Skip to content

Instantly share code, notes, and snippets.

Avatar

Igor Andrade igorhrq

View GitHub Profile
@igorhrq
igorhrq / abusefinder.sh
Last active Jan 22, 2021
View abusefinder.sh
#!/bin/bash
# Author: Igor Andrade = []
# Author: Thiago Dantas = []
#
######
# Date: 22/01/2021 - TechOps LatAm
# Version 0.1 - abusefinder
#
# Deep analysis on the main ports that are used by cPanel
# Filter and analysis of requests that can be an attack (xmlrpc, form attack, and high number of requests GET/POST)
@igorhrq
igorhrq / alertswithlocktime.sh
Last active Jan 8, 2021
View alertswithlocktime.sh
#!/bin/bash
# Author: Igor Andrade
# 08/01/2021
# Send alerts for google chat if LDAP server are currently offline, protects agains repeated alerts.
# I was used this for a log that are stored on messages from LDAP but can be used for other things.
#
#
#########################################################################
#
# Constant Vars
@igorhrq
igorhrq / genkey.py
Created Dec 30, 2020
View genkey.py
# Author: Igor Andrade
# generate a public and private key at /root dir
import os
from Crypto.PublicKey import RSA
key = RSA.generate(4096)
with open("/root/priv8.key", 'wb') as arquivo:
os.chmod("/root/priv8.key", 0o600)
arquivo.write(key.exportKey('PEM'))
@igorhrq
igorhrq / zabbixmon.py
Last active Jan 1, 2021
View zabbixmon.py
# Author: Igor Andrade
# Date: 29-12-2020
#
# Scripts that catch triggers from an group, filters it on a file for not repeat alerts and send it to a gchat using
# zabbix API and gchat API.
#
# remember create a config.ini with your credentials from zabbix at same file of this script
# cat config.ini
# [zabbix]
# server=https://zabbix.YOURZABBIXLINKHERE.com
@igorhrq
igorhrq / killpts.sh
Last active Nov 14, 2020
View killpts.sh
#!/bin/bash
# Kill all pts sessions that are not you and leave a message for all theses.
# Version 0.1
# Author: Igor A.
#
# usage: $ killpts [TICKET]
# usage 2: $ killpts
# example: $ killpts 2565489
#
ticket=$1
@igorhrq
igorhrq / matchcsfwpattack.sh
Last active Sep 24, 2020
View matchcsfwpattack.sh
#!/bin/bash
# this script will help mitigate wp-login and xmlrpc attacks for servers that not use imunify modsecrules, if you server use it, you dont need install it
# this is the first version, and we will work alot on that
run() {
#moving old regex.custom to be safe on this action
mv /usr/local/csf/bin/regex.custom.pm /usr/local/csf/bin/regex.custom.pm.bkp
# download custom regex.custom
wget --quiet https://gist.githubusercontent.com/igorhrq/5ddc40f4d55e190bd41edc33da95eebc/raw/d23135cc0128a4ce8c3e98d11e331fbbb051b2f5/gistfile1.txt -O /usr/local/csf/bin/regex.custom.pm
@igorhrq
igorhrq / fw.sh
Last active Aug 3, 2020
View fw.sh
#!/bin/bash
# iptables meridiuns revision 1.0 12/07
# Updated 25/07 - adjusted some ports
# Usage: sh fw.sh start/stop
# Author: Igor A.
# look vars below into 'CHANGE IF NECESSARY'
@igorhrq
igorhrq / TelegramBOTforTibiaOT.sh
Last active Jan 10, 2021
View TelegramBOTforTibiaOT.sh
#!/bin/bash
#
#
# This is script is a fork project from assistanz and modified/adapted for monitoring Tibia by Igor Andrade
#
# This script monitors server load, memory usage and Tibia daemon for every 10 seconds and sends notification
# to telegram in case of high usage or server offline.
#
# Get the status of bot after you start it and get chat id : https://api.telegram.org/bot[TOKENIDHERE]/getupdates
#
@igorhrq
igorhrq / checkload.sh
Created Jun 26, 2020
View checkload.sh
#!/bin/bash
load=`echo $(cat /proc/loadavg | awk '{print $1}') \> 8 | bc -l`
Release() {
release=$(egrep "5|6" /etc/redhat-release | awk {'print $4'} | cut -d. -f1)
if [[ -z $release ]]; then
mailPath=/usr/bin/mail
else
mailPath=/bin/mail
fi
@igorhrq
igorhrq / rotateip.sh
Last active Jun 26, 2020
View rotateip.sh
#!/usr/bin/env bash
# The new rotation ip suite
# The development of this script was started on 20/06/2019 with the manual option
#
#
# INFO
#
# Author : Igor A.
# E-Mail : igor.a@hostdime.com.br
# Personal E-Mail: igor@igorlnx.com