Richard Davis 13Cubed
13Cubed
/ ossec-installer.sh
Last active
January 27, 2016 18:43
OSSEC HIDS agent installation script for RHEL/CentOS.
View ossec-installer.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # This script simplifies the installation of the OSSEC HIDS Agent for RHEL/CentOS boxes. | |
| # Are we running is root? | |
| if [ $(id -u) -ne 0 ]; then | |
| echo | |
| echo "This script must be run as root!" | |
| echo | |
| exit; | |
| fi |
13Cubed
/ audit-tool.py
Created
January 27, 2016 18:42
A simple file comparison utility written in Python.
View audit-tool.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # audit-tool.py 2.0 - A simple file comparison utility. | |
| # Copyright 2014 13Cubed. All rights reserved. Written by: Richard Davis | |
| import sys | |
| def compareFiles(filename1, filename2, ignorecase, bidirectional): | |
| """ | |
| Given two filenames and an ignorecase booelean, compares filename1 | |
| against filename2 and returns list of the differences and a count of |
13Cubed
/ checknet.sh
Last active
January 23, 2017 11:29
A simple Bash script to monitor a remote address and send an email when it goes down.
View checknet.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # If the file that holds the flag doesn't exist, create it with default of 0 | |
| if [ ! -f /tmp/checknet.tmp ] | |
| then | |
| echo 0 > /tmp/checknet.tmp | |
| fi | |
| target=TARGET_GOES_HERE |
View bashrc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # If this is an interactive shell, customize the prompt | |
| if [[ $- == *i* ]]; then | |
| echo | |
| if [ $(id -u) -eq 0 ]; then # Root user prompt | |
| PS1="\[\033[38;5;31m\][\[$(tput sgr0)\]\[\033[38;5;166m\]\u\[$(tput sgr0)\]\[\033[38;5;31m\]@\h\[$(tput sgr0)\]\[\033[38;5;15m\] \[$(tput sgr0)\]\[\033[38;5;34m\]\W\[$(tput sgr0)\]\[\033[38;5;31m\]]\[$(tput sgr0)\]\[\033[38;5;15m\]\\$ \[$(tput sgr0)\]" | |
| else # Normal user prompt | |
| PS1="\[\033[38;5;31m\][\[$(tput sgr0)\]\[\033[38;5;99m\]\u\[$(tput sgr0)\]\[\033[38;5;31m\]@\h\[$(tput sgr0)\]\[\033[38;5;15m\] \[$(tput sgr0)\]\[\033[38;5;34m\]\W\[$(tput sgr0)\]\[\033[38;5;31m\]]\[$(tput sgr0)\]\[\033[38;5;15m\]\\$ \[$(tput sgr0)\]" | |
| fi | |
| fi |
View service
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Replace myservice with your service name. Insert commands where noted. | |
| # chkconfig: - 99 00 | |
| # Source function library. | |
| . /etc/rc.d/init.d/functions | |
| case "$1" in | |
| start) | |
| echo -n "Starting myservice" |
13Cubed
/ checklog.py
Created
February 20, 2016 04:26
Use RegEx (Regular Expressions) to search through files for specific text.
View checklog.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import sys | |
| import re | |
| def ParseLog(filename, search_string): | |
| try: | |
| f = open(filename, 'rU') | |
| except IOError: | |
| print '\n*** I/O Error: Can\'t read file', filename, '***\n' |
13Cubed
/ iptohex.py
Created
February 20, 2016 04:26
Convert IPv4 decimal (base 10) addresses to hex (base 16). Useful for 6to4 tunnel configs.
View iptohex.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import sys | |
| import re | |
| def DecToHex(dec_ip): | |
| dec_octets = str.split(dec_ip, '.') | |
| hex_octets = [] | |
| if len(dec_octets) != 4: |
13Cubed
/ update_dnsbl.sh
Last active
October 23, 2020 06:55
Download DNS adware and malware blacklists in BIND format and add them to a blacklist zone file. This is a modified version of the script from Paul's Security Weekly (http://wiki.securityweekly.com/wiki/index.php/Episode472).
View update_dnsbl.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| HOME=/var/named | |
| ADLISTURL="https://pgl.yoyo.org/adservers/serverlist.php?hostformat=bindconfig;showintro=0;mimetype=plaintext" | |
| MWLISTURL="http://mirror1.malwaredomains.com/files/spywaredomains.zones" | |
| ADLISTFILE=/tmp/adlistfile | |
| MWLISTFILE=/tmp/mwlistfile | |
| # Download newest blacklists | |
| curl -s -o $ADLISTFILE $ADLISTURL |
View conkyrc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # .conkyrc | |
| background yes | |
| use_xft yes | |
| xftfont Droid:normal:size=10 | |
| xftalpha 1 | |
| update_interval 1.0 | |
| top_cpu_separate true | |
| total_run_times 0 | |
| own_window yes |
13Cubed
/ ticketbleed.go
Last active
February 9, 2017 14:27
— forked from FiloSottile/ticketbleed.go
Check for Ticketbleed (CVE-2016-9244) vulnerability.
View ticketbleed.go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "crypto/tls" | |
| "fmt" | |
| "log" | |
| "strings" | |
| "os" | |
| ) |
OlderNewer