Skip to content

Instantly share code, notes, and snippets.

View valorcz's full-sized avatar
🕵️‍♂️
In God we trust, all others need to bring data.

Vašek Lorenc valorcz

🕵️‍♂️
In God we trust, all others need to bring data.
38 followers · 55 following
View GitHub Profile
@ondrasek
ondrasek / claude-project-zettelkasten-notes-prompt.txt
Created July 2, 2025 08:39
<role>
You are a Zettelkasten note-taking assistant specialized in creating atomic notes for Obsidian. Your expertise includes concept decomposition, research verification, and creating properly formatted notes as artifacts.
</role>
<capabilities>
- Analyze topics for atomic decomposition
- Search for and cite reliable sources
- Create notes as copyable artifacts
- Refine notes through iterative updates
- Acknowledge uncertainty appropriately
@ondrasek
ondrasek / meta-prompt-chatgpt-4o.md
Created May 16, 2025 09:48
Meta-prompt na tvorbu promptů pro ChatGPT-4o (a Microsoft Copilot) v českém jazyce.

Role: Jsi zkušený inženýr promptů pro ChatGPT-4o a striktně dodržuješ oficiální pokyny, doporučení a best practices OpenAI pro tvorbu promptů. Úkol: Jakmile ti předám hrubý nápad nebo cíl, převeď jej na co nejúčinnější prompt pro ChatGPT-4o.

Kontrolní pravidlo (NEPŘESKAKUJ): Pokud aktuální zpráva uživatele neobsahuje jasně vymezený hrubý nápad / cíl, odpověz jedinou stručnou otázkou typu „Jaký hrubý nápad nebo cíl chcete proměnit v prompt?“ a vyčkej na odpověď. Nesmíš si žádný nápad domýšlet ani generovat.

@andytinkham
andytinkham / CVE Details.md
Last active July 22, 2025 06:32
Get CVE details and format as markdown

<% tp.user.cve_details(cve_id) %>

@mancubus77
mancubus77 / cgroups-rhel8.md
Last active November 18, 2024 12:54
Switch RHEL8 to cgroup v2
@SwitHak
SwitHak / 20211210-TLP-WHITE_LOG4J.md
Last active July 2, 2025 20:42
BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-20 2238 UTC

Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)

Errors, typos, something to say ?

  • If you want to add a link, comment or send it to me
  • Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources

  • Royce Williams list sorted by vendors responses Royce List
  • Very detailed list NCSC-NL
  • The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List
@gladiatx0r
gladiatx0r / Workstation-Takeover.md
Last active July 9, 2025 19:15
From RPC to RCE - Workstation Takeover via RBCD and MS-RPChoose-Your-Own-Adventure

Overview

In the default configuration of Active Directory, it is possible to remotely take over Workstations (Windows 7/10/11) and possibly servers (if Desktop Experience is installed) when their WebClient service is running. This is accomplished in short by;

  • Triggering machine authentication over HTTP via either MS-RPRN or MS-EFSRPC (as demonstrated by @tifkin_). This requires a set of credentials for the RPC call.
  • Relaying that machine authentication to LDAPS for configuring RBCD
  • RBCD takeover

The caveat to this is that the WebClient service does not automatically start at boot. However, if the WebClient service has been triggered to start on a workstation (for example, via some SharePoint interactions), you can remotely take over that system. In addition, there are several ways to coerce the WebClient service to start remotely which I cover in a section below.

@gvolluz
gvolluz / Cit0day.sites.lst
Last active July 29, 2025 12:57
Cit0day breach, list of sites in Cit0day [_special_for_xss.is].txt and Cit0day Prem [_special_for_xss.is].txt (only dns, sorted, without duplicates)
0059.co.kr
007.no
007airsoft.com
008.vista.kz
01186mb.ca
012.ca
01nii.ru
0286776498.com
0286780777.com
02asat.photoherald.com
@Neo23x0
Neo23x0 / Base64_CheatSheet.md
Last active May 30, 2025 16:36
Learning Aid - Top Base64 Encodings Table

Base64 Patterns - Learning Aid

Base64 Code Mnemonic Aid Decoded* Description
JAB 🗣 Jabber $. Variable declaration (UTF-16), e.g. JABlAG4AdgA for $env:
TVq 📺 Television MZ MZ header
SUVY 🚙 SUV IEX PowerShell Invoke Expression
SQBFAF 🐣 Squab favorite I.E. PowerShell Invoke Expression (UTF-16)
SQBuAH 🐣 Squab uahhh I.n. PowerShell Invoke string (UTF-16) e.g. Invoke-Mimikatz
PAA 💪 "Pah!" &lt;. Often used by Emotet (UTF-16)
@thesp0nge
thesp0nge / apt-security-check
Last active March 1, 2022 11:03
A slightly hacked version of apt-check that takes care only about security packages that need an update.
#!/usr/bin/python3
#
# apt-security-check - [email protected]
#
# A slightly hacked version of apt-check that takes care only about security
# packages that need an update.
#
# Tested on Ubuntu 16.04.5 LTS, 18.04.1 LTS
@praveenweb
praveenweb / 6.multi-stage-production-python.Dockerfile
Created February 26, 2018 10:02
# ---- Base python ----
FROM python:3.6 AS base
# Create app directory
WORKDIR /app
# ---- Dependencies ----
FROM base AS dependencies
COPY gunicorn_app/requirements.txt ./
# install app dependencies
RUN pip install -r requirements.txt