log4j scanning

Like everyone in security I was hard at work over the holidays working on log4j scanning. We just open sourced the log4j scanner that I worked on with my colleages at Google. Check it out here. It is capable of crawling an entire machine to find jars containing log4j (matching on the generated java byte code!) and auto-patching all found jars.