Skip to content

Instantly share code, notes, and snippets.

View cve2020-1350.zeek
module CVE_2020_1350;
export
{
redef enum Notice::Type += {
CVE_2020_1350
};
}
event dns_unknown_reply(c: connection, msg: dns_msg, ans: dns_answer)
@kraigu
kraigu / smbattackers.py
Created Jun 29, 2018
pull SMB attackers from CHN API
View smbattackers.py
#!/usr/bin/env python3
import requests
import json
import configparser
from datetime import date, timedelta
yday = date.today() - timedelta(1)
myconf = configparser.ConfigParser()
View gist:3cc746aa73d31966eca67fc948d17596
### Keybase proof
I hereby claim:
* I am kraigu on github.
* I am snowcrashmike (https://keybase.io/snowcrashmike) on keybase.
* I have a public key ASBzqe7yaHWnecuhOkY1xgCD6RzUBS5L4124fTYexB9kcwo
To claim this, I am signing this object:
@kraigu
kraigu / gist:7a696e657a1b626eba06fe22eaa1c093
Created Mar 27, 2017
Add some Globalsign IntranetSSL certificates to a MacOS keychain as trusted
View gist:7a696e657a1b626eba06fe22eaa1c093
#!/bin/bash
curl 'http://secure.globalsign.com/cacert/gsintranetsslsha256g3.crt' -o gsintranetsslsha256g3.crt
curl 'http://secure.globalsign.com/cacert/gsnonpublicroot2.crt' -o gsnonpublicroot2.crt
sudo security add-trusted-cert -d -r trustRoot -k "/Library/Keychains/System.keychain" "./gsintranetsslsha256g3.crt"
sudo security add-trusted-cert -d -r trustRoot -k "/Library/Keychains/System.keychain" "./gsnonpublicroot2.crt"
@kraigu
kraigu / gist:7646342
Created Nov 25, 2013
bro packet filter
View gist:7646342
event bro_init() &priority=-12
{
restrict_filters["ignore tor node"] = "not (net 192.16.0.0/16)";
PacketFilter::install();
}