githubfoam
githubfoam
/ threat hunting cheat sheet
Last active
December 22, 2023 23:20
threat hunting cheat sheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #=================================================================================================================================== | |
| #ChatGPT | |
| To schedule a PowerShell script to run at regular intervals in Windows, you can use the schtasks command. The schtasks command allows you to create, modify, delete, or view scheduled tasks on the local or remote computer. Here's how you can use it to schedule a PowerShell script: | |
| Example: Schedule PowerShell Script to Run Daily | |
| Let's say you have a PowerShell script named MyScript.ps1 located in C:\Scripts that you want to run daily at 10:00 AM. Here's how you can schedule it using schtasks: | |
| Open Command Prompt or PowerShell as an administrator. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ========================================================================================================== | |
| #Bing | |
| The Cloud Security Alliance (CSA) Security Trust Assurance and Risk (STAR) program is a publicly accessible registry that documents the security and privacy controls provided by popular cloud computing offerings. STAR encompasses the key principles of transparency, rigorous auditing, and harmonization of standards outlined in the Cloud Controls Matrix (CCM)1. By obtaining the CSA STAR Certification, Cloud Service Providers (CSPs) show to their clients that they are using best practices to protect data in cloud applications2. The CSA STAR Certification is a rigorous third-party independent assessment of the security of a cloud service provider. This technology-neutral certification leverages the requirements of the ISO/IEC 27001:2013 management system standard together with the CSA Cloud Controls Matrix3. | |
| ============================================================================================= |
githubfoam
/ Incident response cheat sheet
Last active
April 20, 2025 07:39
Incident response cheat sheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ---------------------------------------------------------------------------------------------------- | |
| SIEM stands for Security Information and Event Management. Essentially, it's a software platform that aggregates data from various security sources across your IT infrastructure, analyzes it in real-time, and helps you detect and respond to potential security threats. | |
| Think of it as a security command center: | |
| Gathers information: Collects logs, alerts, and events from firewalls, intrusion detection systems, antivirus software, and other security tools. | |
| Correlates data: Analyzes the collected information to identify patterns, anomalies, and potential threats. | |
| Alerts and reports: Notifies security teams about potential incidents and provides reports for investigation and analysis. | |
| Streamlines response: Helps automate incident response tasks and provides tools for investigation and mitigation. | |
| Benefits of SIEM: |
githubfoam
/ dell switch ansible cheat sheet
Last active
August 25, 2023 10:50
dell switch ansible cheat sheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -------------------------------------------------------------------------------------------------------------------- | |
| https://github.com/Dell-Networking/ansible-dellos-examples/ | |
| https://ansible-dellos-docs.readthedocs.io/en/latest/modules.html#os6-modules | |
| -------------------------------------------------------------------------------------------------------------------- | |
| #install collections | |
| ansible-galaxy collection install dellemc.os6 | |
| ansible-galaxy collection install dellemc.os10 | |
| ansible-galaxy collection list #check whether it is installed | |
| ansible-galaxy collection verify dellemc.os6 #verify |
githubfoam
/ hp aruba switch ansible cheat sheet
Last active
June 6, 2023 07:19
hp aruba switch ansible cheat sheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -------------------------------------------------------------------------------------------------------------------- | |
| https://github.com/aruba/aos-switch-ansible-collection | |
| -------------------------------------------------------------------------------------------------------------------- | |
| https://docs.ansible.com/ansible/latest/collections/community/network/aruba_config_module.html#ansible-collections-community-network-aruba-config-module | |
| https://docs.ansible.com/ansible/latest/collections/community/network/aruba_command_module.html#ansible-collections-community-network-aruba-command-module | |
| -------------------------------------------------------------------------------------------------------------------- | |
| # cat aruba_switches.ini | |
| [switches] | |
| switch1 ansible_host=192.168.1.100 ansible_user=admin ansible_password=your_password ansible_connection=network_cli ansible_network_os=aruba |
githubfoam
/ huawei switch ansible cheat sheet
Last active
June 11, 2023 17:49
huawei switch ansible cheat sheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ----------------------------------------------------------------------------------------------------- | |
| #https://cn-ansibledoc.readthedocs.io/zh_CN/latest/network/user_guide/platform_ce.html | |
| #ansible_connection=netconf or ansible_connection=network_cli | |
| Using CLI in Ansible | |
| Example CLI inventory [ce:vars] | |
| [ce:vars] | |
| ansible_connection=network_cli | |
| ansible_network_os=ce |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #================================================================================================================================= | |
| #ChatGPT | |
| how to debug IPSengine in 6.4 or later: | |
| # diagnose ips debug enable | |
| init init | |
| packet packet | |
| packet_detail packet_detail | |
| error error |
githubfoam
/ fortigate - webfilter - url filter cheat sheet
Last active
April 22, 2025 08:54
fortigate - webfilter - url filter cheat sheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #===================================================================== | |
| # Log&Report - Security Events - Web Filter, filter a specific URL. v7.2.3 | |
| #launch CLI from fortigate GUI | |
| config webfilter profile #Configure Web filter profiles | |
| get #list all profiles | |
| edit profile-name | |
| show # see current setting | |
| set log-all-url enable | |
| set extended-log enable |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ========================================================================================================== | |
| https://portswigger.net/kb/ | |
| ========================================================================================================== | |
| Burp, Fiddler, OWASP Zap, BeEF | |
| ========================================================================================================== | |
| #Burp Suite | |
| explain how to make this code secure. generate more secure version | |
| <? php |
githubfoam
/ AsyncRAT malware analysis walkthrough
Last active
July 7, 2023 06:12
AsyncRAT malware analysis walkthrough
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ============================================================================ | |
| #ChatGPT | |
| act as a forensics analyzer and run AsyncRAT malware analysis walkthrough. | |
| As a language model, I am not capable of running any software on a computer. However, I can guide you through a typical AsyncRAT malware analysis walkthrough to help you understand the steps involved in the process. | |
| Step 1: Obtain the Sample | |
| The first step in malware analysis is obtaining the sample. In this case, we assume that you have obtained a sample of AsyncRAT malware. |