I hereby claim:
- I am jmtaylor90 on github.
- I am trex421 (https://keybase.io/trex421) on keybase.
- I have a public key ASDpC4gTI_QuKynQZGPIYYPkga7LMySFsIjuzBD-O_OtKQo
To claim this, I am signing this object:
JT jmtaylor90
jmtaylor90
/ gist:98908f1404f1c247b325600308bc395b
Created
October 20, 2022 12:52
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Extensible Event Format (nicknamed EVE) event log in JSON format | |
| - eve-log: | |
| enabled: yes | |
| filetype: regular #regular|syslog|unix_dgram|unix_stream|redis | |
| filename: alert.json | |
| pcap-file: true | |
| community-id: true | |
| community-id-seed: 0 | |
| types: | |
| - alert: |
jmtaylor90
/ gist:9b4d4449a0ad12b7424b400a65935df9
Created
July 18, 2022 23:25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /usr/bin/env python3 | |
| from scapy.all import DNS, DNSQR, IP, sr1, UDP | |
| dns_req = IP(dst='8.8.8.8')/TCP(dport=53)/DNS(opcode=8,rd=1, qd=DNSQR(qname='www.google.com')) | |
| answer = sr1(dns_req, verbose=0) | |
| print(answer[DNS].summary()) |
jmtaylor90
/ keybase.md
Created
November 8, 2021 13:35
jmtaylor90
/ gist:29348388e1dd11d2eb4a6ed31c4a47b9
Created
November 7, 2019 14:20
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - eve-log: | |
| enabled: yes | |
| filetype: regular | |
| filename: flow.json | |
| types: | |
| - flow |
jmtaylor90
/ gist:27591f090c44a14349c492ce04e931ad
Created
September 26, 2019 20:28
rule failure keywords update
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [69914] 26/9/2019 -- 16:26:26 - (detect-content.c:400) <Error> (DetectContentPMATCHValidateCallback) -- [ERRCODE: SC_ERR_INVALID_SIGNATURE(39)] - signature can't match as content length 62 is bigger than dsize 5. | |
| Please see: https://suricata.readthedocs.io/en/latest/rules/payload-keywords.html#content |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Run Build Command:"/usr/bin/gmake" "cmTC_54245/fast" | |
| /usr/bin/gmake -f CMakeFiles/cmTC_54245.dir/build.make CMakeFiles/cmTC_54245.dir/build | |
| gmake[1]: Entering directory '/builddir/build/BUILD/hyperscan-5.1.0/CMakeFiles/CMakeTmp' | |
| Building C object CMakeFiles/cmTC_54245.dir/src.c.o | |
| /usr/bin/cc -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -DBACKTRACE_LIBC -o CMakeFiles/cmTC_54245.dir/src.c.o -c /builddir/build/BUILD/hyperscan-5.1.0/CMakeFiles/CMakeTmp/src.c | |
| /builddir/build/BUILD/hyperscan-5.1.0/CMakeFiles/CMakeTmp/src.c: In function 'main': | |
| /builddir/build/BUILD/hyperscan-5.1.0/CMakeFiles/CMakeTmp/src.c:3:15: warning: null argument where non-null required (argument 1) [-Wnonnull] | |
| 3 | int main () { backtrace(NULL, 0); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [jason@builder hyperscan]$ rpm --eval "%cmake" | |
| CFLAGS="${CFLAGS:--O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=generic}" ; export CFLAGS ; | |
| CXXFLAGS="${CXXFLAGS:--O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=generic}" ; export CXXFLAGS ; | |
| FFLAGS="${FFLAGS:--O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=generic -I/usr/lib64/gfortran/modules}" ; export FFLAGS ; | |
| FCFLAGS="${FCFLAGS:--O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -gre |