| import { middleware as whitelistMiddleware } from './utils/introspecton-whitelist'; | |
| import { whitelist as introspectionWhitelist } from './utils/introspecton-whitelist/whitelist'; | |
| // Your express app | |
| // Whitelist GraphQL introspection responses | |
| app.use(whitelistMiddleware(introspectionWhitelist)); | |
| // Apollo middleware must be below whitelisting middleware |
You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228
This command searches for exploitation attempts in uncompressed files in folder /var/log and all sub folders
sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log
| if ($request_uri = /) { | |
| set $test A; | |
| } | |
| if ($host ~* teambox.com) { | |
| set $test "${test}B"; | |
| } | |
| if ($http_cookie !~* "auth_token") { | |
| set $test "${test}C"; |
| #user nobody; | |
| worker_processes 1; | |
| #error_log logs/error.log; | |
| #error_log logs/error.log notice; | |
| #error_log logs/error.log info; | |
| pid /var/run/nginx.pid; | |
| events { |
Here is a list of scopes to use in Sublime Text 2/3 snippets -
ActionScript: source.actionscript.2
AppleScript: source.applescript
ASP: source.asp
Batch FIle: source.dosbatch
C#: source.cs
C++: source.c++
Clojure: source.clojure
| #!/bin/sh | |
| # Examples: | |
| # ./image64.sh myImage.png | |
| # outputs: data:image/png;base64,xxxxx | |
| # ./image64.sh myImage.png -img | |
| # outputs: <img src="data:image/png;base64,xxxxx"> | |
| filename=$(basename $1) | |
| xtype=${filename##*.} | |
| append="" |