Skip to content

Instantly share code, notes, and snippets.

Avatar
🖖
hmm hmm hmm hmm hmm

avicoder avicoder

🖖
hmm hmm hmm hmm hmm
View GitHub Profile
@SwitHak
SwitHak / 20211210-TLP-WHITE_LOG4J.md
Last active Aug 5, 2022
BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-20 2238 UTC
View 20211210-TLP-WHITE_LOG4J.md

Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)

Errors, typos, something to say ?

  • If you want to add a link, comment or send it to me
  • Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources

  • Royce Williams list sorted by vendors responses Royce List
  • Very detailed list NCSC-NL
  • The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List
View sre_task.md

Cold Storage Group Ordering

Cold Storage is a popular supermarket chain in Singapore. As part of an employee benefit, Glints employees located in Singapore are given a fixed weekly office budget to purchase groceries to fill the office pantry. Unfortunately, the Cold Storage website does not have a group ordering function, which makes collating the list of items to buy a hassle.

To solve this problem, you proposed creating a service that everyone in the

@saliceti
saliceti / pre-commit
Last active Mar 12, 2021
Git pre-commit hook to check for AWS keys
View pre-commit
#!/usr/bin/env bash
# Install globally using https://coderwall.com/p/jp7d5q/create-a-global-git-commit-hook
# The checks are simple and can give false positives. Amend the hook in the specific repository.
if git rev-parse --verify HEAD >/dev/null 2>&1
then
against=HEAD
else
# Initial commit: diff against an empty tree object
@subudeepak
subudeepak / WebSockets.md
Last active Jun 4, 2022
The problems and some security implications of websockets - Cross-site WebSockets Scripting (XSWS)
View WebSockets.md

WebSockets - An Introduction

WebSockets is a modern HTML5 standard which makes communication between client and server a lot more simpler than ever. We are all familiar with the technology of sockets. Sockets have been fundamental to network communication for a long time but usually the communication over the browser has been restricted. The general restrictions

  • The server used to have a permanent listener while the client (aka browser) was not designated any fixed listener for a more long term connection. Hence, every communication was restricted to the client demanding and the server responding.
  • This meant that unless the client requested for a particular resource, the server was unable to push such a resource to the client.
  • This was detrimental since the client is then forced to check with the server at regular intervals. This meant a lot of libraries focused on optimizing asynchronous calls and identifying the response of asynchronous calls. Notably t