This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/python | |
def poorMansConvert(di, inPath, outType, outPath): | |
from apiclient.http import MediaFileUpload | |
valid_output = [ | |
'text/html','text/plain','application/rtf','application/vnd.oasis.opendocument.text',\ | |
'application/pdf','application/vnd.openxmlformats-officedocument.wordprocessingml.document',\ | |
'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet','application/x-vnd.oasis.opendocument.spreadsheet',\ | |
'image/jpeg','image/png','image/svg+xml','application/vnd.openxmlformats-officedocument.presentationml.presentation' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
"""Extract MITRE ATT&CK techniques into a file.""" | |
import bs4 as bs | |
import requests | |
root_url = "https://attack.mitre.org" | |
file_name = "mitre.txt" | |
def get_urls(): | |
"""Get MITRE ATT&CK URLs for processing.""" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Descriptor: | |
Name: BlockadeIoService | |
DisplayName: Blockade.io | |
Description: Skills for blocking suspicious and malicious indicators using blockade.io | |
SkillGroups: | |
- Format: API | |
Settings: | |
OpenApiSpecUrl: https://gist.githubusercontent.com/9b/f3f3e4d831bddcf0ab3f8a32b471893b/raw/b40421aa882e556794d4305dea50bd7f9acc1188/blockadeio.yaml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
openapi: 3.0.1 | |
info: | |
title: Blockade.io | |
description: Block suspicious and malicious indicators in participating browsers | |
version: "v1" | |
servers: | |
- url: https://api.blockade.io/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import ast | |
import datetime | |
import json | |
import sys | |
import requests | |
import urllib | |
from tabulate import tabulate | |
url = "https://www.whatruns.com/api/v1/get_site_apps" | |
data = {"data": {"hostname": sys.argv[1], "url": sys.argv[1], |
We can't make this file beautiful and searchable because it's too large.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
google.com,"v=spf1 include:_spf.google.com ~all" | |
youtube.com,"google-site-verification=OQz60vR-YapmaVrafWCALpPyA8eKJKssRhfIrzM-DJI" | |
youtube.com,"v=spf1 include:google.com mx -all" | |
facebook.com,"v=spf1 redirect=_spf.facebook.com" | |
baidu.com,"google-site-verification=GHb98-6msqyx_qqjGl5eRatD3QTHyVB6-xQ3gJB5UwM" | |
baidu.com,"v=spf1 include:spf1.baidu.com include:spf2.baidu.com include:spf3.baidu.com a mx ptr -all" | |
yahoo.com,"v=spf1 redirect=_spf.mail.yahoo.com" | |
wikipedia.org,"google-site-verification=AMHkgs-4ViEvIJf5znZle-BSE2EPNFqM1nDJGRyn2qk" | |
wikipedia.org,"v=spf1 include:wikimedia.org ?all" | |
amazon.com,"v=spf1 include:spf1.amazon.com include:spf2.amazon.com include:amazonses.com -all" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import requests, json, logging, sys | |
class PassiveTotal: | |
def __init__(self, apikey): | |
self.__apikey = apikey | |
self.__classifications = [ 'targeted', 'crime', 'benign', 'multiple' ] | |
self.__actions = [ 'add', 'remove' ] | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Modify the script to include your username and API key. | |
Create a virtualenv to keep your space clean: | |
$ virtualenv -p python3 venv3 | |
Activate it: | |
$ source venv3/bin/activate | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import base64 | |
import sys | |
def main(): | |
if len(sys.argv) < 3: | |
sys.exit('Usage (2 arguments): %s "%s" %s' % (sys.argv[0],"malicious file","outfile")) | |
else: | |
f = open(sys.argv[1],"rb") | |
con = f.read() | |
f.close() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import pymongo | |
import json | |
from pymongo import Connection | |
def connect_to_mongo(host, port, database, collection): | |
connection = Connection(host, port) | |
db = connection[database] | |
collection = db[collection] | |
return collection |
NewerOlder