| import poe, sys | |
| client = poe.Client("<POE_API_KEY_HERE>") | |
| title=sys.argv[1] | |
| path=sys.argv[2] | |
| more="" | |
| if len(sys.argv) > 3: | |
| more="\" and here is more information: "+sys.argv[3] | |
| message="""generate a bug bounty report for me (hackerone.com), the title of the bug is """+title+""" and the vulnerability path is \""""+path+more+""" |
You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228
This command searches for exploitation attempts in uncompressed files in folder /var/log and all sub folders
sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log
| import os | |
| from fastapi import FastAPI | |
| from sentry_sdk.integrations.asgi import SentryAsgiMiddleware | |
| import sentry_sdk | |
| sentry_sdk.init( | |
| dsn='your Sentry dns', # CHANGE HERE | |
| environment=os.getenv('ENV', 'dev'), # You should read it from environment variable |
jdoe@home-pc:~# apt-get install redis-server
jdoe@home-pc:~# systemctl enable [email protected]
jdoe@home-pc:~# apt-get update
jdoe@home-pc:~# apt-cache pkgnames | grep php7.4
jdoe@home-pc:~# apt install php7.4-redis
| <?php | |
| namespace App\Rules; | |
| use Illuminate\Contracts\Validation\Rule; | |
| class AlphaDashDot implements Rule | |
| { | |
| /** | |
| * Determine if the validation rule passes. |
| <?php | |
| /* | |
| * Converts CSV to JSON | |
| * Example uses the csv file of this gist | |
| */ | |
| $feed="https://gist.githubusercontent.com/devfaysal/9143ca22afcbf252d521f5bf2bdc6194/raw/ec46f6c2017325345e7df2483d8829231049bce8/data.csv"; | |
| //Read the csv and return as array | |
| $data = array_map('str_getcsv', file($feed)); | |
| //Get the first raw as the key | |
| $keys = array_shift($data); |
Run go install and
gogitlocalstats -add /path/to/folder will scan that folder and its subdirectories for repositories to scangogitlocalstats -email [email protected] will generate a CLI stats graph representing the last 6 months of activity for the passed email. You can configure the default in main.go, so you can run gogitlocalstats without parameters.Being able to pass an email as param makes it possible to scan repos for collaborators activity as well.
| from flask import Flask | |
| from flask import render_template | |
| import csv | |
| import json | |
| app = Flask(__name__) | |
| @app.route('/') | |
| def my_runs(): | |
| runs = [] |
sentrySENTRY_SECRET_KEY to random 32 char stringdocker-compose up -ddocker-compose exec sentry sentry upgrade to setup database and create admin userdocker-compose exec sentry pip install sentry-slack if you want slack plugin, it can be done laterdocker-compose restart sentry9000