BlueT - Matthew Lien - 練喆明 bluet

## 20211210-TLP-WHITE_LOG4J.md

      
              1 file
            
          
              94 forks
            
          
              765 comments
            
          
              1091 stars
            
          
                SwitHak
                / 20211210-TLP-WHITE_LOG4J.md
            
            
              Last active
              May 4, 2024 18:20
            
              
                BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-20 2238 UTC
              
          
    Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)
Errors, typos, something to say ?


If you want to add a link, comment or send it to me
Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources


Royce Williams list sorted by vendors responses Royce List
Very detailed list NCSC-NL
The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List


## How to setup a practically free CDN using Backblaze B2 and Cloudflare.md

      
              1 file
            
          
              57 forks
            
          
              16 comments
            
          
              846 stars
            
          
                charlesroper
                / How to setup a practically free CDN using Backblaze B2 and Cloudflare.md
            
            
              Last active
              May 4, 2024 15:49
            
              
                How to setup a practically free CDN
              
          
    How to setup a practically free CDN using Backblaze B2 and Cloudflare


⚠️ Note 2023-01-21

Some things have changed since I originally wrote this in 2016. I have updated a few minor details, and the advice is still broadly the same, but there are some new Cloudflare features you can (and should) take advantage of. In particular, pay attention to Trevor Stevens' comment here from 22 January 2022, and Matt Stenson's useful caching advice. In addition, Backblaze, with whom Cloudflare are a Bandwidth Alliance partner, have published their own guide detailing how to use Cloudflare's Web Workers to cache content from B2 private buckets. That is worth reading,


## irc.md

      
              1 file
            
          
              112 forks
            
          
              33 comments
            
          
              466 stars
            
          
                xero
                / irc.md
            
            
              Last active
              May 3, 2024 23:19
            
              
                irc cheat sheet
              
          
    IRC Reference

Not intended as a guide for newbies, more like a "cheat sheet" for the somewhat experienced IRC user, especially one who wields some power over a channel.
The Basics


/join #channel

Joins the specified channel.


/part #channel
Leaves the specified channel.


## postgres_queries_and_commands.sql
-- show running queries (pre 9.2)
SELECT procpid, age(clock_timestamp(), query_start), usename, current_query
FROM pg_stat_activity
WHERE current_query != '<IDLE>' AND current_query NOT ILIKE '%pg_stat_activity%'
ORDER BY query_start desc;

-- show running queries (9.2)
SELECT pid, age(clock_timestamp(), query_start), usename, query
FROM pg_stat_activity
WHERE query != '<IDLE>' AND query NOT ILIKE '%pg_stat_activity%'

## honeypot_counts.txt
204 	password
193 	123456
144 	admin
125 	support
116 	123
114 	1234
105 	default
99 	12345
97 	1
84 	ubnt

## log4j_exploitation_attempts_crowdsec.md

      
              1 file
            
          
              8 forks
            
          
              30 comments
            
          
              87 stars
            
          
                blotus
                / log4j_exploitation_attempts_crowdsec.md
            
            
              Last active
              December 29, 2023 12:24
            
              
                IPs exploiting the log4j2 CVE-2021-44228 detected by the crowdsec community
              
          
    This list is no longer updated, thus the information is no longer reliable.
You can see the latest version (from october 2022) here

  
## limit_file_size_upload.ts
import { GetSignedUrlConfig, Storage } from '@google-cloud/storage'

const storage = new Storage()

//  this comes from the front end
const input = {
  contentType: 'application/jpeg',
  contentLength: 10000 // size in bytes
}

## 100_base.conf
# using such a setup requires `apt-get install lua-nginx-redis` under Ubuntu Trusty
# more info @ http://wiki.nginx.org/HttpLuaModule#access_by_lua

http {
  lua_package_path "/etc/nginx/include.d/?.lua;;";
  lua_socket_pool_size 100;
  lua_socket_connect_timeout 10ms;
  lua_socket_read_timeout 10ms;

  server {

## app.js
// In JavaScript, constructors can only be synchronous right now. This makes sense
// from the point of view that a constructor is a function that returns a newly
// initialized object.
//
// On the other hand, it would sometimes be very handy, if one could have async
// constructors, e.g. when a class represents a database connection, and it is
// desired to establish the connection when you create a new instance.
//
// I know that there have been discussions on this on StackOverflow & co., but
// the so-far mentioned counter arguments (such as: doesn't work as expected

## cloudflare-workers-apilityio.js
addEventListener('fetch', event => {
  event.respondWith(fetchAndCheckOrigin(event.request))
})

async function fetchAndCheckOrigin(req) {
  try {
    startTime = new Date();
    const body = await req.body;
    const ip = req.headers.get('cf-connecting-ip');
    const es = req.headers.get('cf-ipcountry');
	-- show running queries (pre 9.2)
	SELECT procpid, age(clock_timestamp(), query_start), usename, current_query
	FROM pg_stat_activity
	WHERE current_query != '<IDLE>' AND current_query NOT ILIKE '%pg_stat_activity%'
	ORDER BY query_start desc;

	-- show running queries (9.2)
	SELECT pid, age(clock_timestamp(), query_start), usename, query
	FROM pg_stat_activity
	WHERE query != '<IDLE>' AND query NOT ILIKE '%pg_stat_activity%'
	204 password
	193 123456
	144 admin
	125 support
	116 123
	114 1234
	105 default
	99 12345
	97 1
	84 ubnt
	import { GetSignedUrlConfig, Storage } from '@google-cloud/storage'

	const storage = new Storage()

	// this comes from the front end
	const input = {
	contentType: 'application/jpeg',
	contentLength: 10000 // size in bytes
	}
	# using such a setup requires `apt-get install lua-nginx-redis` under Ubuntu Trusty
	# more info @ http://wiki.nginx.org/HttpLuaModule#access_by_lua

	http {
	lua_package_path "/etc/nginx/include.d/?.lua;;";
	lua_socket_pool_size 100;
	lua_socket_connect_timeout 10ms;
	lua_socket_read_timeout 10ms;

	server {
	// In JavaScript, constructors can only be synchronous right now. This makes sense
	// from the point of view that a constructor is a function that returns a newly
	// initialized object.
	//
	// On the other hand, it would sometimes be very handy, if one could have async
	// constructors, e.g. when a class represents a database connection, and it is
	// desired to establish the connection when you create a new instance.
	//
	// I know that there have been discussions on this on StackOverflow & co., but
	// the so-far mentioned counter arguments (such as: doesn't work as expected
	addEventListener('fetch', event => {
	event.respondWith(fetchAndCheckOrigin(event.request))
	})

	async function fetchAndCheckOrigin(req) {
	try {
	startTime = new Date();
	const body = await req.body;
	const ip = req.headers.get('cf-connecting-ip');
	const es = req.headers.get('cf-ipcountry');