Skip to content

Instantly share code, notes, and snippets.

View 2001db8's full-sized avatar

Jens 2001db8

7 followers · 10 following
  • Wuerzburg, Germany
View GitHub Profile
@thesamesam
thesamesam / xz-backdoor.md
Last active May 4, 2024 09:26
xz-utils backdoor situation (CVE-2024-3094)

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

Background

On March 29th, 2024, a backdoor was discovered in xz-utils, a suite of software that

@legowerewolf
legowerewolf / readme.md
Last active April 7, 2024 02:13
Tailscale on Steam Deck
@Neo23x0
Neo23x0 / log4j_rce_detection.md
Last active January 28, 2024 08:19
Log4j RCE CVE-2021-44228 Exploitation Detection

log4j RCE Exploitation Detection

You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228

Grep / Zgrep

This command searches for exploitation attempts in uncompressed files in folder /var/log and all sub folders

sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log
@tomdaley92
tomdaley92 / README.md
Last active April 28, 2024 18:22
Proxmox - Email Alerts Setup (gmail)

Proxmox - Email Alerts Setup (gmail)

  1. SSH into proxmox node and become root user. Run the following commands to download extra software dependencies we'll need.

    apt update
apt install -y libsasl2-modules mailutils

  2. Enable 2FA for the gmail account that will be used by going to security settings

@liclac
liclac / de_ice.fish
Created December 31, 2019 15:23
set -l data_status (curl -s https://iceportal.de/api1/rs/status)
set -l data_trip (curl -s https://iceportal.de/api1/rs/tripInfo/trip)
# next stop
echo  (echo $data_trip | jq -r '([ .trip.stops[] | select(.info.passed==false) ]
| first).station.name')
# train number
echo  (echo $data_trip | jq -r '"\(.trip.trainType)-\(.trip.vzn)"')
# speed
echo speed (echo $data_status | jq -r '"\(.speed) km/h"')
@Neo23x0
Neo23x0 / Base64_CheatSheet.md
Last active March 10, 2024 09:15
Learning Aid - Top Base64 Encodings Table

Base64 Patterns - Learning Aid

Base64 Code Mnemonic Aid Decoded* Description
JAB 🗣 Jabber $. Variable declaration (UTF-16), e.g. JABlAG4AdgA for $env:
TVq 📺 Television MZ MZ header
SUVY 🚙 SUV IEX PowerShell Invoke Expression
SQBFAF 🐣 Squab favorite I.E. PowerShell Invoke Expression (UTF-16)
SQBuAH 🐣 Squab uahhh I.n. PowerShell Invoke string (UTF-16) e.g. Invoke-Mimikatz
PAA 💪 "Pah!" <. Often used by Emotet (UTF-16)
@azet
azet / psql_internals_cheatsheet.sql
Last active March 5, 2021 14:57
PostgreSQL internals SQL collection
# long running queries:
SELECT
pid,
now() - pg_stat_activity.query_start AS duration,
query,
state
FROM pg_stat_activity
WHERE (now() - pg_stat_activity.query_start) > interval '5 minutes';
## active queries and killing them:
@TarlogicSecurity
TarlogicSecurity / kerberos_attacks_cheatsheet.md
Created May 14, 2019 13:33
A cheatsheet with commands that can be used to perform kerberos attacks

Kerberos cheatsheet

Bruteforcing

With kerbrute.py:

python kerbrute.py -domain <domain_name> -users <users_file> -passwords <passwords_file> -outputfile <output_file>

With Rubeus version with brute module:

@Krazybug
Krazybug / calisuck.py
Last active February 17, 2024 23:24
#!/usr/bin/env python3
'''
calisuck: index, filter-out smartly and download ebooks from Calibre open directories
Installation:
You need python 3.5 installed
Download the file as a zip and unzip-it and get into the dir
@Krazybug
Krazybug / omercy.py
Last active February 27, 2023 14:19
O'Reilly free ebooks downloader
'''
O'Meirrcy !!!! Download free ebooks from O'Reilly
Usage:
> git clone https://gist.github.com/Krazybug/1ae50814d25b0a1d862dfdf7161ee503
> mv 1ae50814d25b0a1d862dfdf7161ee503 omercy
> cd omercy
> pip install requests
> pip install bs4
> python omercy.py