Skip to content

Instantly share code, notes, and snippets.

Bsebring /
Created August 14, 2019 19:54
Restart Suricata conveniently in Daemon mode using this bash script
# Stop parent process (does not fully stop suricata)
service suricata stop
# Remove the pid file if it exists
if test -f "$FILE"; then
rm "$FILE"
# Kill suricata by name to eliminate child processes and prevent old configurations from ran$
Bsebring / abuseipdb_report.lua
Last active February 9, 2024 14:26
A Lua script developed to work with Suricata. This script reports malicious IPs to abuseipdb.
#!/usr/bin/env lua
-- Tells Suricata to only execute this script if the
-- packet triggered an alert
function init (args)
local needs = {}
needs["type"] = "packet"
needs["filter"] = "alerts"
return needs
Bsebring /
Last active February 14, 2024 12:37
Python implementation of csf integration
#!/usr/bin/env python
import requests
import json
import sys
# Defining the api-endpoint
url = ''
ports = sys.argv[2]
inOut = sys.argv[4]
# This file was written as an executable to be used in the auto report function
# of csf and lfd. By replacing $YOUR_API_KEY below with your abuseipdb api key,
# allows you to use this code to integrate your csf system with
use strict;
use warnings;
use HTTP::Tiny;
use JSON;
# Gather the information from the commandline passed by lfd