When there is a fire, you bring a hose of water, not a can of gasoline.
When log4j started, one of the main challenges for organization was to identify which server is vulnerable.
I’m happy to be a part of the team that decide to help with a solution for that problem.
This solution is released as open-source (same like log4j) to help others for the greater good.
Read more about it here: https://medium.com/proferosec-osm/log4jscanner-835dcd0b3430
and get the tool here: https://github.com/proferosec/log4jScanner
Not how many, but where.