Skip to content

Instantly share code, notes, and snippets.

View mweinelt's full-sized avatar

Martin Weinelt mweinelt

316 followers · 80 following
View GitHub Profile
@thesamesam
thesamesam / xz-backdoor.md
Last active April 7, 2025 09:15
xz-utils backdoor situation (CVE-2024-3094)

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

Update: I've disabled comments as of 2025-01-26 to avoid everyone having notifications for something a year on if someone wants to suggest a correction. Folks are free to email to suggest corrections still, of course.

Background

@thimslugga
thimslugga / 01-ec2-mac-tuning.sh
Last active April 11, 2025 07:06
EC2 Mac Tuning Tips
#!/bin/bash
#set -euo pipefail
#IFS=$'\n\t'
# https://stream.lib.utah.edu/index.php?c=browse&m=results&q=Mac+Admins&sort=newest
# https://macos-defaults.com/
# https://ss64.com/mac/defaults.html
# https://real-world-systems.com/docs/defaults.1.html
#
# https://babodee.wordpress.com/2016/04/09/launchctl-2-0-syntax/
@oskar456
oskar456 / README.md
Last active December 14, 2024 15:32
CLAT for Linux using Jool and ipvlan PoC

CLAT for Linux using ipvlan

This proof of concept uses ipvlan feature of Linux to split up main network interface into two in order to use one in a separate namespace with jool-siit performing CLAT translation.

This way, enabling CLAT is least intrusive to the default network namespace - no need to enable forwarding or touch firewall rules.

@fabaff
fabaff / __init__.py
Last active January 7, 2023 02:34
Update SpaceAPi component with support for SpaceAPI v14
"""Support for the SpaceAPI."""
from contextlib import suppress
import voluptuous as vol
from homeassistant.components.http import HomeAssistantView
from homeassistant.const import (
ATTR_ENTITY_ID,
ATTR_ICON,
ATTR_LOCATION,
@artizirk
artizirk / nginx.conf
Last active November 13, 2024 01:46
Nginx config for scaling matrix synapse server via workers
# Matrix Synapse workers example config
# backends
upstream synapse_master {
server 192.19.18.12:38008;
}
upstream synapse_federation {
server 192.19.18.12:8083;
}
@sbyx
sbyx / low-battery-level-detection-notification-for-all-battery-sensors.yaml
Last active April 24, 2025 04:56
Home Assistant Blueprint: Low battery level detection & notification for all battery sensors
blueprint:
name: Low battery level detection & notification for all battery sensors
description: Regularly test all sensors with 'battery' device-class for crossing
a certain battery level threshold and if so execute an action.
domain: automation
input:
threshold:
name: Battery warning level threshold
description: Battery sensors below threshold are assumed to be low-battery (as
well as binary battery sensors with value 'on').
@chriswayg
chriswayg / Ubuntu_Debian_Cloud_images_in_Proxmox.md
Last active April 11, 2025 10:35
Ubuntu and Debian Cloud images in Proxmox
@mschep
mschep / bird2.conf
Last active November 10, 2024 02:33
BIRD 2 configuration including RPKI
# Very minimal BIRD2 configuration with RPKI enabled
log syslog { info, remote, warning, error, auth, fatal, bug };
log "/var/log/bird.debug.log" { debug, remote, trace };
router id 193.0.31.28;
protocol device {
}
@susam
susam / vectors.md
Last active January 22, 2024 05:10

Recon and Attack Vectors from My Logs

This document contains excerpts from my web server logs collected over a period of 7 years that shows various kinds of recon and attack vectors.

There were a total of 37.2 million lines of logs out of which 1.1 million unique HTTP requests (Method + URI) were found.

$ sed 's/^.* - - \[.*\] "\(.*\) HTTP\/.*" .*/\1/' access.log > requests.txt
@leoluk
leoluk / journal-reactor.py
Created October 3, 2018 22:19
Example code that demonstrates how to listen to journald using Python 3 + asyncio.
#!/usr/bin/python3 -u
import asyncio
import sh
from systemd import journal
from systemd.daemon import notify
GATEWAY_IP = "192.168.10.1"