gnremy

Neo23x0

log4j RCE Exploitation Detection

You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228

Grep / Zgrep

This command searches for exploitation attempts in uncompressed files in folder /var/log and all sub folders

sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log

alexandersix

#!/bin/bash

# Brew Packages List
UTILITIES=(
    alfred          # macOS Spotlight alternative
    amethyst        # Tiling window manager for macOS (xmonad-inspired)
    bartender       # Menu bar icon manager
    coreutils       # GNU Core Utilities
    docker          # Containerization
    exa             # A Rust-based ls alternative

peterclemenko

Set-ExecutionPolicy Bypass -Scope Process -Force; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))
choco upgrade all -y
choco install keepass -y
choco install keepass-plugin-keeagent -y
choco install ghidra -y
choco install eclipse-java-oxygen -y
choco install packer -y
choco install vagrant -y
choco install paint.net -y
winget install --id LMMS.LMMS -e --accept-package-agreements --accept-source-agreements --silent

sbailliez

Vagrant and VMWare Tech Preview 21H1 on Apple M1 Pro

UPDATE November 20, 2022: VMWare Fusion 13

VMWare Fusion 13 is now released. Read Vagrant and VMWare Fusion 13 Player on Apple M1 Pro for the latest.

Summary

This document summarizes notes taken while to make the VMWare Tech preview work on Apple M1 Pro, it originated

chrdek

<# 
 # 
 # Initial login flow for website image to be generated
 #   ->Open main website
 #     -> Open login form
 #        -> login to website main part, click on a 'specific' button
 #           -> take screenshot of whole website part, logout and close browser window.
 #
 # NOTE: screenshot is watermarked with a timestamp (time/date) and an MD5 digest
 # 

zhiyuan-lin

# You need to run these in a Admin PowerShell under Windows 11
Add-DnsClientDohServerAddress -ServerAddress '94.140.14.14' -DohTemplate 'https://dns.adguard.com/dns-query' -AllowFallbackToUdp $False -AutoUpgrade $True
Add-DnsClientDohServerAddress -ServerAddress '94.140.15.15' -DohTemplate 'https://dns.adguard.com/dns-query' -AllowFallbackToUdp $False -AutoUpgrade $True
Add-DnsClientDohServerAddress -ServerAddress '2a10:50c0::ad1:ff' -DohTemplate 'https://dns.adguard.com/dns-query' -AllowFallbackToUdp $False -AutoUpgrade $True
Add-DnsClientDohServerAddress -ServerAddress '2a10:50c0::ad2:ff' -DohTemplate 'https://dns.adguard.com/dns-query' -AllowFallbackToUdp $False -AutoUpgrade $True
# Confirm that the records have been added
Get-DnsClientDohServerAddress

adulau

---

title: "Hashlookup service - how to improve your digital forensic investigations" author: "Alexandre Dulaunoy" institute: "CIRCL" theme: "Frankfurt" colortheme: "beaver" fonttheme: "professionalfonts" mainfont: "Hack Nerd Font" fontsize: 10pt urlcolor: red

tothi

# MINIMAL USB gadget setup using CONFIGFS for simulating Razer Gaming HID
# devices for triggering the vulnerable Windows Driver installer
# credits for the Windows Driver install vuln: @j0nh4t
#
# https://twitter.com/j0nh4t/status/1429049506021138437
# https://twitter.com/an0n_r0/status/1429263450748895236
#

# the script was developed & tested on Android LineageOS 18.1

ACK-J

#!/bin/bash
# System Updates
sudo apt-get update -y
sudo apt-get full-upgrade --fix-missing -y
sudo apt-get autoremove -y
#sudo parrot-upgrade

# Alias to Fix Virtual Box issues
# alias FixVM="killall /usr/bin/VBoxClient 2> /dev/null; /usr/bin/VBoxClient --clipboard && /usr/bin/VBoxClient --seamless && /usr/bin/VBoxClient --vmsvga && /usr/bin/VBoxClient --draganddrop && /usr/bin/VBoxClient --checkhostversion"