Skip to content

Instantly share code, notes, and snippets.

View FutureBody's full-sized avatar

FutureBody

51 followers · 478 following
View GitHub Profile
@Neo23x0
Neo23x0 / log4j_rce_detection.md
Last active October 4, 2025 08:06
Log4j RCE CVE-2021-44228 Exploitation Detection

log4j RCE Exploitation Detection

You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228

Grep / Zgrep

This command searches for exploitation attempts in uncompressed files in folder /var/log and all sub folders

sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log
@xsduan
xsduan / async_sqlite.py
Last active April 3, 2024 17:27
peewee-async sqlite connection doohicky
"""
Temporary module to allow for sqlite databases during development. Remove once
we get an actual database.
"""
import peewee
from peewee_async import AsyncDatabase
import playhouse.sqlite_ext as sqlite_ext
try:
import aiosqlite
@steven2358
steven2358 / ffmpeg.md
Last active October 18, 2025 13:57
FFmpeg cheat sheet
@peterwillcn
peterwillcn / ipv6startupfix
Created May 4, 2016 14:32 — forked from CHEF-KOCH/ipv6startupfix
AFWall+ (and any other iptables firewall IPv6v6 fix at startup)
# This is an startup script example, how IPv6 should
# looks like, if not you will get some seriously
# problems.
# Some options may not work on your OS.
# ICMPv6 Stastics (optional)
# icmpv6_stats
# Optional may not work on all systems
ipset flush dns6
@wladston
wladston / distcorr.py
Last active August 29, 2024 17:28
Distance correlation with p-value
from scipy.spatial.distance import pdist, squareform
import numpy as np
import copy
def distcorr(Xval, Yval, pval=True, nruns=500):
""" Compute the distance correlation function, returning the p-value.
Based on Satra/distcorr.py (gist aa3d19a12b74e9ab7941)
>>> a = [1,2,3,4,5]
@hsiboy
hsiboy / BotBuster.md
Last active August 23, 2024 12:39
Bot-Buster™ - Tracks nefarious activity on website, and manages accordingly.

Bot-Buster™

Tracks nefarious activity on website, and manages accordingly.

It's probably a bot.

If the requesting entity:

  • declares its user-agent as being wget, curl, webcopier etc - it's probably a bot.
  • requests details -> details -> details -> details ad nauseum - it's probably a bot.
  • requests the html, but not .css, .js or site furniture - it's probably a bot.
@denji
denji / nginx-tuning.md
Last active October 24, 2025 16:02
NGINX tuning for best performance

Moved to git repository: https://github.com/denji/nginx-tuning

NGINX Tuning For Best Performance

For this configuration you can use web server you like, i decided, because i work mostly with it to use nginx.

Generally, properly configured nginx can handle up to 400K to 500K requests per second (clustered), most what i saw is 50K to 80K (non-clustered) requests per second and 30% CPU load, course, this was 2 x Intel Xeon with HyperThreading enabled, but it can work without problem on slower machines.

You must understand that this config is used in testing environment and not in production so you will need to find a way to implement most of those features best possible for your servers.

@mtigas
mtigas / gist:952344
Last active September 30, 2025 09:22
Mini tutorial for configuring client-side SSL certificates.

Client-side SSL

For excessively paranoid client authentication.

Updated Apr 5 2019:

because this is a gist from 2011 that people stumble into and maybe you should AES instead of 3DES in the year of our lord 2019.

some other notes: