Mohammed Le Doze mledoze

## 20211210-TLP-WHITE_LOG4J.md

      
              1 file
            
          
              94 forks
            
          
              765 comments
            
          
              1091 stars
            
          
                SwitHak
                / 20211210-TLP-WHITE_LOG4J.md
            
            
              Last active
              May 4, 2024 18:20
            
              
                BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-20 2238 UTC
              
          
    Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)
Errors, typos, something to say ?


If you want to add a link, comment or send it to me
Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources


Royce Williams list sorted by vendors responses Royce List
Very detailed list NCSC-NL
The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List


## minimal-serviceworker.js
// Licensed under a CC0 1.0 Universal (CC0 1.0) Public Domain Dedication
// http://creativecommons.org/publicdomain/zero/1.0/

// HTML files: try the network first, then the cache.
// Other files: try the cache first, then the network.
// Both: cache a fresh version if possible.
// (beware: the cache will grow and grow; there's no cleanup)

const cacheName = 'files';

## mysql_table_space.sql
/*
    USE IT WITH CAUTION (could overload and impact your production server...)
    Feel free to add your own suggestion

    Made for a MySQL 5.5 database
*/
-- Biggest db (full schema)
SELECT
	TABLE_SCHEMA,
	SUM(ROUND(DATA_LENGTH/1024/1024,2)) as data_length_mb,

## visualize-ms-arch-step-2.dot
digraph architecture {
  rankdir=LR;

  // Storage - #303F9F (dark blue)
  node[fillcolor="#303F9F" style="filled" fontcolor="white"];
  database[label="DB"]; cache[label="Redis"];

  // Client-side Apps - #FFEB3B (yellow)
  node[fillcolor="#FFEB3B" style="filled" fontcolor="black"];
  front_end[label="Front-end App"]; extension[label="Browser Extension"];

## System Design.md

      
              1 file
            
          
              2610 forks
            
          
              58 comments
            
          
              9400 stars
            
          
                vasanthk
                / System Design.md
            
            
              Last active
              May 5, 2024 14:23
            
              
                System Design Cheatsheet
              
          
    System Design Cheatsheet


Picking the right architecture = Picking the right battles + Managing trade-offs

Basic Steps


Clarify and agree on the scope of the system


User cases (description of sequences of events that, taken together, lead to a system doing something useful)

Who is going to use it?
How are they going to use it?


## bling.js
/* bling.js */

window.$ = document.querySelectorAll.bind(document);

Node.prototype.on = window.on = function (name, fn) {
  this.addEventListener(name, fn);
}

NodeList.prototype.__proto__ = Array.prototype;

## ssh-fingerprints.csv

          
            dc:14:de:8e:d7:c1:15:43:23:82:25:81:d2:59:e8:c0
            245272

            
              32:f9:38:a2:39:d0:c5:f5:ba:bd:b7:75:2b:00:f6:ab
              197846

            
              d0:db:8a:cb:74:c8:37:e4:9e:71:fc:7a:eb:d6:40:81
              152046

            
              34:47:0f:e9:1a:c2:eb:56:eb:cc:58:59:3a:02:80:b6
              140777

            
              df:17:d6:57:7a:37:00:7a:87:5e:4e:ed:2f:a3:d5:dd
              91904

            
              81:96:a6:8c:3a:75:f3:be:84:5e:cc:99:a7:ab:3e:d9
              80499

            
              7c:a8:25:21:13:a2:eb:00:a6:c1:76:ca:6b:48:6e:bf
              78172

            
              1c:1e:29:43:d2:0c:c1:75:40:05:30:03:d4:02:d7:9b
              71851

            
              8b:75:88:08:41:78:11:5b:49:68:11:42:64:12:6d:49
              70786

            
              c2:77:c8:c5:72:17:e2:5b:4f:a2:4e:e3:04:0c:35:c9
              68654

## remove-orphan-images.sh
#!/bin/bash

JQPATH=$(which jq)
if [ "x$JQPATH" == "x" ]; then
  echo "Couldn't find jq executable." 1>&2
  exit 2
fi

set -eu
shopt -s nullglob

## php_xxe_tester.php
<?php
// Extended tester from ezimuel (https://gist.github.com/ezimuel/9135151)
// The libxml entity loader is disabled by default
// even setting the libxml_disable_entity_loader to false doesn't works!
//
// @see http://uk3.php.net/manual/en/function.libxml-disable-entity-loader.php
// @see http://stackoverflow.com/a/10213239
// @see https://stackoverflow.com/questions/24117700

$dir = __DIR__;

## gulpfile.js
var gulp = require('gulp'),
    sass = require('gulp-ruby-sass'),
    autoprefixer = require('gulp-autoprefixer'),
    minifycss = require('gulp-minify-css'),
    jshint = require('gulp-jshint'),
    uglify = require('gulp-uglify'),
    rename = require('gulp-rename'),
    clean = require('gulp-clean'),
    concat = require('gulp-concat'),
    notify = require('gulp-notify'),
	// Licensed under a CC0 1.0 Universal (CC0 1.0) Public Domain Dedication
	// http://creativecommons.org/publicdomain/zero/1.0/

	// HTML files: try the network first, then the cache.
	// Other files: try the cache first, then the network.
	// Both: cache a fresh version if possible.
	// (beware: the cache will grow and grow; there's no cleanup)

	const cacheName = 'files';
	/*
	USE IT WITH CAUTION (could overload and impact your production server...)
	Feel free to add your own suggestion

	Made for a MySQL 5.5 database
	*/
	-- Biggest db (full schema)
	SELECT
	TABLE_SCHEMA,
	SUM(ROUND(DATA_LENGTH/1024/1024,2)) as data_length_mb,
	digraph architecture {
	rankdir=LR;

	// Storage - #303F9F (dark blue)
	node[fillcolor="#303F9F" style="filled" fontcolor="white"];
	database[label="DB"]; cache[label="Redis"];

	// Client-side Apps - #FFEB3B (yellow)
	node[fillcolor="#FFEB3B" style="filled" fontcolor="black"];
	front_end[label="Front-end App"]; extension[label="Browser Extension"];
	/* bling.js */

	window.$ = document.querySelectorAll.bind(document);

	Node.prototype.on = window.on = function (name, fn) {
	this.addEventListener(name, fn);
	}

	NodeList.prototype.__proto__ = Array.prototype;
	dc:14:de:8e:d7:c1:15:43:23:82:25:81:d2:59:e8:c0	245272
	32:f9:38:a2:39:d0:c5:f5:ba:bd:b7:75:2b:00:f6:ab	197846
	d0:db:8a:cb:74:c8:37:e4:9e:71:fc:7a:eb:d6:40:81	152046
	34:47:0f:e9:1a:c2:eb:56:eb:cc:58:59:3a:02:80:b6	140777
	df:17:d6:57:7a:37:00:7a:87:5e:4e:ed:2f:a3:d5:dd	91904
	81:96:a6:8c:3a:75:f3:be:84:5e:cc:99:a7:ab:3e:d9	80499
	7c:a8:25:21:13:a2:eb:00:a6:c1:76:ca:6b:48:6e:bf	78172
	1c:1e:29:43:d2:0c:c1:75:40:05:30:03:d4:02:d7:9b	71851
	8b:75:88:08:41:78:11:5b:49:68:11:42:64:12:6d:49	70786
	c2:77:c8:c5:72:17:e2:5b:4f:a2:4e:e3:04:0c:35:c9	68654
	<?php
	// Extended tester from ezimuel (https://gist.github.com/ezimuel/9135151)
	// The libxml entity loader is disabled by default
	// even setting the libxml_disable_entity_loader to false doesn't works!
	//
	// @see http://uk3.php.net/manual/en/function.libxml-disable-entity-loader.php
	// @see http://stackoverflow.com/a/10213239
	// @see https://stackoverflow.com/questions/24117700

	$dir = __DIR__;
	var gulp = require('gulp'),
	sass = require('gulp-ruby-sass'),
	autoprefixer = require('gulp-autoprefixer'),
	minifycss = require('gulp-minify-css'),
	jshint = require('gulp-jshint'),
	uglify = require('gulp-uglify'),
	rename = require('gulp-rename'),
	clean = require('gulp-clean'),
	concat = require('gulp-concat'),
	notify = require('gulp-notify'),