Navigation Menu

Skip to content

Instantly share code, notes, and snippets.

View kraigu's full-sized avatar

Mike kraigu

23 followers · 27 following
View GitHub Profile
@kraigu
kraigu / gist:7646342
Created November 25, 2013 18:39
bro packet filter
event bro_init() &priority=-12
{
restrict_filters["ignore tor node"] = "not (net 192.16.0.0/16)";
PacketFilter::install();
}
@kraigu
kraigu / gist:7a696e657a1b626eba06fe22eaa1c093
Created March 27, 2017 13:30
Add some Globalsign IntranetSSL certificates to a MacOS keychain as trusted
#!/bin/bash
curl 'http://secure.globalsign.com/cacert/gsintranetsslsha256g3.crt' -o gsintranetsslsha256g3.crt
curl 'http://secure.globalsign.com/cacert/gsnonpublicroot2.crt' -o gsnonpublicroot2.crt
sudo security add-trusted-cert -d -r trustRoot -k "/Library/Keychains/System.keychain" "./gsintranetsslsha256g3.crt"
sudo security add-trusted-cert -d -r trustRoot -k "/Library/Keychains/System.keychain" "./gsnonpublicroot2.crt"
@kraigu
kraigu / gist:3cc746aa73d31966eca67fc948d17596
Created April 10, 2017 23:05
keybase.md
### Keybase proof
I hereby claim:
* I am kraigu on github.
* I am snowcrashmike (https://keybase.io/snowcrashmike) on keybase.
* I have a public key ASBzqe7yaHWnecuhOkY1xgCD6RzUBS5L4124fTYexB9kcwo
To claim this, I am signing this object:
@kraigu
kraigu / smbattackers.py
Created June 29, 2018 14:36
pull SMB attackers from CHN API
#!/usr/bin/env python3
import requests
import json
import configparser
from datetime import date, timedelta
yday = date.today() - timedelta(1)
myconf = configparser.ConfigParser()
@kraigu
kraigu / cve2020-1350.zeek
Created July 16, 2020 19:18
module CVE_2020_1350;
export
{
redef enum Notice::Type += {
CVE_2020_1350
};
}
event dns_unknown_reply(c: connection, msg: dns_msg, ans: dns_answer)