Skip to content

Instantly share code, notes, and snippets.

View d1str0's full-sized avatar

Brady Sullivan d1str0

51 followers · 42 following
  • TECH5 USA
  • Portland, Oregon
View GitHub Profile
@d1str0
d1str0 / update-geolite2.sh
Created March 27, 2019 22:36
chmod +x update-geolite2.sh && ./update-geolite2.sh
#!/bin/sh
cd /opt/
mkdir GeoLite2-City
wget https://geolite.maxmind.com/download/geoip/database/GeoLite2-City.tar.gz -O GeoLite2-City.tar.gz
tar xvf GeoLite2-City.tar.gz -C GeoLite2-City --strip-components 1
mv GeoLite2-City/GeoLite2-City.mmdb ./
mkdir GeoLite2-ASN
wget https://geolite.maxmind.com/download/geoip/database/GeoLite2-ASN.tar.gz -O GeoLite2-ASN.tar.gz
tar xvf GeoLite2-ASN.tar.gz -C GeoLite2-ASN --strip-components 1
mv GeoLite2-ASN/GeoLite2-ASN.mmdb ./
@d1str0
d1str0 / gist:31e5b04297a45e67a1b82df40d31a5f4
Created March 2, 2019 00:43
https://honey.threatstream.com/api/top_attackers/?api_key=XXXXXXXXXX&hours_ago=4
{
"data": [
{
"count": 296,
"honeypot": "cowrie",
"source_ip": "88.214.26.89"
},
{
"count": 181,
"honeypot": "cowrie",
@d1str0
d1str0 / gist:52b3dc4a48fc5c44b50c6292e047e2d3
Created June 20, 2018 23:01
Dockerfile
FROM golang:latest
WORKDIR /go/src/github.com/ts-labs/mhnbroker
COPY . .
RUN go get -d -v ./...
RUN go get github.com/d1str0/go-hpfeeds
RUN go install -v ./...
@d1str0
d1str0 / output.log
Last active January 22, 2018 23:28
Dionaea Version 0.6.0
Compiled on Linux/x86_64 at Jan 22 2018 19:06:02 with gcc 5.4.0 20160609
Started on f0ac8a18bcca running Linux/x86_64 release 4.9.60-linuxkit-aufs
[22012018 19:57:22] dionaea dionaea.c:240: User dionaea has uid 2000
[22012018 19:57:22] dionaea dionaea.c:259: Group dionaea has gid 2000
[22012018 19:57:22] dionaea dionaea.c:483: Logfile (handle errors) /opt/dionaea/var/dionaea/dionaea-errors.log * warning,error
@d1str0
d1str0 / hpfeeds.yaml
Created January 22, 2018 21:25
- name: hpfeeds
config:
server: "1.1.1.1"
port: 10000
ident: "my-ident-guid"
secret: "mysecret"
# dynip_resolve: enable to lookup the sensor ip through a webservice
dynip_resolve: "http://icanhazip.com/"
@d1str0
d1str0 / dionaea.cfg
Created January 22, 2018 21:23
[dionaea]
download.dir=/opt/dionaea/var/dionaea/binaries/
modules=curl,python,nfq,emu,pcap
processors=filter_emu
listen.mode=getifaddrs
# listen.addresses=127.0.0.1
# listen.interfaces=eth0,tap0
# Country
@d1str0
d1str0 / Dockerfile
Created January 22, 2018 19:49
FROM debian:stretch-slim
MAINTAINER MO
ENV DEBIAN_FRONTEND noninteractive
# Include dist
#ADD dist/ /root/dist/
# Install dependencies and packages
RUN apt-get update -y && \
apt-get upgrade -y && \
@d1str0
d1str0 / keybase.md
Created November 10, 2017 11:17

Keybase proof

I hereby claim:

  • I am d1str0 on github.
  • I am d1str0 (https://keybase.io/d1str0) on keybase.
  • I have a public key ASDheMEcqdMn5HBZs9U0rzKCx45gh9joaMK5mvtbwpcI9Ao

To claim this, I am signing this object:

@d1str0
d1str0 / id_ed25519.pub
Created March 15, 2017 19:27
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBmsv/Qa4rct0+A6ahkjkcYbr9pTQrWVQRzNKrhpBpwD brady@Algernon
@d1str0
d1str0 / -
Created January 10, 2017 03:42
Title: bargainshop.councilofcoders.com
URL: bargainshop.councilofcoders.com/wp-includes/pm2.dll
IP: Address:162.249.2.136
Country: US
ASN: 55293
MD5: d8012989362c634ae2f5d6453bac46f2
Title: bargainshop.councilofcoders.com
URL: bargainshop.councilofcoders.com/wp-includes/inst1.exe
IP: Address:162.249.2.136
Country: US