Skip to content

Instantly share code, notes, and snippets.

View maxrp's full-sized avatar

Max P maxrp

38 followers · 49 following
View GitHub Profile
@SwitHak
SwitHak / 20211210-TLP-WHITE_LOG4J.md
Last active May 10, 2025 10:16
BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-20 2238 UTC

Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)

Errors, typos, something to say ?

  • If you want to add a link, comment or send it to me
  • Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources

  • Royce Williams list sorted by vendors responses Royce List
  • Very detailed list NCSC-NL
  • The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List
@tannercollin
tannercollin / sn004-demo.py
Last active November 1, 2021 15:58
Standard Notes protocol v004 reference decryption demo
# Standard Notes protocol v004 reference decryption demo
# by Tanner Collin, MIT license
#
# Install dependencies in your Python 3 environment:
# pip install argon2-cffi requests pycryptodome
#
# do not use your real account
# use a fresh account so there's no 003 items
# or use this test account
email = '[email protected]'
@Konfekt
Konfekt / mailcap
Last active November 2, 2024 05:33
mailcap file to display files in and outside of terminal for mutt, less, ranger / lf, ..
# Save as ~/.mailcap. Then use run-mailcap to:
#
# - open files by `run-mailcap --action=view <file>`, or
# - view them in the terminal by `run-mailcap --action=cat <file>`.
#
# Useful
#
# - in mutt by `set mailcap_file $HOME/.mailcap`
# - in Vim by adding to your vimrc
#
@jedisct1
jedisct1 / spectre.c
Last active January 27, 2020 04:20 — forked from ErikAugust/spectre.c
Spectre example code
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
#ifdef _MSC_VER
#include <intrin.h> /* for rdtscp and clflush */
#pragma optimize("gt",on)
#else
#include <x86intrin.h> /* for rdtscp and clflush */
#endif
@ErikAugust
ErikAugust / spectre.c
Last active January 5, 2025 07:01
Spectre example code
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
#ifdef _MSC_VER
#include <intrin.h> /* for rdtscp and clflush */
#pragma optimize("gt",on)
#else
#include <x86intrin.h> /* for rdtscp and clflush */
#endif
@LiveOverflow
LiveOverflow / fsec_solve.py
Created October 4, 2017 10:42
Fsec2017 z3 solution
from z3 import *
import struct
# calculate e,f,d for a given input password
def calc(m):
e = 0
f = 0
d = 0
for i in xrange(0, len(m)):
c = ord(m[i])
@marcan
marcan / smbloris.c
Last active November 22, 2022 08:32
SMBLoris attack proof of concept
/* SMBLoris attack proof-of-concept
*
* Copyright 2017 Hector Martin "marcan" <[email protected]>
*
* Licensed under the terms of the 2-clause BSD license.
*
* This is a proof of concept of a publicly disclosed vulnerability.
* Please do not go around randomly DoSing people with it.
*
* Tips: do not use your local IP as source, or if you do, use iptables to block
@rspeer
rspeer / how-to-make-a-racist-ai-without-really-trying.ipynb
Last active July 27, 2024 14:45
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@voutilad
voutilad / vmm-alpine.sh
Created May 29, 2017 15:16
Installing Alpine Linux in OpenBSD's VMM Hypervisor
# Assuming you're a regular user that has doas allowances for vmctl
mkdir -p ~/vmm
cd ~/vmm
# Grab the the one of the virt iso's of Alpine Linux
curl https://nl.alpinelinux.org/alpine/v3.6/releases/x86_64/alpine-virt-3.6.0-x86_64.iso -o alpine-virt-3.6.0-x86_64.iso
# Make a new virtual disk image, change the size as needed
vmctl create alpine-virt.img -s 6G
@leonjza
leonjza / inject.py
Last active October 23, 2024 01:06
Wordpress 4.7.0/4.7.1 Unauthenticated Content Injection PoC
# 2017 - @leonjza
#
# Wordpress 4.7.0/4.7.1 Unauthenticated Content Injection PoC
# Full bug description: https://blog.sucuri.net/2017/02/content-injection-vulnerability-wordpress-rest-api.html
# Usage example:
#
# List available posts:
#
# $ python inject.py http://localhost:8070/