Skip to content

Instantly share code, notes, and snippets.

View infosanity's full-sized avatar

Andrew Waite infosanity

11 followers · 3 following
  • InfoSanity
  • NorthEast UK
View GitHub Profile
@Neo23x0
Neo23x0 / log4j_rce_detection.md
Last active January 28, 2024 08:19
Log4j RCE CVE-2021-44228 Exploitation Detection

log4j RCE Exploitation Detection

You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228

Grep / Zgrep

This command searches for exploitation attempts in uncompressed files in folder /var/log and all sub folders

sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log
@nadouani
nadouani / application.conf
Last active September 21, 2022 12:41
Run TheHive 4.0 using docker, a local file storage and a berkleydb for persistence
play.http.secret.key="ThehiveTestPassword"
## For test only !
db.janusgraph {
storage.backend: berkeleyje
storage.directory: /tmp/
berkeleyje.freeDisk: 200
}
storage {
@mda590
mda590 / boto3_listinstances_example.py
Last active April 30, 2024 05:07
Example using boto3 to list running EC2 instances
import boto3
ec2 = boto3.resource('ec2')
def lambda_handler(event, context):
# create filter for instances in running state
filters = [
{
'Name': 'instance-state-name',
'Values': ['running']
@btoews
btoews / merger.py
Created May 17, 2012 16:55
Merging Nessus Files
# file: merger.py
# based off: http://cmikavac.net/2011/07/09/merging-multiple-nessus-scans-python-script/
# by: mastahyeti
import xml.etree.ElementTree as etree
import shutil
import os
first = 1
for fileName in os.listdir("."):