Bsebring
Bsebring
/ restartSuricata.sh
Created
August 14, 2019 19:54
Restart Suricata conveniently in Daemon mode using this bash script
View restartSuricata.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Stop parent process (does not fully stop suricata) | |
| service suricata stop | |
| # Remove the pid file if it exists | |
| FILE=/var/run/suricata.pid | |
| if test -f "$FILE"; then | |
| rm "$FILE" | |
| fi | |
| # Kill suricata by name to eliminate child processes and prevent old configurations from ran$ |
Bsebring
/ abuseipdb_report.lua
Last active
March 8, 2021 16:24
A Lua script developed to work with Suricata. This script reports malicious IPs to abuseipdb.
View abuseipdb_report.lua
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env lua | |
| -- Tells Suricata to only execute this script if the | |
| -- packet triggered an alert | |
| function init (args) | |
| local needs = {} | |
| needs["type"] = "packet" | |
| needs["filter"] = "alerts" | |
| return needs | |
| end |
Bsebring
/ abuseipdb_block.py
Last active
May 8, 2022 13:08
Python implementation of csf integration
View abuseipdb_block.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import requests | |
| import json | |
| import sys | |
| # Defining the api-endpoint | |
| url = 'https://api.abuseipdb.com/api/v2/report' | |
| ports = sys.argv[2] | |
| inOut = sys.argv[4] |
View abuseipdb_block.pl
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/perl | |
| # This file was written as an executable to be used in the auto report function | |
| # of csf and lfd. By replacing $YOUR_API_KEY below with your abuseipdb api key, | |
| # allows you to use this code to integrate your csf system with abuseipdb.com | |
| use strict; | |
| use warnings; | |
| use HTTP::Tiny; | |
| use JSON; | |
| # Gather the information from the commandline passed by lfd |