Skip to content

Instantly share code, notes, and snippets.

Avatar
🎯
Focusing

Christopher Ashby ashbyca

🎯
Focusing
View GitHub Profile
View criticalstart.txt
{"searchproviders":[["-1","DuckDuck Go","https://duckduckgo.com/?q=TESTSEARCH",true,false,7,false,"",false,""],["-1","Twitter Term","https://twitter.com/search?f=realtime&q=TESTSEARCH&src=typd",true,false,7,false,"",false,""],["-1","Google Safe Browsing","http://www.google.com/safebrowsing/diagnostic?site=TESTSEARCH",true,false,3,false,"",false,""],["-1","RIPE","https://stat.ripe.net/TESTSEARCH#tabId=at-a-glance",true,false,3,false,"",false,""],["-1","ARIN","https://search.arin.net/rdap/?query=TESTSEARCH",true,false,3,false,"",false,""],["-1","Domain Tools","https://whois.domaintools.com/TESTSEARCH",true,false,3,false,"",false,""],["-1","AlienVault OTX Domain","https://otx.alienvault.com/indicator/domain/TESTSEARCH",true,false,2,false,"",false,""],["-1","VirusTotal Domain Info","https://www.virustotal.com/en/domain/%s/information/",true,false,2,false,"",false,""],["-1","WhoIS DNS Info","http://who.is/whois/TESTSEARCH",true,false,2,false,"",false,""],["-1","McAfee TI","http://www.mcafee.com/threat-intelligence
View threat hunting notes
Event ID 1102 - Generated when event log is cleared
Event ID 4648 - Generated when a process attempts an account logon by explicitly specifying that accounts credentials.
Windows Dashboard
EID 1 (Process Create)
EID 4688 (A new Process)
EID 10 (Process Access)
EID 4624 (An account was successfully logged on)
EID 4648 (A logon was attempted using explicit credentials)
View osxsetup.sh
# Install Xcode Command Linke Tools
xcode-select --install
# Install Home-brew
/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install.sh)"
# Install Common Tools
Brew install wget
Brew install click
Brew install libmagic
View crontab
# Edit this file to introduce tasks to be run by cron.
#
# Each task to run has to be defined through a single line
# indicating with different fields when the task will be run
# and what command to run for the task
#
# To define the time you can provide concrete values for
# minute (m), hour (h), day of month (dom), month (mon),
# and day of week (dow) or use '*' in these fields (for 'any').#
# Notice that tasks will be started based on the cron's system
View fstab.txt
LABEL=cloudimg-rootfs / ext4 defaults 0 0
https://dav.box.com/dav /box-storage davfs rw,user,noauto 0 0
View System Setup - Not Sure
System Setup
# Install Python PIP and Dependencies
sudo apt-get install python3-dev python3-pip python3-setuptools libyaml-dev wget libreadline7 libreadline-dev git python-dnspython python-mechanize python-slowaes python-xlsxwriter python-jsonrpclib python-lxml lsb-release figlet update-motd libncurses5-dev libgdbm-dev libnss3-dev libssl-dev libreadline-dev libffi-dev -y
# Setup and configure Dynamic MOTD
# Remove the current directory
sudo rm -r /etc/update-motd.d/
# Create new directory
View ip-context-menu.xml
<?xml version="1.0" encoding="UTF-8"?>
<contextMenu>
<menuEntry name="Domain Crawler Query" url="http://www.domaincrawler.com/ip/view/%IP%" />
<menuEntry name="DomainTools Query" url="https://whois.domaintools.com/%IP%" />
<menuEntry name="Exposure Lookup" url="http://exposure.iseclab.org/detection/ip?ip=%IP%" />
<menuEntry name="Fortiguard Threat Research" url="http://www.fortiguard.com/ip_rep/index.php?data=%IP%&amp;lookup=Lookup" />
<menuEntry name="Google SafeBrowsing Report" url="http://www.google.com/safebrowsing/diagnostic?site=%IP%" />
<menuEntry name="HoneyNet Project Lookup" url="http://www.projecthoneypot.org/ip_%IP%" />
<menuEntry name="IPVoid Query" url="http://www.ipvoid.com/scan/%IP%" />
<menuEntry name="IsitAPT" url="http://isitapt.com/%IP%" />
View 90-footer
@ashbyca
ashbyca / 10-sysinfo
Last active Sep 10, 2019
10-sysinfo
View 10-sysinfo
#!/bin/bash
#
# 10-sysinfo - generate the system information
# Copyright (c) 2013 Nick Charlton
#
# Authors: Nick Charlton <hello@nickcharlton.net>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
View 00-header
#!/bin/sh
#
# 00-header - create the header of the MOTD
# Copyright (c) 2013 Nick Charlton
# Copyright (c) 2009-2010 Canonical Ltd.
#
# Authors: Nick Charlton <hello@nickcharlton.net>
# Dustin Kirkland <kirkland@canonical.com>
#
# This program is free software; you can redistribute it and/or modify
You can’t perform that action at this time.