This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
1) Creo utente per tcpdump | |
groupadd tcpdump | |
addgroup <username> tcpdump | |
chown root.tcpdump /usr/sbin/tcpdump | |
chmod 0750 /usr/sbin/tcpdump | |
setcap "CAP_NET_RAW+eip" /usr/sbin/tcpdump | |
2) Imposto l'accesso senza password (con chiave SSH) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sudo apt update && sudo apt install --assume-yes libpam-google-authenticator | |
sudo vi /etc/ssh/sshd_config: | |
ChallengeResponseAuthentication yes | |
sudo systemctl restart ssh | |
sudo vi /etc/pam.d/sshd: | |
auth required pam_unix.so no_warn try_first_pass | |
auth required pam_google_authenticator.so |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
# Convert OpenLDAP hashes to a format Hashcat can understand | |
import sys | |
import base64 | |
with open(sys.argv[1], 'r') as f: | |
lines = f.readlines() | |
for line in lines: | |
line = line.rstrip("\n") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
CHECK TOR CONNECTION | |
=== | |
curl --socks5 localhost:9050 --socks5-hostname localhost:9050 -s https://check.torproject.org/ | cat | grep -m 1 Congratulations | xargs | |
INSTALL PYTHON requirements.txt dependencies | |
=== | |
pip3 install -r requirements.txt | |
DETECT PUBLIC IP | |
=== |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
You can achieve this by setting the policy id in the /etc/filebeat/wazuh-template.json file (on the Wazuh nodes) and then reloading the template. For example, let's say that you have created your ISM policy on Elasticsearch with id wazuh-index-state-policy, | |
Edit the wazuh-template.json file. | |
Add the line "opendistro.index_state_management.policy_id": "wazuh-index-state-policy" inside the settingsobject: | |
"opendistro" : { | |
"index_state_management" : { | |
"policy_id" : "hot_warm_delete_workflow" | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
How To Install A Public Git Repository On A Debian Server. | |
General steps | |
Install git + gitweb | |
$ sudo apt-get install git-core gitweb | |
Setup gitweb directories | |
$ sudo mkdir /var/www/git |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
# | |
###################################################### | |
# Fortigate WiFi client monitor | |
# v0.0.1 - Michele "O-Zone" Pinassi | |
# | |
# This script, tested with Fortigate API 6.4.x, check if an user | |
# is connected on wifi network with more than CLIENT_TRIGGER clients. | |
# At the end, send a mail with username and device MACs connected | |
# |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# | |
# This daily cron script needed for maintain clean RT database: remove old rejected and deleted tickets, remove old resolved tickets | |
# | |
DATE=`date --i` | |
# Delete rejected and deleted old tickets | |
/opt/rt4/sbin/rt-shredder --sqldump /var/rt4/backup/RT_old_${DATE}.sql --plugin 'Tickets=query,(Status="deleted" OR Status="rejected") AND LastUpdated > "730 days ago";limit,100' --force 2>&1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
In header.php theme file, add this between <head> and </head> tags: | |
<?php | |
if ( is_single() && 'post' == get_post_type() ) { | |
if(has_post_thumbnail($post->ID)) { | |
$img_src = wp_get_attachment_url( get_post_thumbnail_id($post->ID) ); | |
} | |
if($excerpt = get_the_excerpt()) { | |
$excerpt = strip_tags($excerpt); | |
$excerpt = str_replace("", "'", $excerpt); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sudo netstat -anp TCP | grep ESTAB | grep -v "127.0.0.1" | grep -E -o "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}" | grep -v "$192\.\|10\." | sort -u | while read ip;do curl https://api.greynoise.io/v3/community/$ip; echo; done |