Skip to content

Instantly share code, notes, and snippets.


Royce Williams roycewilliams

View GitHub Profile
akhepcat / reneg@.service
Created Jul 20, 2022
quick network interface renegotiation script and helper
View reneg@.service
# Install in /etc/systemd/system
# enable as 'reneg@eth0.service' or other interface(s)
Description=ethtool configuration to enable 2500mbps speed for the specified card
ExecStart=/usr/local/sbin/renegotiate-eth %i
View webmaster_www_sec_gov.key
# Originator-Name:
# Originator-Key-Asymmetric: MFgwCgYEVQgBAQICAf8DSgAwRwJAW2sNKK9AVtBzYZmr6aGjlWyK3XmZv3dTINenTWSM7vrzLADbmYQaionwg5sDW3P6oaM5D3tdezXMm7z1T+B+twIDAQAB
atoponce /
Last active May 26, 2022
Commandline password managers for Unix-like operating systems

Must be updated within the past two years (May 2020) to be on this list. Listed in alphabetical order:

  • 1Password CLI1 and CLI2
    • Written by the 1Password team.
    • Written in Go using the Cobra library.
    • CLI2 has new sub-command syntax that differs from CLI1.
    • JSON output is difficult to work with.
    • Requires 1Password account.
    • Proprietary software.
  • bw
ryancdotorg / allsum.c
Created Apr 11, 2022
simple command line tool to hash a file with every digest algorithm openssl supports
View allsum.c
// cc -O2 -Wall -Wextra -pedantic allsum.c -lcrypto -o allsum
#define _GNU_SOURCE
#include <stdint.h>
#include <stdbool.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <errno.h>
#include <stdio.h>
#include <ctype.h>
View keystrokes.html
<!DOCTYPE html>
<html lang="en">
<title>Keystroke Analysis</title>
<meta charset="utf-8">
#intro {
font-size: large;
View collect-entropy.zsh
collect-entropy () {
zmodload zsh/mathfunc
local wordlist=($(grep -P '^[aoeuidhtns]{3,}$' /usr/share/dict/words))
local length=${#wordlist[@]}
local min=$(( 65536 % $length ))
local wordcount=$(( int(ceil(512/log2($length))) ))
local words=()
for ((i=1; i<=${wordcount}; i++ )) do
local rand=$(( 0x$(xxd -ps -l 2 /dev/urandom) ))
until [[ $rand -ge $min ]]
akhepcat / pkexec
Created Jan 26, 2022
replacement pkexec wrapper to log pkexec attempts
View pkexec
# Don't forget to mv /usr/bin/pkexec /usr/bin/pkexec.bin; chmod 0 /usr/bin/pkexec.bin; before using this
SYSLOG=localhost #change to a remote collector if you have one
cmdline=$(tr '\0' ' ' </proc/$PPID/cmdline | tr -dc '[:print:]')
logger --priority auth.alert -n ${SYSLOG} -t "${PROG}-watch" "called by $USER, PID=$PID, Parent=$PPID, cmdline=[${cmdline}]"
SwitHak /
Last active Aug 5, 2022
BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-20 2238 UTC

Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)

Errors, typos, something to say ?

  • If you want to add a link, comment or send it to me
  • Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources

  • Royce Williams list sorted by vendors responses Royce List
  • Very detailed list NCSC-NL
  • The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List
noperator /
Last active Dec 29, 2021
Emerging threat details on CVE-2021-44228 in Apache Log4j

Update: Please see Bishop Fox's rapid response post Log4j Vulnerability: Impact Analysis for latest updates about this vulnerability.

Technologies using Apache Log4j

The Cosmos 🌌 team at Bishop Fox 🦊 is currently researching open-source projects that appear to use Log4j by default.

  • Apache Druid
  • Apache Dubbo
  • Apache Flink
  • Apache Flume
gnremy / CVE-2021-44228_IPs.csv
Last active Mar 23, 2022
CVE-2021-44228 Apache Log4j RCE Attempts Dec 20th 9:27PM ET
View CVE-2021-44228_IPs.csv
ip tag_name Apache Log4j RCE Attempt Apache Log4j RCE Attempt Apache Log4j RCE Attempt Apache Log4j RCE Attempt Apache Log4j RCE Attempt Apache Log4j RCE Attempt Apache Log4j RCE Attempt Apache Log4j RCE Attempt Apache Log4j RCE Attempt