avicoder avicoder

## 20211210-TLP-WHITE_LOG4J.md

      
              1 file
            
          
              94 forks
            
          
              764 comments
            
          
              1091 stars
            
          
                SwitHak
                / 20211210-TLP-WHITE_LOG4J.md
            
            
              Last active
              April 26, 2024 07:30
            
              
                BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-20 2238 UTC
              
          
    Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)
Errors, typos, something to say ?


If you want to add a link, comment or send it to me
Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources


Royce Williams list sorted by vendors responses Royce List
Very detailed list NCSC-NL
The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List


## WebSockets.md

      
              1 file
            
          
              32 forks
            
          
              17 comments
            
          
              210 stars
            
          
                subudeepak
                / WebSockets.md
            
            
              Last active
              November 2, 2022 00:04
            
              
                The problems and some security implications of websockets - Cross-site WebSockets Scripting (XSWS)
              
          
    WebSockets - An Introduction

WebSockets is a modern HTML5 standard which makes communication between client and server a lot more simpler than ever. We are all familiar with the technology of sockets. Sockets have been fundamental to network communication for a long time but usually the communication over the browser has been restricted. The general restrictions

The server used to have a permanent listener while the client (aka browser) was not designated any fixed listener for a more long term connection. Hence, every communication was restricted to the client demanding and the server responding.
This meant that unless the client requested for a particular resource, the server was unable to push such a resource to the client.
This was detrimental since the client is then forced to check with the server at regular intervals. This meant a lot of libraries focused on optimizing asynchronous calls and identifying the response of asynchronous calls. Notably t


## sre_task.md

      
              1 file
            
          
              1 fork
            
          
              1 comment
            
          
              1 star
            
          
                yjwong
                / sre_task.md
            
            
              Last active
              January 5, 2022 11:08
            
          
    Cold Storage Group Ordering

Cold Storage is a popular supermarket chain in
Singapore. As part of an employee benefit, Glints employees located in
Singapore are given a fixed weekly office budget to purchase groceries to fill
the office pantry. Unfortunately, the Cold Storage website does not have a
group ordering function, which makes collating the list of items to buy a
hassle.
To solve this problem, you proposed creating a service that everyone in the

  
## pre-commit
#!/usr/bin/env bash

# Install globally using https://coderwall.com/p/jp7d5q/create-a-global-git-commit-hook
# The checks are simple and can give false positives. Amend the hook in the specific repository.

if git rev-parse --verify HEAD >/dev/null 2>&1
then
    against=HEAD
else
    # Initial commit: diff against an empty tree object
	#!/usr/bin/env bash

	# Install globally using https://coderwall.com/p/jp7d5q/create-a-global-git-commit-hook
	# The checks are simple and can give false positives. Amend the hook in the specific repository.

	if git rev-parse --verify HEAD >/dev/null 2>&1
	then
	against=HEAD
	else
	# Initial commit: diff against an empty tree object