jondurbin

Details on how the airoboros-gpt4-2.0 dataset was created.

Script

https://github.com/jondurbin/airoboros

pip install --upgrade airoboros==2.0.13

Hellisotherpeople

You probably don't know how to do Prompt Engineering

(This post could also be titled "Features missing from most LLM front-ends that should exist")

Apologies for the snarky title, but there has been a huge amount of discussion around so called "Prompt Engineering" these past few months on all kinds of platforms. Much of it is coming from individuals who are peddling around an awful lot of "Prompting" and very little "Engineering".

Most of these discussions are little more than users finding that writing more creative and complicated prompts can help them solve a task that a more simple prompt was unable to help with. I claim this is not Prompt Engineering. This is not to say that crafting good prompts is not a difficult task, but it does not involve doing any kind of sophisticated modifications to general "template" of a prompt.

Others, who I think do deserve to call themselves "Prompt Engineers" (and an awful lot more than that), have been writing about and utilizing the rich new eco-system

SwitHak

Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)

Errors, typos, something to say ?

• If you want to add a link, comment or send it to me
• Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources

• Royce Williams list sorted by vendors responses Royce List
• Very detailed list NCSC-NL
• The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List

nathanqthai

Neo23x0

log4j RCE Exploitation Detection

You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228

Grep / Zgrep

This command searches for exploitation attempts in uncompressed files in folder /var/log and all sub folders

sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log

Neo23x0

import hashlib
import re

def calculate_rule_hash(rule):
    """
    Calculates a hash over the relevant YARA rule content (string contents, sorted condition)
    Requires a YARA rule object as generated by 'plyara': https://github.com/plyara/plyara
    :param rule: yara rule object
    :return hash: generated hash
    """

Neo23x0

# ################################################################################
# IMPORTANT NOTE
# The most recent version of this POC rule can now be found in the main repository 
# https://github.com/Neo23x0/sigma/blob/master/other/godmode_sigma_rule.yml
# ################################################################################
#    _____        __  __  ___        __      
#   / ___/__  ___/ / /  |/  /__  ___/ /__    
#  / (_ / _ \/ _  / / /|_/ / _ \/ _  / -_)   
#  \___/\___/\_,_/ /_/  /_/\___/\_,_/\__/_   
#    / __(_)__ ___ _  ___ _  / _ \__ __/ /__ 

schlamar

import os
import sys
import traceback
from functools import wraps
from multiprocessing import Process, Queue


def processify(func):
    '''Decorator to run a function as a process.
    Be sure that every argument and the return value

codian

export PS1="\[\033[34m\]\w\[\033[35m\]\`ruby -e \"print (%x{git branch 2> /dev/null}.split(/\n/).grep(/^\*/).first || '').gsub(/^\* (.+)$/, '(\1)')\"\`\[\033[00m\]> "

erans

from PIL import Image
from PIL.ExifTags import TAGS, GPSTAGS

def get_exif_data(image):
    """Returns a dictionary from the exif data of an PIL Image item. Also converts the GPS Tags"""
    exif_data = {}
    info = image._getexif()
    if info:
        for tag, value in info.items():
            decoded = TAGS.get(tag, tag)