Skip to content

Instantly share code, notes, and snippets.

View deeso's full-sized avatar

dso deeso

62 followers · 48 following
View GitHub Profile
@deeso
deeso / download_new_domains.py
Created March 22, 2018 03:02
Download new domains from Whois Newly Registered Domains
from pymongo import MongoClient
import json, os, time, signal, threading, sys
from datetime import datetime, timedelta
from gglsbl import SafeBrowsingList
import requests
from datetime import datetime
from datetime import datetime, timedelta
from virus_total_apis import PrivateApi, PublicApi
import argparse
@deeso
deeso / threat-modeling-cc.md
Last active May 6, 2023 19:25
checklist and cheatsheet for threat modeling

Threat Model Checklist and Cheatsheet

Overview

Threat modeling is systems based analysis that identifies potential security short comings. Based on these analyses, design requirements are adopted to mitigate security risks. Furthermore, during the verification stages, explicit tests can be created to focus on or around issues surfaced by the threat model.

Threat models should be performed

  1. A product is created
  2. A new feature is released
  3. Security incident occurs
  4. Architectural or infrastructure changes
@deeso
deeso / ChatGPT-Dan-Jailbreak.md
Created April 7, 2023 14:28 — forked from coolaj86/ChatGPT-Dan-Jailbreak.md
@deeso
deeso / soup-to-nuts-creating-plaso-parser-deployingtimesketch.md
Created June 21, 2019 20:30
writeup describing how to create a plaso parser and deploy it with timesketch

Soup to Nuts: Creating a Plaso Parser and Deploying Timesketch to Docker

Acknowledgements, etc.

Thank you to the Log2timeline and Timesketch teams for putting out some solid work. I am thankful that I have the opportunity to create this write up, which comes on the back of their hard work. While there may be holes in their documentation and descriptions, the code is well written and fairly easy to understand. Any criticism should not be interpretted as a reflection of the quality of their work.

@deeso
deeso / stop_cpuid_detect.py
Last active December 5, 2022 05:50
use x64dbg look for cpuid instructions and unset the HVM bit
from x64dbgpy import pluginsdk
# Put this script in the Python path, and
# execute the following Python snippets in
# the Python dialog in x64dbg:
#
# from stop_cpuid_detect import *
# trace_cpuid(n=1000)
# the above code will trace through the program
@deeso
deeso / booklist
Last active October 15, 2022 19:57
Just a Book List from Someone Who's not Famous
Dealing with Cancer and Personal Crises
a. Upheaval
b. When a Breath Becomes Air
c. The Breakthrough
Self-Control and Discipline
a. This Time Will Be Different: A Short Book on Making Permanent Changes
b. The Marshmallow Test: Mastering Self-Control
c. (long and technical, recommend over a few months) Thinking, Fast and Slow
@deeso
deeso / helper_code.py
Created August 25, 2022 04:40
metrics manifesto support code for bayesian analysis
import pandas as pd
import numpy as np
from scipy.stats import beta, binom
def binomial_beta_mixture(probs: np.array, beta_0: np.array, beta_1: np.array, data: np.array):
'''
probs:
beta_0: shape of the first beta binomian distribution
@deeso
deeso / survivor-analysis.ipynb
Created August 22, 2022 01:48
metrics manifesto survivor data manipulation in python. ref: https://gist.github.com/ribsy/aac43d4e05ad712b19887ed3eea884fc
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@deeso
deeso / docker-compose.yaml
Created August 8, 2022 03:33
Creating a basic indradb docker compose setup
version: '3'
services:
indradb:
build:
context: .
dockerfile: indradb.Dockerfile
ports:
- "27620:27615" # mongo db running here too
@deeso
deeso / vt_url_search.py
Created June 3, 2022 00:04
perform a VirusTotal Search for Potential Phishing Domains
import json
import sys
import requests
from datetime import datetime, timedelta
from argparse import ArgumentParser
DAYS = 30
LAST_SEEN = (datetime.now() - timedelta(days=DAYS)).strftime("%Y-%m-%d")