Skip to content

Instantly share code, notes, and snippets.

View adulau's full-sized avatar
👨‍💻
Doing stuff

Alexandre Dulaunoy adulau

👨‍💻
Doing stuff
1.1k followers · 2.5k following
View GitHub Profile
@adulau
adulau / http2-rapid-reset-ddos-attack.md
Last active April 4, 2024 17:59
HTTP/2 Rapid Reset DDoS Attack

Introduction

This Gist aims to centralise the most relevant public sources of information related to the HTTP/2 Rapid Reset vulnerability. This vulnerability has been disclosed jointly by Google, Amazon AWS, and Cloudflare on 10 October 2023 at 12:00 UTC.

Please help us make this page as comprehensive as possible by contributing relevant references, vendor advisories and statements, mitigations, etc.

References

@adulau
adulau / typosquatting.json
Created July 11, 2023 07:43
typo-squatting ukrainianworldcongress.org
{
"addDynamicDns": [
{
"ukrainianworldcongress_org.clickip.de": {
"A": [
"85.215.86.53"
],
"MX": [
"100 relay.rzone.de",
"20 clickip.de"
@adulau
adulau / ms_threat_actor_taxonomy_to_misp_format.py
Last active April 20, 2023 15:05 — forked from botlabsDev/ms_threat_actor_taxonomy_to_misp_format.py
Microsoft threat actory taxonomy to misp format converter
import uuid
from pprint import pprint
import json
import requests
# https://learn.microsoft.com/en-us/microsoft-365/security/intelligence/microsoft-threat-actor-naming?view=o365-worldwide
# https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
@adulau
adulau / bts-misp.md
Last active January 27, 2023 08:37
BTS MISP

BTS - MISP and Threat Intelligence Introduction

From 9:30 to 12:00 CET (a small break is foreseen)

Short url: https://tinyurl.com/BTS-MISP2

Agenda

  • MISP Introduction and history
  • MISP data model
@adulau
adulau / time-to-query-api-nvd.md
Created January 1, 2023 10:34
Time to query the API v2.0 of NVD NIST

Getting CPEs

adulau@maurer:~$ curl -w "@curl-format.txt" -o /dev/null -s "https://services.nvd.nist.gov/rest/json/cpes/2.0/?resultsPerPage=20&startIndex=0"
     time_namelookup:  0,120529s
        time_connect:  0,225630s
     time_appconnect:  0,386989s
    time_pretransfer:  0,387033s
       time_redirect:  0,000000s
 time_starttransfer: 5,810461s
@adulau
adulau / cornell-notes-template.tex
Created December 31, 2022 10:08
Cornell notes template in LaTeX based on https://tex.stackexchange.com/questions/70570/cornell-notes-a-lyx-or-latex-solution-needed
\documentclass[a4paper]{article}
\pagestyle{plain}
\usepackage{calc}
\usepackage[top=0.25in,bottom=0.75in,left=0.5in,right=0.5in]{geometry}
\usepackage{tikz}
\newlength{\wholeboxwd}
\setlength{\wholeboxwd}{0.99\textwidth}
\newlength{\wholeboxht}
\setlength{\wholeboxht}{0.95\textheight}
@adulau
adulau / keybase.md
Created November 29, 2022 09:41

Keybase proof

I hereby claim:

  • I am adulau on github.
  • I am adulau (https://keybase.io/adulau) on keybase.
  • I have a public key whose fingerprint is 6BB5 6353 1D99 F112 4C00 8C4F 815D 4786 1ECB 73D5

To claim this, I am signing this object:

@adulau
adulau / sample-dnstap-decoded.json
Created August 13, 2022 13:59
{
"identity": "recursive-5003",
"qname": "www.aboil.info.",
"rrtype": "A",
"query-ip": "127.0.0.1",
"query-port": 34882,
"response-ip": "127.0.0.1",
"response-port": 5003,
"latency": 0.027,
"message": "CLIENT_RESPONSE",
@adulau
adulau / commoncrawl.md
Created June 25, 2022 13:33
Notes for commoncrawl
@adulau
adulau / hockeypuck-key-removed.md
Created May 27, 2022 07:59
How to remove keys from Hockeypuck OpenPGP key server

How to remove keys from Hockeypuck OpenPGP key server

  • First find the Hockeypuck hash of the key(s) to be removed via the web search of your key server instance;
  • On the index, copy the hash value (Hash=HASHVALUE) (it's the hex representation of MD5);
  • Connect to the PostgreSQL interface of your Hockeypuck server;
    • psql hkp
    • Find the corresponding keys from their hash value;
    • select rfingerprint from keys where md5 in ('HASHVALUE');
    • This will return the corresponding fingerprints;
  • Then delete the associated sub-keys;