Jeff Geiger jeffgeiger

## update_vulscan.sh
#!/bin/bash

echo "Updating vulscan database..."

cd /usr/local/Cellar/nmap/6.40/share/nmap/scripts/vulscan/

rm *.csv

wget http://www.computec.ch/projekte/vulscan/download/cve.csv
wget http://www.computec.ch/projekte/vulscan/download/exploitdb.csv

## munin-node.sh
#!/bin/ksh

#Connected - echo basic info

echo "# munin node at `hostname`"

#watchdog timestamp
WD_TIME=$(perl -e 'print time')


## grokparse.rb
#!/usr/bin/env ruby

=begin
USAGE:
cat example.log | ruby grokparse.rb
=end

require 'rubygems'
require 'grok-pure'
require 'pp'

## listen.py
#!/usr/bin/python
import socket
import sys

if (len(sys.argv) != 2 or not sys.argv[1].isdigit()):
  print 'Usage: listen <port>',
  exit()

p = int(sys.argv[1])
l = []

## file_extract.bro
global ext_map: table[string] of string = {
    ["application/x-dosexec"] = "exe",
    ["application/zip"] = "zip",
    ["application/x-gtar"] = "gzip",
    ["application/x-rar-compressed"] = "rar",
    ["application/x-apple-diskimage"] = "dmg",
    ["application/x-7z-compressed"] = "tz",
    ["application/x-gzip"] = "gz",
    ["application/x-bzip2"] = "bz",
    ["application/x-lzma"] = "lzma",

## Build_setup.md

      
              2 files
            
          
              0 forks
            
          
              0 comments
            
          
              1 star
            
          
                jeffgeiger
                / Build_setup.md
            
            
              Last active
              August 20, 2019 19:07
            
              
                RPM Spec file for rebuilding nginx + spnego-http-auth-nginx-module
              
          
    Install the source RPM for nginx and move it to you RPM build environment.
cd SOURCES/
tar xvzf nginx-1.6.3.tar.gz
cd nginx-1.6.3
git clone https://github.com/stnoonan/spnego-http-auth-nginx-module.git
cd ..
mv nginx-1.6.3 nginx-spnego-1.6.3
tar cvzf nginx-spnego-1.6.3.tar.gz nginx-spnego-1.6.3/

  
## knife cheat
# knife cheat

## Search Examples

	knife search "name:ip*"
	knife search "platform:ubuntu*"
	knife search "platform:*" -a macaddress
	knife search "platform:ubuntu*" -a uptime
	knife search "platform:ubuntu*" -a virtualization.system
	knife search "platform:ubuntu*" -a network.default_gateway

## asciiputsonglasses
Puts on glasses:

(•_•)
( •_•)>⌐■-■
(⌐■_■)

Takes off glasses ("mother of god..."):

(⌐■_■)
( •_•)>⌐■-■

## gist:c11fd13073d9c9a18ae5958626928203
# Add the offline rules file as a source:
sudo suricata-update add-source "Local Rules" "file:///srv/rocknsm/support/emerging.rules-suricata.tar.gz"

# Check that we're not going to go screaming at the internet for an update
sudo suricata-update list-enabled-sources

# You should see this:
# Enabled sources:
#  - Local Rules

## client.py
import requests

#http://docs.python-requests.org/en/latest/user/quickstart/#post-a-multipart-encoded-file

url = "http://localhost:5000/"
fin = open('simple_table.pdf', 'rb')
files = {'file': fin}
try:
  r = requests.post(url, files=files)
	print r.text
	#!/bin/bash

	echo "Updating vulscan database..."

	cd /usr/local/Cellar/nmap/6.40/share/nmap/scripts/vulscan/

	rm *.csv

	wget http://www.computec.ch/projekte/vulscan/download/cve.csv
	wget http://www.computec.ch/projekte/vulscan/download/exploitdb.csv
	#!/bin/ksh

	#Connected - echo basic info

	echo "# munin node at `hostname`"

	#watchdog timestamp
	WD_TIME=$(perl -e 'print time')
	#!/usr/bin/env ruby

	=begin
	USAGE:
	cat example.log \| ruby grokparse.rb
	=end

	require 'rubygems'
	require 'grok-pure'
	require 'pp'
	#!/usr/bin/python
	import socket
	import sys

	if (len(sys.argv) != 2 or not sys.argv[1].isdigit()):
	print 'Usage: listen <port>',
	exit()

	p = int(sys.argv[1])
	l = []
	global ext_map: table[string] of string = {
	["application/x-dosexec"] = "exe",
	["application/zip"] = "zip",
	["application/x-gtar"] = "gzip",
	["application/x-rar-compressed"] = "rar",
	["application/x-apple-diskimage"] = "dmg",
	["application/x-7z-compressed"] = "tz",
	["application/x-gzip"] = "gz",
	["application/x-bzip2"] = "bz",
	["application/x-lzma"] = "lzma",
	# knife cheat

	## Search Examples

	knife search "name:ip*"
	knife search "platform:ubuntu*"
	knife search "platform:*" -a macaddress
	knife search "platform:ubuntu*" -a uptime
	knife search "platform:ubuntu*" -a virtualization.system
	knife search "platform:ubuntu*" -a network.default_gateway
	Puts on glasses:

	(•_•)
	( •_•)>⌐■-■
	(⌐■_■)

	Takes off glasses ("mother of god..."):

	(⌐■_■)
	( •_•)>⌐■-■
	# Add the offline rules file as a source:
	sudo suricata-update add-source "Local Rules" "file:///srv/rocknsm/support/emerging.rules-suricata.tar.gz"

	# Check that we're not going to go screaming at the internet for an update
	sudo suricata-update list-enabled-sources

	# You should see this:
	# Enabled sources:
	# - Local Rules
	import requests

	#http://docs.python-requests.org/en/latest/user/quickstart/#post-a-multipart-encoded-file

	url = "http://localhost:5000/"
	fin = open('simple_table.pdf', 'rb')
	files = {'file': fin}
	try:
	r = requests.post(url, files=files)
	print r.text