Skip to content

Instantly share code, notes, and snippets.

View adulau's full-sized avatar
👨‍💻
Doing stuff

Alexandre Dulaunoy adulau

👨‍💻
Doing stuff
View GitHub Profile
@adulau
adulau / malicious-captcha.md
Last active September 26, 2024 07:19
Malicious captcha for Windows user

Email received

Hey there!

We have detected a security vulnerability in your repository. Please contact us at https://github-scanner.com to get more information on how to fix this issue.

Best regards,
Github Security Team
@adulau
adulau / http2-rapid-reset-ddos-attack.md
Last active September 12, 2024 14:29
HTTP/2 Rapid Reset DDoS Attack

Introduction

This Gist aims to centralise the most relevant public sources of information related to the HTTP/2 Rapid Reset vulnerability. This vulnerability has been disclosed jointly by Google, Amazon AWS, and Cloudflare on 10 October 2023 at 12:00 UTC.

Please help us make this page as comprehensive as possible by contributing relevant references, vendor advisories and statements, mitigations, etc.

References

@adulau
adulau / typosquatting.json
Created July 11, 2023 07:43
typo-squatting ukrainianworldcongress.org
{
"addDynamicDns": [
{
"ukrainianworldcongress_org.clickip.de": {
"A": [
"85.215.86.53"
],
"MX": [
"100 relay.rzone.de",
"20 clickip.de"
@adulau
adulau / ms_threat_actor_taxonomy_to_misp_format.py
Last active April 20, 2023 15:05 — forked from botlabsDev/ms_threat_actor_taxonomy_to_misp_format.py
Microsoft threat actory taxonomy to misp format converter
import uuid
from pprint import pprint
import json
import requests
# https://learn.microsoft.com/en-us/microsoft-365/security/intelligence/microsoft-threat-actor-naming?view=o365-worldwide
# https://www.microsoft.com/en-us/security/blog/2023/04/18/microsoft-shifts-to-a-new-threat-actor-naming-taxonomy/
@adulau
adulau / bts-misp.md
Last active January 27, 2023 08:37
BTS MISP

BTS - MISP and Threat Intelligence Introduction

From 9:30 to 12:00 CET (a small break is foreseen)

Short url: https://tinyurl.com/BTS-MISP2

Agenda

  • MISP Introduction and history
  • MISP data model
@adulau
adulau / time-to-query-api-nvd.md
Created January 1, 2023 10:34
Time to query the API v2.0 of NVD NIST

Getting CPEs

adulau@maurer:~$ curl -w "@curl-format.txt" -o /dev/null -s "https://services.nvd.nist.gov/rest/json/cpes/2.0/?resultsPerPage=20&startIndex=0"
     time_namelookup:  0,120529s
        time_connect:  0,225630s
     time_appconnect:  0,386989s
    time_pretransfer:  0,387033s
       time_redirect:  0,000000s
 time_starttransfer: 5,810461s
\documentclass[a4paper]{article}
\pagestyle{plain}
\usepackage{calc}
\usepackage[top=0.25in,bottom=0.75in,left=0.5in,right=0.5in]{geometry}
\usepackage{tikz}
\newlength{\wholeboxwd}
\setlength{\wholeboxwd}{0.99\textwidth}
\newlength{\wholeboxht}
\setlength{\wholeboxht}{0.95\textheight}

Keybase proof

I hereby claim:

  • I am adulau on github.
  • I am adulau (https://keybase.io/adulau) on keybase.
  • I have a public key whose fingerprint is 6BB5 6353 1D99 F112 4C00 8C4F 815D 4786 1ECB 73D5

To claim this, I am signing this object:

{
"identity": "recursive-5003",
"qname": "www.aboil.info.",
"rrtype": "A",
"query-ip": "127.0.0.1",
"query-port": 34882,
"response-ip": "127.0.0.1",
"response-port": 5003,
"latency": 0.027,
"message": "CLIENT_RESPONSE",
@adulau
adulau / commoncrawl.md
Created June 25, 2022 13:33
Notes for commoncrawl