13Cubed
/ ossec-installer.sh
Last active Jan 27, 2016
OSSEC HIDS agent installation script for RHEL/CentOS.
View ossec-installer.sh
| #!/bin/bash | |
| # This script simplifies the installation of the OSSEC HIDS Agent for RHEL/CentOS boxes. | |
| # Are we running is root? | |
| if [ $(id -u) -ne 0 ]; then | |
| echo | |
| echo "This script must be run as root!" | |
| echo | |
| exit; | |
| fi |
View audit-tool.py
| #!/usr/bin/python | |
| # audit-tool.py 2.0 - A simple file comparison utility. | |
| # Copyright 2014 13Cubed. All rights reserved. Written by: Richard Davis | |
| import sys | |
| def compareFiles(filename1, filename2, ignorecase, bidirectional): | |
| """ | |
| Given two filenames and an ignorecase booelean, compares filename1 | |
| against filename2 and returns list of the differences and a count of |
13Cubed
/ checknet.sh
Last active Jan 23, 2017
A simple Bash script to monitor a remote address and send an email when it goes down.
View checknet.sh
| #!/bin/bash | |
| # If the file that holds the flag doesn't exist, create it with default of 0 | |
| if [ ! -f /tmp/checknet.tmp ] | |
| then | |
| echo 0 > /tmp/checknet.tmp | |
| fi | |
| target=TARGET_GOES_HERE |
View bashrc
| # If this is an interactive shell, customize the prompt | |
| if [[ $- == *i* ]]; then | |
| echo | |
| if [ $(id -u) -eq 0 ]; then # Root user prompt | |
| PS1="\[\033[38;5;31m\][\[$(tput sgr0)\]\[\033[38;5;166m\]\u\[$(tput sgr0)\]\[\033[38;5;31m\]@\h\[$(tput sgr0)\]\[\033[38;5;15m\] \[$(tput sgr0)\]\[\033[38;5;34m\]\W\[$(tput sgr0)\]\[\033[38;5;31m\]]\[$(tput sgr0)\]\[\033[38;5;15m\]\\$ \[$(tput sgr0)\]" | |
| else # Normal user prompt | |
| PS1="\[\033[38;5;31m\][\[$(tput sgr0)\]\[\033[38;5;99m\]\u\[$(tput sgr0)\]\[\033[38;5;31m\]@\h\[$(tput sgr0)\]\[\033[38;5;15m\] \[$(tput sgr0)\]\[\033[38;5;34m\]\W\[$(tput sgr0)\]\[\033[38;5;31m\]]\[$(tput sgr0)\]\[\033[38;5;15m\]\\$ \[$(tput sgr0)\]" | |
| fi | |
| fi |
View service
| #!/bin/bash | |
| # Replace myservice with your service name. Insert commands where noted. | |
| # chkconfig: - 99 00 | |
| # Source function library. | |
| . /etc/rc.d/init.d/functions | |
| case "$1" in | |
| start) | |
| echo -n "Starting myservice" |
13Cubed
/ checklog.py
Created Feb 20, 2016
Use RegEx (Regular Expressions) to search through files for specific text.
View checklog.py
| #!/usr/bin/python | |
| import sys | |
| import re | |
| def ParseLog(filename, search_string): | |
| try: | |
| f = open(filename, 'rU') | |
| except IOError: | |
| print '\n*** I/O Error: Can\'t read file', filename, '***\n' |
13Cubed
/ iptohex.py
Created Feb 20, 2016
Convert IPv4 decimal (base 10) addresses to hex (base 16). Useful for 6to4 tunnel configs.
View iptohex.py
| #!/usr/bin/python | |
| import sys | |
| import re | |
| def DecToHex(dec_ip): | |
| dec_octets = str.split(dec_ip, '.') | |
| hex_octets = [] | |
| if len(dec_octets) != 4: |
13Cubed
/ update_dnsbl.sh
Last active May 4, 2018
Download DNS adware and malware blacklists in BIND format and add them to a blacklist zone file. This is a modified version of the script from Paul's Security Weekly (http://wiki.securityweekly.com/wiki/index.php/Episode472).
View update_dnsbl.sh
| #!/bin/bash | |
| HOME=/var/named | |
| ADLISTURL="https://pgl.yoyo.org/adservers/serverlist.php?hostformat=bindconfig;showintro=0;mimetype=plaintext" | |
| MWLISTURL="http://mirror1.malwaredomains.com/files/spywaredomains.zones" | |
| ADLISTFILE=/tmp/adlistfile | |
| MWLISTFILE=/tmp/mwlistfile | |
| # Download newest blacklists | |
| curl -s -o $ADLISTFILE $ADLISTURL |
View conkyrc
| # .conkyrc | |
| background yes | |
| use_xft yes | |
| xftfont Droid:normal:size=10 | |
| xftalpha 1 | |
| update_interval 1.0 | |
| top_cpu_separate true | |
| total_run_times 0 | |
| own_window yes |
13Cubed
/ ticketbleed.go
Last active Feb 9, 2017
— forked from FiloSottile/ticketbleed.go
Check for Ticketbleed (CVE-2016-9244) vulnerability.
View ticketbleed.go
| package main | |
| import ( | |
| "crypto/tls" | |
| "fmt" | |
| "log" | |
| "strings" | |
| "os" | |
| ) |
OlderNewer