View abusefinder.sh
#!/bin/bash | |
# Author: Igor Andrade = [] | |
# Author: Thiago Dantas = [] | |
# | |
###### | |
# Date: 22/01/2021 - TechOps LatAm | |
# Version 0.1 - abusefinder | |
# | |
# Deep analysis on the main ports that are used by cPanel | |
# Filter and analysis of requests that can be an attack (xmlrpc, form attack, and high number of requests GET/POST) |
View alertswithlocktime.sh
#!/bin/bash | |
# Author: Igor Andrade | |
# 08/01/2021 | |
# Send alerts for google chat if LDAP server are currently offline, protects agains repeated alerts. | |
# I was used this for a log that are stored on messages from LDAP but can be used for other things. | |
# | |
# | |
######################################################################### | |
# | |
# Constant Vars |
View genkey.py
# Author: Igor Andrade | |
# generate a public and private key at /root dir | |
import os | |
from Crypto.PublicKey import RSA | |
key = RSA.generate(4096) | |
with open("/root/priv8.key", 'wb') as arquivo: | |
os.chmod("/root/priv8.key", 0o600) | |
arquivo.write(key.exportKey('PEM')) |
View zabbixmon.py
# Author: Igor Andrade | |
# Date: 29-12-2020 | |
# | |
# Scripts that catch triggers from an group, filters it on a file for not repeat alerts and send it to a gchat using | |
# zabbix API and gchat API. | |
# | |
# remember create a config.ini with your credentials from zabbix at same file of this script | |
# cat config.ini | |
# [zabbix] | |
# server=https://zabbix.YOURZABBIXLINKHERE.com |
View killpts.sh
#!/bin/bash | |
# Kill all pts sessions that are not you and leave a message for all theses. | |
# Version 0.1 | |
# Author: Igor A. | |
# | |
# usage: $ killpts [TICKET] | |
# usage 2: $ killpts | |
# example: $ killpts 2565489 | |
# | |
ticket=$1 |
View matchcsfwpattack.sh
#!/bin/bash | |
# this script will help mitigate wp-login and xmlrpc attacks for servers that not use imunify modsecrules, if you server use it, you dont need install it | |
# this is the first version, and we will work alot on that | |
run() { | |
#moving old regex.custom to be safe on this action | |
mv /usr/local/csf/bin/regex.custom.pm /usr/local/csf/bin/regex.custom.pm.bkp | |
# download custom regex.custom | |
wget --quiet https://gist.githubusercontent.com/igorhrq/5ddc40f4d55e190bd41edc33da95eebc/raw/d23135cc0128a4ce8c3e98d11e331fbbb051b2f5/gistfile1.txt -O /usr/local/csf/bin/regex.custom.pm |
View fw.sh
#!/bin/bash | |
# iptables meridiuns revision 1.0 12/07 | |
# Updated 25/07 - adjusted some ports | |
# Usage: sh fw.sh start/stop | |
# Author: Igor A. | |
# look vars below into 'CHANGE IF NECESSARY' | |
View TelegramBOTforTibiaOT.sh
#!/bin/bash | |
# | |
# | |
# This is script is a fork project from assistanz and modified/adapted for monitoring Tibia by Igor Andrade | |
# | |
# This script monitors server load, memory usage and Tibia daemon for every 10 seconds and sends notification | |
# to telegram in case of high usage or server offline. | |
# | |
# Get the status of bot after you start it and get chat id : https://api.telegram.org/bot[TOKENIDHERE]/getupdates | |
# |
View checkload.sh
#!/bin/bash | |
load=`echo $(cat /proc/loadavg | awk '{print $1}') \> 8 | bc -l` | |
Release() { | |
release=$(egrep "5|6" /etc/redhat-release | awk {'print $4'} | cut -d. -f1) | |
if [[ -z $release ]]; then | |
mailPath=/usr/bin/mail | |
else | |
mailPath=/bin/mail | |
fi |
View rotateip.sh
#!/usr/bin/env bash | |
# The new rotation ip suite | |
# The development of this script was started on 20/06/2019 with the manual option | |
# | |
# | |
# INFO | |
# | |
# Author : Igor A. | |
# E-Mail : igor.a@hostdime.com.br | |
# Personal E-Mail: igor@igorlnx.com |
NewerOlder