Skip to content

Instantly share code, notes, and snippets.

View RC1140's full-sized avatar
🎿
NOP Sledding

Jameel RC1140

🎿
NOP Sledding
View GitHub Profile
@Neo23x0
Neo23x0 / log4j_rce_detection.md
Last active September 11, 2024 21:41
Log4j RCE CVE-2021-44228 Exploitation Detection

log4j RCE Exploitation Detection

You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228

Grep / Zgrep

This command searches for exploitation attempts in uncompressed files in folder /var/log and all sub folders

sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log
@svch0stz
svch0stz / defenderwatch.ps1
Last active November 18, 2022 01:03
WMI Watcher for Windows Defender RealtimeMonitoring
$WMI = @{
Query = "SELECT * FROM __InstanceModificationEvent WITHIN 5 WHERE TargetInstance ISA 'MSFT_MpPreference' AND TargetInstance.DisableRealtimeMonitoring=True"
Action = {
#$Global:Data = $Event
Write-Host "Defender Configuration change - DisableRealtimeMonitoring:"$Event.SourceEventArgs.NewEvent.TargetInstance.DisableRealtimeMonitoring"(Old Value:"$Event.SourceEventArgs.NewEvent.PreviousInstance.DisableRealtimeMonitoring")"
}
Namespace = 'root\microsoft\windows\defender'
SourceIdentifier = "Defender.DisableRealtimeMonitoring"
}
$Null = Register-WMIEvent @WMI
@afdalwahyu
afdalwahyu / main.go
Last active October 16, 2024 12:31
golang dynamic port forward ssh socks5 tunnel
package main
import (
"context"
"fmt"
"net"
"os"
"os/signal"
"syscall"
<manifest schemaversion="4.0" binaryversion="1.01">
<configuration>
<options>
<!-- Command-line only options -->
<option switch="i" name="Install" argument="optional" noconfig="true" exclusive="true" />
<option switch="c" name="Configuration" argument="optional" noconfig="true" exclusive="true" />
<option switch="u" name="UnInstall" argument="none" noconfig="true" exclusive="true" />
<option switch="m" name="Manifest" argument="none" noconfig="true" exclusive="true" />
<option switch="t" name="DebugMode" argument="none" noconfig="true" />
<option switch="s" name="PrintSchema" argument="optional" noconfig="true" exclusive="true" />
@mackwage
mackwage / windows_hardening.cmd
Last active November 9, 2024 14:22
Script to perform some hardening of Windows OS
:: Windows 10 Hardening Script
:: This is based mostly on my own personal research and testing. My objective is to secure/harden Windows 10 as much as possible while not impacting usability at all. (Think being able to run on this computer's of family members so secure them but not increase the chances of them having to call you to troubleshoot something related to it later on). References for virtually all settings can be found at the bottom. Just before the references section, you will always find several security settings commented out as they could lead to compatibility issues in common consumer setups but they're worth considering.
:: Obligatory 'views are my own'. :)
:: Thank you @jaredhaight for the Win Firewall config recommendations!
:: Thank you @ricardojba for the DLL Safe Order Search reg key!
:: Thank you @jessicaknotts for the help on testing Exploit Guard configs and checking privacy settings!
:: Best script I've found for Debloating Windows 10: https://github.com/Sycnex/Windows10Debloater
:
@dekobon
dekobon / Getting Started with the JDK on SmartOS.md
Last active September 26, 2018 17:20
Installing Java 8 on SmartOS

Installing the Oracle Java 8 JDK on SmartOS

  1. Go to: http://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html
  2. Download the "Solaris x64 XX.X MB jdk-8u66-solaris-x64.tar.gz" tarball from the Oracle Java SE site. You won't be able to paste the URL into curl on your SmartOS instance unless you click it first to get the authentication parameter. Regardless, get the tarball any way that you prefer and copy it onto your SmartOS instance.
  3. Extract the tarball and copy it to the location of your choosing.
  4. Globally set the value of the environment variable JAVA_HOME to the path of the JVM.
  5. Update your PATH to include the Java bin directory by setting it to PATH=$PATH:$JAVA_HOME/bin
@johanndt
johanndt / upgrade-postgres-9.3-to-9.5.md
Last active July 27, 2024 16:49 — forked from dideler/upgrade-postgres-9.3-to-9.4.md
Upgrading PostgreSQL from 9.3 to 9.5 on Ubuntu

TL;DR

Install Postgres 9.5, and then:

sudo pg_dropcluster 9.5 main --stop
sudo pg_upgradecluster 9.3 main
sudo pg_dropcluster 9.3 main
@koreno
koreno / README.md
Last active April 1, 2020 10:44
'rebaser' improves on 'git rebase -i' by adding information per commit regarding which files it touched.

Prebase

git-prebase improves on 'git rebase -i' by adding information per commit regarding which files it touched.

  • Each file gets an alpha-numeric identifier at a particular column, a list of which appears below the commit list. (The identifiers wrap around after the 62nd file)
  • Commits can be moved up and down safely (without conflicts) as long as their columns don't clash (they did not touch the same file).

Installation

Add the executable to your path and git will automatically expose it as

@denji
denji / golang-tls.md
Last active November 7, 2024 05:58 — forked from spikebike/client.go
Simple Golang HTTPS/TLS Examples
Generate private key (.key)
# Key considerations for algorithm "RSA" ≥ 2048-bit
openssl genrsa -out server.key 2048

# Key considerations for algorithm "ECDSA" ≥ secp384r1
# List ECDSA the supported curves (openssl ecparam -list_curves)
/*
* Qualys test program to check for presence of GHOST vulnerability
* For more info: http://www.openwall.com/lists/oss-security/2015/01/27/9
*/
#include <netdb.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>