Nice Script and Story from Nick in #community-sharing!

FYI, I commented on that Tweet, but this identifies patched versions of log4j as the fixed version (2.15.0) still contains the

JndiLookup

class. I built some other tooling using YARA to detect the class signature a few days ago, for anyone who is needing some extra tools to find their exposure: https://twitter.com/Darkarnium/status/1470387759743475727

Thanks @careful-state-77850, great to know.

Reference for completeness, and confirmation that the fixed versions are still flagged.