Skip to content

Instantly share code, notes, and snippets.

View jas-'s full-sized avatar
🏃‍♂️

Jason Gerfen jas-

🏃‍♂️
59 followers · 27 following
View GitHub Profile
@jas-
jas- / wifi_map
Created January 8, 2019 01:46
20190107 - WiFi connected devices
WhosHouse:
a0:a3:e2:f9:a6:45:
bssid: a0:a3:e2:f9:a6:45
bytes: 611376
channels:
- 1
- 2
- 140
devices:
01:00:5e:00:00:fb:
@jas-
jas- / packet-capture.sh
Last active November 19, 2022 17:04
A semi self aware packet trace tool; supports multiple packet capture tools such as tcpdump, tshark & snoop, monitors log disk for space constraints & can be configured to run for only a specified amount of time.
#!/bin/bash
#############################################################
# Functional description:
# Automates packet captures while safely monitoring disk
# space constraints for a specified amount of time.
#
# Supported OS:
# Solaris 10/11
# RHEL 5/6/7/8
@jas-
jas- / stig.sh
Last active October 8, 2020 03:06
Find potential privilege escalation with defined services. STIG VID's; V-906, V-907, V-910, V-4089, V-4090, V-4091, V-22354, V-22355, V-59827, V-59831, V-59833, V-59835, V-59837, V-59839, V-59841, V-59843
#!/bin/bash
# Handle the following STIG Vulnerability ID's
# Requires bash > v4
# HP-UX: V-906, V-907, V-910, V-4089, V-4090, V-4091, V-22354, V-22355
# OEL: V-906, V-907, V-910, V-4089, V-4090, V-4091, V-22354, V-22355
# RHEL: V-906, V-907, V-910, V-4089, V-4090, V-4091, V-22354, V-22355
# Solaris: V-906, V-907, V-910, V-4089, V-4090, V-4091, V-22354, V-22355, V-59827, V-59831, V-59833, V-59835, V-59837, V-59839, V-59841, V-59843
# Author: Jason Gerfen <jason.gerfen@gmail.com>
@jas-
jas- / stigadm.json
Last active December 5, 2018 23:49
stigadm reporting
{
"date": "20181205-231751",
"system": {
"hostname": "solaris11",
"kernel": "SunOS solaris11 5.11 11.3 i86pc i386 i86pc",
"OS": "Solaris",
"version": "11"
},
"stigs": [
{
@jas-
jas- / rekall-inspect-with-yara.sh
Last active March 8, 2024 22:49
#!/bin/bash
# Create a timestamp
ts="$(date +%Y%m%d)"
# Determine running directory
cwd="$(pwd $(dirname $0))"
# Define build_file
build_file=
@jas-
jas- / .bashrc
Last active July 8, 2017 14:07
Parse UFW log
# Default path of UFW parser
parse_ufw=/path/to/parse-ufw.awk
# Default path of UFW log
log_ufw=/var/log/ufw.log
# Function for filtering outbound comms
function ufw_out
{
@jas-
jas- / .bashrc
Last active November 27, 2016 17:19
.bashrc alias functions to handle GPG encrypt/decrypt operations per file/folder
# Define the encryption algo for gpg
algo="aes256"
# Define the gpg binary name (Solaris is gpg2)
gpg_name="gpg"
# Use ${gpg_name} to get full path of GPG
gpg=$(which ${gpg_name} 2>/dev/null)
# Validate GPG is installed
@jas-
jas- / json-output.json
Last active November 1, 2015 16:27
libnmap output examples (both make use of the examples/accuracy.js example script)
{
"172.17.190.241-255": {
"$": {
"scanner": "nmap",
"args": "nmap --host-timeout=900s -T0 --max-retries 10 --ttl 200ms --scan-delay 10s --max-rate 30 -oX - -p1-1024 172.17.190.241-255",
"start": "1445783304",
"startstr": "Sun Oct 25 14:28:24 2015",
"version": "6.40",
"xmloutputversion": "1.04"
},
@jas-
jas- / accuracy.js
Last active December 23, 2017 23:32
node.js libnmap example usage
/*!
* libnmap
* Copyright(c) 2013-2015 Jason Gerfen <jason.gerfen@gmail.com>
* License: MIT
*/
var nmap = require('libnmap')
, opts = {
timeout: 900, // 900s = 10m and increases the reliability of scan results
flags: [
@jas-
jas- / ufw-intel.sh
Created December 9, 2014 17:04
Intel gathering for UFW logs
dmesg | awk '{split($7, arr, "="); if (match(arr[2], /[0-9.]/)){print "\nHOST: " arr[2] " ================\n";system("host " arr[2]);system("whois " arr[2]);system("dig " arr[2]);}}' > log