Responding to a Zero-Day Vulnerability

The job simulation asked me to review the Cybersecurity & Infrastructure Security Agency (CISA) in order to become familiarized with a potential threat in Apache's Log4j software library.

My mission was to notify and educate any teams affected by this potential vulnerability via email. I learned how to identify which assets would be hurt by this weakness, the correct actions to take, and updating the products to the latest versions to mitigate this risk.

My next task was to create this a brute-force attack in order to decrypt a zip file. Here is the code I used: