Skip to content

Instantly share code, notes, and snippets.

View mikedamm's full-sized avatar

Mike Damm mikedamm

46 followers · 14 following
View GitHub Profile
@ecapuano
ecapuano / Custom.Winlogbeat.Deploy.xml
Last active December 19, 2023 20:25
name: Custom.Winlogbeat.Deploy
description: |
Quick and dirty way to deploy Winlogbeat via Velociraptor
# Can be CLIENT, CLIENT_EVENT, SERVER, SERVER_EVENT
type: CLIENT
parameters:
- name: binaryURL
default: http://url.to/winlogbeat.exe
- name: installPath
default: C:\Program Files\winlogbeat
@ecapuano
ecapuano / Custom.CapsSysmon.Deploy.xml
Created June 27, 2020 14:12
name: Custom.CapsSysmon.Deploy
description: |
A quick and dirty way to download and install sysmon via Velociraptor
# Can be CLIENT, CLIENT_EVENT, SERVER, SERVER_EVENT
type: CLIENT
parameters:
- name: sysmonURL
default: http://url.to/sysmon8_64.exe
- name: binPath
default: C:\sysmon.exe
@erikig
erikig / common-domain-prefix-suffix-list.tsv
Last active March 19, 2024 11:12
Top 5000 Most Common Domain Prefix/Suffix List - Courtesy LeanDomainSearch - https://leandomainsearch.com/top-domain-name-prefixes-and-suffixes/, Google Sheets version with changes to domain length - https://docs.google.com/spreadsheets/d/1BzZJ7BNek7ssUB2hWc6ChdF-mxN7QOE4U380Qx8uvR8/edit#gid=1626652908
Rank Type Prefix/Suffix Length
1 Prefix my+ 2
2 Suffix +online 6
3 Prefix the+ 3
4 Suffix +web 3
5 Suffix +media 5
6 Prefix web+ 3
7 Suffix +world 5
8 Suffix +net 3
9 Prefix go+ 2
@chriswhong
chriswhong / scrape.js
Created April 22, 2019 03:58
Decrypting Amtrak's real-time train location geoJSON feed
// decrypting Amtrak's real-time train location geoJSON feed
// based on https://github.com/Vivalize/Amtrak-Train-Stats
const fetch = require('node-fetch');
const CryptoJS = require('crypto-js');
// this is the xhr call done by https://www.amtrak.com/track-your-train.html containing encrypted train location data
const dataUrl = 'https://maps.amtrak.com/services/MapDataService/trains/getTrainsData';
// these constants are pulled from RoutesList.v.json, which is an object with keys 'arr', 's', and 'v'
const sValue = '9a3686ac'; // found at s[8]
@42wim
42wim / dnsdist.lua
Last active November 6, 2020 10:02
dnsdist
function maintenance()
res = blockingGetAddrInfo(newDNSName('mydns.service.consul'))
active = getPoolServers("apool")
local match = {}
local match2 = {}
for k,v in pairs(res) do
match[v:toString()]=false
end
for a,b in pairs(active) do
match2[a]=false
@andrei-dascalu
andrei-dascalu / sysctl
Created October 30, 2018 20:13
#!/bin/bash
sysctl -w net.core.netdev_max_backlog="150000"
sysctl -w net.core.rmem_max="16777216"
sysctl -w net.core.somaxconn="65535"
sysctl -w net.core.wmem_max="16777216"
sysctl -w net.ipv4.ip_local_port_range="1025 65535"
sysctl -w net.ipv4.tcp_fin_timeout="20"
sysctl -w net.ipv4.tcp_keepalive_time="30"
sysctl -w net.ipv4.tcp_max_syn_backlog="20480"
@joepie91
joepie91 / vpn.md
Last active June 29, 2024 17:36
Don't use VPN services.

Don't use VPN services.

No, seriously, don't. You're probably reading this because you've asked what VPN service to use, and this is the answer.

Note: The content in this post does not apply to using VPN for their intended purpose; that is, as a virtual private (internal) network. It only applies to using it as a glorified proxy, which is what every third-party "VPN provider" does.

  • A Russian translation of this article can be found here, contributed by Timur Demin.
  • A Turkish translation can be found here, contributed by agyild.
  • There's also this article about VPN services, which is honestly better written (and has more cat pictures!) than my article.
@willurd
willurd / web-servers.md
Last active June 29, 2024 17:26
Big list of http static server one-liners

Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.

Discussion on reddit.

Python 2.x

$ python -m SimpleHTTPServer 8000
@obscurerichard
obscurerichard / README.md
Created September 17, 2012 22:35
Simulates a low bandwidth, high-latency network connection

slow

This bash script offers quick shortcuts to simulate slower network connections. It is useful when you need to simulate a wireless network on a Linux network server, especially when you are using a virtual machine guest on your local machine or in the cloud.

slow 3G                   # Slow network on default eth0 down to 3G wireless speeds
slow reset                # Reset connection for default eth0 to normal
slow vsat --latency=500ms # Simulate satellite internet  with a high latency
slow dsl -b 1mbps         # Simulate DSL with a slower speed than the default

slow modem-56k -d eth0 # Simulate a 56k modem on the eth1 device. eth0 is unchanged.