dcode
/ convert_keys.py
Created
April 26, 2012 02:28
Covert keys from WebOS JavaScript file for use in a C byte array.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| P = [608135816, 2242054355, 320440878, 57701188, 2752067618, 698298832, 137296536, 3964562569, 1160258022, 953160567, 3193202383, 887688300, 3232508343, 3380367581, 1065670069, 3041331479, 2450970073, 2306472731] | |
| S0 = [3509652390, 2564797868, 805139163, 3491422135, 3101798381, 1780907670, 3128725573, 4046225305, 614570311, 3012652279, 134345442, 2240740374, 1667834072, 1901547113, 2757295779, 4103290238, 227898511, 1921955416, 1904987480, 2182433518, 2069144605, 3260701109, 2620446009, 720527379, 3318853667, 677414384, 3393288472, 3101374703, 2390351024, 1614419982, 1822297739, 2954791486, 3608508353, 3174124327, 2024746970, 1432378464, 3864339955, 2857741204, 1464375394, 1676153920, 1439316330, 715854006, 3033291828, 289532110, 2706671279, 2087905683, 3018724369, 1668267050, 732546397, 1947742710, 3462151702, 2609353502, 2950085171, 1814351708, 2050118529, 680887927, 999245976, 1800124847, 3300911131, 1713906067, 1641548236, 4213287313, 1216130144, 1575780402, 4018429277, 3917837745, 3 |
dcode
/ gist:f879a62574e94a2265ae
Created
May 4, 2014 22:49
— forked from cr0t/gist:1243431
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| object Download extends Controller { | |
| import org.apache.commons.logging.Log | |
| import org.apache.hadoop.conf.Configuration | |
| import org.apache.hadoop.fs._ | |
| import java.io.InputStream | |
| import java.net.URI | |
| import java.net.URLDecoder | |
| def download(filename: String) = { |
dcode
/ bro2json.py
Created
August 8, 2014 00:53
Quick script to take a gzip'd bro log (arg #1) and make it into a gzip'd JSON document (arg #2). Minimal error checking.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import csv, gzip, json, itertools | |
| class BroDictReader: | |
| def __init__(self, filename, comment="#"): | |
| self.comment = comment | |
| self.gzfile = gzip.open(filename, mode='r') | |
| self.fields = None | |
| self.path = None | |
| self.seperator = None |
dcode
/ bro2json.py
Last active
August 29, 2016 21:12
bro2json.py: This is a Python 3 version that assumes utf-8 encoding.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import csv, gzip, json, itertools | |
| class BroDictReader: | |
| def __init__(self, filename, comment="#"): | |
| self.comment = comment | |
| self.gzfile = gzip.open(filename, mode='rt', encoding='utf-8') | |
| self.fields = None | |
| self.path = None |
dcode
/ gist:d7f19f519bfe9ff8ce5d
Last active
August 29, 2015 14:05
Shell snippet. Takes output from bro2json.py and creates an array of JSON objects grouped by uid and id fields
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This more or less just shows the format of the log data on input. | |
| zcat bro2jsondata.json.gz| sed 's/id\./id_/g' | ./json -g | jq '[ map(select(.uid and .uid != "-" )) | group_by(.uid) | .[0] ]' | |
| [ | |
| [ | |
| { | |
| "type": "conn", | |
| "id_orig_h": "10.10.10.17", | |
| "resp_ip_bytes": "0", | |
| "ts": "1384833674.270877", |
dcode
/ gist:66343a641c0f3caf122d
Created
August 10, 2014 18:48
Download the Java 8 64-bit RPM using curl (which more commonly installed over wget)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| curl --location --remote-name --remote-header-name --cookie "oraclelicense=accept-securebackup-cookie" http://download.oracle.com/otn-pub/java/jdk/8u11-b12/jre-8u11-linux-x64.rpm |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Convert RHEL7 to CentOS7 | |
| mkdir TMP | |
| yum remove rhnlib abrt-plugin-bugzilla redhat-release-notes* | |
| rpm -e --nodeps redhat-release* redhat-indexhtml | |
| rm -rf /usr/share/doc/redhat-release* | |
| cd TMP | |
| curl -O http://mirror.centos.org/centos/7/os/x86_64/Packages/centos-release-7-0.1406.el7.centos.2.3.x86_64.rpm -O http://mirror.centos.org/centos/7/os/x86_64/Packages/centos-indexhtml-7-9.el7.centos.noarch.rpm -O http://mirror.centos.org/centos/7/os/x86_64/Packages/yum-3.4.3-118.el7.centos.noarch.rpm -O http://mirror.centos.org/centos/7/os/x86_64/Packages/yum-plugin-fastestmirror-1.1.31-24.el7.noarch.rpm |
dcode
/ build_bro_nightly.sh
Last active
July 25, 2019 04:33
Build Bro nightly & bro-plugins on CentOS 7.x
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Build Bro from Source on CentOS 7 | |
| ## Install EPEL | |
| sudo yum -y install epel-release | |
| ## Install runtime dependencies - These will be needed once the RPM is built | |
| sudo yum -y install libpcap openssl-libs bind-libs zlib bash python libcurl gawk GeoIP jemalloc | |
| ## Install the build dependencies | |
| sudo yum -y install @development libpcap-devel openssl-devel bind-devel zlib-devel cmake git perl libcurl-devel GeoIP-devel python-devel jemalloc-devel swig rpmdevtools |
dcode
/ Attempt at File Extraction Policy
Created
September 4, 2014 03:01
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| global ext_map: table[string] of string = { | |
| ["application/x-dosexec"] = "exe", | |
| ["text/plain"] = "txt", | |
| ["image/jpeg"] = "jpg", | |
| ["image/png"] = "png", | |
| ["text/html"] = "html", | |
| } &default =""; | |
| event file_new(f: fa_file) | |
| { |
dcode
/ brocolor.sh
Last active
August 29, 2015 14:06
— forked from jeffgeiger/brocolor.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| cat $1 | sed 's/#fields\t\|#types\t//g' | grep -v "^#" | awk 'BEGIN {FS="\t"; OFS=FS};{for(i=1;i<=NF;i++) printf("\x1b[%sm%s\x1b[0m%s",(i%7)+31,$i,OFS); print ""}' |
OlderNewer