploitation, with the protocol and de-obfuscated form shown.
What version should I upgrade to?
Log4j 2.17.1+ for Java 8+, which fixes CVE-2021-44228, 45046 and 45105.