Skip to content

Instantly share code, notes, and snippets.

Avatar

Adli Wahid adliwahid

View GitHub Profile
@adliwahid
adliwahid / gist:7bd1d37195f6a081354b7143280044c7
Created Jan 14, 2021
Logstash configuration + Virustotal API with http filter + memcached
View gist:7bd1d37195f6a081354b7143280044c7
# There's a virustotal filter for logstash if you search the Internet
# I have a field hash that contains the sha256 of the file downloaded on the honeypot
# memcached is used to store the query results in memory
# query is made to memcached, if there's nothing there then make the http request with the API key
# memcached is used to minimize the # of queries made given the same file hash
# the returned results is stored in vt.* field . You may need to remove fields that you don't need
# you'll also need to install memcached and the logstash memcached filter
input {}
View keybase.md

Keybase proof

I hereby claim:

  • I am adliwahid on github.
  • I am adliwahid (https://keybase.io/adliwahid) on keybase.
  • I have a public key whose fingerprint is 0CA9 A0A3 42C0 241E 6AE9 B24C 53F7 CE5C 6352 3696

To claim this, I am signing this object:

@adliwahid
adliwahid / mirror.sh
Created Apr 17, 2016
httrack for mirroring site on archive.org (waybackmachine)
View mirror.sh
#this is useful for copying snapshotted sites at archive.org
#copied from http://superuser.com/questions/532036/trouble-using-wget-or-httrack-to-mirror-archived-website
#replace ${wayback_url} with the full URL i.e. http://web.archive.org/web/20020705161639/http://kict.iiu.edu.my/
#replace ${domain_name} with the domain name of the site you'r mirroring without the 'http', so kict.iiu.edu.my
httrack\
${wayback_url}\
'-*'\
'+*/${domain_name}/*'\
-N1005\
--advanced-progressinfo\
View tmux-cheatsheet.markdown

tmux shortcuts & cheatsheet

start new:

tmux

start new with session name:

tmux new -s myname
View demo_web_honeypot.py
import SimpleHTTPServer
import SocketServer
paths = set()
class Handler(SimpleHTTPServer.SimpleHTTPRequestHandler):
def do_GET(self):
# Detect remote file inclusion
if '=http' in self.path:
You can’t perform that action at this time.