This list is no longer updated, thus the information is no longer reliable.
You can see the latest version (from october 2022) here
#!/bin/zsh | |
: ' | |
You need a personal access token for GitHub to avoid hitting the rate limit. Refer to the docs: | |
https://docs.github.com/en/rest/guides/getting-started-with-the-rest-api | |
https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token | |
' | |
APPLE_OSS_DIR="all_apple_oss_archives" | |
APPLE_OSS_REPO_FILE="all_apple_oss_repo_names.txt" |
This list is no longer updated, thus the information is no longer reliable.
You can see the latest version (from october 2022) here
#Usage: | |
# | |
#NOTE: The script expects an argument which is the full File Path of the EVTX file. | |
# | |
#C:\>ExtractAllScripts.ps1 | |
#The default behavior of the script is to assimilate and extract every script/command to disk. | |
# | |
#C:\ExtractAllScripts -List | |
#This will only list Script Block IDs with associated Script Names(if logged.) | |
# |
Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)
You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228
This command searches for exploitation attempts in uncompressed files in folder /var/log
and all sub folders
sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log
Windows Registry Editor Version 5.00 | |
[HKEY_CURRENT_USER\Software\Classes\ms-appinstaller] | |
"URL Protocol"=- |
sequence by host.id with maxspan=1s | |
[process where event.action : "creation_event" and | |
process.parent.name : ("winword.exe", "excel.exe", "powerpnt.exe") and | |
not (process.executable : ("?:\\Windows\\System32\\WerFault.exe", "?:\\WINDOWS\\splwow64.exe") and | |
process.args_count >= 2) | |
] by process.parent.entity_id | |
[process where event.action : "termination_event" and | |
process.name : ("winword.exe", "excel.exe", "powerpnt.exe") and | |
process.parent.name : ("winword.exe", "excel.exe", "powerpnt.exe", "explorer.exe", "outlook.exe", "thunderbird.exe") | |
] by process.entity_id |
use std::net::ToSocketAddrs; | |
use std::sync::mpsc::channel; | |
fn main() { | |
std::env::set_var("LOCALDOMAIN", "1"); | |
let mut threads = vec![]; | |
let (tx, rx) = channel(); |
import tensorflow as tf #We need tensorflow 2.x | |
import numpy as np | |
#The hashlength in bits | |
hashLength = 256 | |
def buildModel(): | |
#we can set the seed to simulate the fact that this network is known and doesn't change between runs | |
#tf.random.set_seed(42) | |
model = tf.keras.Sequential() |