Skip to content

Instantly share code, notes, and snippets.


Christopher Ashby ashbyca

View GitHub Profile
View crontab
# Edit this file to introduce tasks to be run by cron.
# Each task to run has to be defined through a single line
# indicating with different fields when the task will be run
# and what command to run for the task
# To define the time you can provide concrete values for
# minute (m), hour (h), day of month (dom), month (mon),
# and day of week (dow) or use '*' in these fields (for 'any').#
# Notice that tasks will be started based on the cron's system
View criticalstart.txt
{"searchproviders":[["-1","DuckDuck Go","",true,false,7,false,"",false,""],["-1","Twitter Term","",true,false,7,false,"",false,""],["-1","Google Safe Browsing","",true,false,3,false,"",false,""],["-1","RIPE","",true,false,3,false,"",false,""],["-1","ARIN","",true,false,3,false,"",false,""],["-1","Domain Tools","",true,false,3,false,"",false,""],["-1","AlienVault OTX Domain","",true,false,2,false,"",false,""],["-1","VirusTotal Domain Info","",true,false,2,false,"",false,""],["-1","WhoIS DNS Info","",true,false,2,false,"",false,""],["-1","McAfee TI","
# Install Xcode Command Linke Tools
xcode-select --install
# Install Home-brew
/bin/bash -c "$(curl -fsSL"
# Install Common Tools
Brew install wget
Brew install click
Brew install libmagic
View threat hunting notes
Event ID 1102 - Generated when event log is cleared
Event ID 4648 - Generated when a process attempts an account logon by explicitly specifying that accounts credentials.
Windows Dashboard
EID 1 (Process Create)
EID 4688 (A new Process)
EID 10 (Process Access)
EID 4624 (An account was successfully logged on)
EID 4648 (A logon was attempted using explicit credentials)
View fstab.txt
LABEL=cloudimg-rootfs / ext4 defaults 0 0 /box-storage davfs rw,user,noauto 0 0
View System Setup - Not Sure
System Setup
# Install Python PIP and Dependencies
sudo apt-get install python3-dev python3-pip python3-setuptools libyaml-dev wget libreadline7 libreadline-dev git python-dnspython python-mechanize python-slowaes python-xlsxwriter python-jsonrpclib python-lxml lsb-release figlet update-motd libncurses5-dev libgdbm-dev libnss3-dev libssl-dev libreadline-dev libffi-dev -y
# Setup and configure Dynamic MOTD
# Remove the current directory
sudo rm -r /etc/update-motd.d/
# Create new directory
View ip-context-menu.xml
<?xml version="1.0" encoding="UTF-8"?>
<menuEntry name="Domain Crawler Query" url="" />
<menuEntry name="DomainTools Query" url="" />
<menuEntry name="Exposure Lookup" url="" />
<menuEntry name="Fortiguard Threat Research" url=";lookup=Lookup" />
<menuEntry name="Google SafeBrowsing Report" url="" />
<menuEntry name="HoneyNet Project Lookup" url="" />
<menuEntry name="IPVoid Query" url="" />
<menuEntry name="IsitAPT" url="" />
ashbyca / 10-sysinfo
Last active Sep 10, 2019
View 10-sysinfo
# 10-sysinfo - generate the system information
# Copyright (c) 2013 Nick Charlton
# Authors: Nick Charlton <>
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
View 90-footer
View 00-header
# 00-header - create the header of the MOTD
# Copyright (c) 2013 Nick Charlton
# Copyright (c) 2009-2010 Canonical Ltd.
# Authors: Nick Charlton <>
# Dustin Kirkland <>
# This program is free software; you can redistribute it and/or modify
You can’t perform that action at this time.