Skip to content

Instantly share code, notes, and snippets.

View BoredHackerBlog's full-sized avatar

boredhackerblog BoredHackerBlog

39 followers · 9 following
View GitHub Profile
@BoredHackerBlog
BoredHackerBlog / pyspark_search.py
Last active April 30, 2022 01:58
apache spark / pyspark eve.json search
In [1]: from pyspark.sql import SparkSession
In [2]: spark = SparkSession \
...: .builder \
...: .appName("example") \
...: .getOrCreate()
22/04/29 18:55:18 WARN Utils: Your hostname, ubuntu resolves to a loopback address: 127.0.1.1; using 192.168.95.155 instead (on interface ens33)
22/04/29 18:55:18 WARN Utils: Set SPARK_LOCAL_IP if you need to bind to another address
Using Spark's default log4j profile: org/apache/spark/log4j-defaults.properties
Setting default log level to "WARN".
@BoredHackerBlog
BoredHackerBlog / graph_proc.py
Created February 1, 2022 14:49
process graph using graphviz and python
from graphviz import Digraph
process_data = []
process_data.append({"pid":"1", "ppid":"204", "path":"c:/cmd.exe"})
process_data.append({"pid":"4", "ppid":"204", "path":"c:/powershell.exe"})
process_data.append({"pid":"204", "ppid":"0", "path":"c:/svhost.exe"})
process_data.append({"pid":"8", "ppid":"4", "path":"c:/net.exe"})
process_data.append({"pid":"10", "ppid":"4", "path":"c:/netsh.exe"})
def graph_process(jsonarray, pid_key, ppid_key, label_key):
@BoredHackerBlog
BoredHackerBlog / ghactions_docker_build.yaml
Last active February 1, 2022 03:18
github actions for docker containers
name: build and upload container
on:
push:
branches: [ main ]
jobs:
build:
runs-on: ubuntu-latest
@BoredHackerBlog
BoredHackerBlog / set_token.py
Created January 23, 2022 19:30
humio stdin testing
import requests
from time import sleep
while True:
try:
if requests.get("http://localhost:8080").status_code == 200:
break
else:
sleep(5)
except:
@BoredHackerBlog
BoredHackerBlog / docker-compose.yaml
Created January 9, 2022 19:31
openvas docker-compose
#taken from here: https://github.com/immauss/openvas/blob/master/compose/docker-compose.yml
#as of jan 9th 2022, it works fine. takes some time to download feeds initially.
version: "3"
services:
openvas:
ports:
- "8080:9392"
environment:
- "PASSWORD=admin"
- "USERNAME=admin"
@BoredHackerBlog
BoredHackerBlog / docker-compose.yaml
Last active March 28, 2024 17:20
grafana loki docker-compose file and vector settings
version: "3"
networks:
loki:
services:
loki:
image: grafana/loki:2.4.0
volumes:
- ./loki:/etc/loki
@BoredHackerBlog
BoredHackerBlog / alert_app.py
Created September 18, 2021 23:00
humio to og alert
from flask import request
from flask import Flask
import opsgenie_sdk
app = Flask(__name__)
og = opsgenie_sdk.configuration.Configuration()
og.api_key['Authorization'] = ""
og.api_client = opsgenie_sdk.api_client.ApiClient(configuration=og)
og.alert_api = opsgenie_sdk.AlertApi(api_client=og.api_client)
@BoredHackerBlog
BoredHackerBlog / 01-netcfg.yaml
Created September 12, 2021 02:34
netplan config for bridge, br0 can be used to sniff traffic between eth1, eth2
# root@host:~# cat /etc/netplan/01-netcfg.yaml
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: yes
eth1:
dhcp4: no
eth2:
@BoredHackerBlog
BoredHackerBlog / rulematch.py
Created September 4, 2021 19:19
dict rule match - this code essentially takes in a bunch of rules and compares them against an event (dict) and prints if something matches
# requires dictquery (pip3 install dictquery or get it from here: https://github.com/cyberlis/dictquery)
import dictquery as dq
#each rule needs to be a new line
#rule format, RULENAME|RULE
#rule syntax: https://github.com/cyberlis/dictquery#dictquery
rules_file = "rules.txt"
rules = {}
@BoredHackerBlog
BoredHackerBlog / docker-compose.yml
Created August 15, 2021 22:52
cortex standalone (thehive project) from https://github.com/TheHive-Project/Docker-Templates
version: '2'
services:
elasticsearch:
image: 'elasticsearch:7.11.1'
environment:
- http.host=0.0.0.0
- discovery.type=single-node
- script.allowed_types=inline
- thread_pool.search.queue_size=100000
- thread_pool.write.queue_size=10000