Skip to content

Instantly share code, notes, and snippets.


Christopher Ashby ashbyca

View GitHub Profile
View criticalstart.txt
{"searchproviders":[["-1","DuckDuck Go","",true,false,7,false,"",false,""],["-1","Twitter Term","",true,false,7,false,"",false,""],["-1","Google Safe Browsing","",true,false,3,false,"",false,""],["-1","RIPE","",true,false,3,false,"",false,""],["-1","ARIN","",true,false,3,false,"",false,""],["-1","Domain Tools","",true,false,3,false,"",false,""],["-1","AlienVault OTX Domain","",true,false,2,false,"",false,""],["-1","VirusTotal Domain Info","",true,false,2,false,"",false,""],["-1","WhoIS DNS Info","",true,false,2,false,"",false,""],["-1","McAfee TI","
View threat hunting notes
Event ID 1102 - Generated when event log is cleared
Event ID 4648 - Generated when a process attempts an account logon by explicitly specifying that accounts credentials.
Windows Dashboard
EID 1 (Process Create)
EID 4688 (A new Process)
EID 10 (Process Access)
EID 4624 (An account was successfully logged on)
EID 4648 (A logon was attempted using explicit credentials)
# Install Xcode Command Linke Tools
xcode-select --install
# Install Home-brew
/bin/bash -c "$(curl -fsSL"
# Install Common Tools
Brew install wget
Brew install click
Brew install libmagic
View crontab
# Edit this file to introduce tasks to be run by cron.
# Each task to run has to be defined through a single line
# indicating with different fields when the task will be run
# and what command to run for the task
# To define the time you can provide concrete values for
# minute (m), hour (h), day of month (dom), month (mon),
# and day of week (dow) or use '*' in these fields (for 'any').#
# Notice that tasks will be started based on the cron's system
View fstab.txt
LABEL=cloudimg-rootfs / ext4 defaults 0 0 /box-storage davfs rw,user,noauto 0 0
View System Setup - Not Sure
System Setup
# Install Python PIP and Dependencies
sudo apt-get install python3-dev python3-pip python3-setuptools libyaml-dev wget libreadline7 libreadline-dev git python-dnspython python-mechanize python-slowaes python-xlsxwriter python-jsonrpclib python-lxml lsb-release figlet update-motd libncurses5-dev libgdbm-dev libnss3-dev libssl-dev libreadline-dev libffi-dev -y
# Setup and configure Dynamic MOTD
# Remove the current directory
sudo rm -r /etc/update-motd.d/
# Create new directory
View ip-context-menu.xml
<?xml version="1.0" encoding="UTF-8"?>
<menuEntry name="Domain Crawler Query" url="" />
<menuEntry name="DomainTools Query" url="" />
<menuEntry name="Exposure Lookup" url="" />
<menuEntry name="Fortiguard Threat Research" url=";lookup=Lookup" />
<menuEntry name="Google SafeBrowsing Report" url="" />
<menuEntry name="HoneyNet Project Lookup" url="" />
<menuEntry name="IPVoid Query" url="" />
<menuEntry name="IsitAPT" url="" />
View 90-footer
ashbyca / 10-sysinfo
Last active Sep 10, 2019
View 10-sysinfo
# 10-sysinfo - generate the system information
# Copyright (c) 2013 Nick Charlton
# Authors: Nick Charlton <>
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
View 00-header
# 00-header - create the header of the MOTD
# Copyright (c) 2013 Nick Charlton
# Copyright (c) 2009-2010 Canonical Ltd.
# Authors: Nick Charlton <>
# Dustin Kirkland <>
# This program is free software; you can redistribute it and/or modify