Seth Grover mmguero

## sample intel sources.md

      
              1 file
            
          
              0 forks
            
          
              2 comments
            
          
              0 stars
            
          
                mmguero
                / sample intel sources.md
            
            
              Created
              April 12, 2024 13:34
            
              
                sample Public STIX and MISP intel sources for testing Malcolm's Zeek Intelligence Framework integration
              
          
    Zeek Intelligence Framework for Malcolm

/zeek/intel/MISP/.misp_input.txt

misp|https://www.circl.lu/doc/misp/feed-osint/manifest.json
misp|https://www.botvrij.eu/data/feed-osint/manifest.json
misp|https://osint.digitalside.it/Threat-Intel/digitalside-misp-feed/manifest.json


/zeek/intel/STIX/.stix_input.txt


## docker-compose.yml
services:
  samba:
    image: docker.io/dperson/samba:latest
    environment:
      TZ: 'America/Denver'
      USERID: 0
      GROUPID: 0
    ports:
      - "0.0.0.0:137:137/udp"
      - "0.0.0.0:138:138/udp"

## export.json
{
  "attributes": {
    "description": "",
    "kibanaSavedObjectMeta": {
      "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"
    },
    "title": "markdown URL example",
    "uiStateJSON": "{}",
    "version": 1,
    "visState": "{\"title\":\"markdown URL example\",\"type\":\"metrics\",\"aggs\":[],\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"markdown\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"#54B399\",\"split_mode\":\"terms\",\"split_color_mode\":\"opensearchDashboards\",\"metrics\":[{\"size\":1,\"agg_with\":\"noop\",\"order\":\"desc\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"top_hit\",\"field\":\"zeek.files.extracted_uri\",\"order_by\":\"firstPacket\"}],\"separate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":1,\"point_size\":1,\"fill\":0.5,\"stacked\":\"none\",\"color_rules\":[{\"value\":0,\"id\":\"1f169c40-f12a-11ee-9364-f9bff3c7f983\"

## export.json
{
  "attributes": {
    "description": "",
    "kibanaSavedObjectMeta": {
      "searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"
    },
    "title": "Example table with transform",
    "uiStateJSON": "{}",
    "version": 1,
    "visState": "{\"title\":\"Example table with transform\",\"type\":\"transform\",\"aggs\":[],\"params\":{\"meta\":\"({})\",\"multiquerydsl\":\"{\\n  \\\"topn\\\": {\\n    \\\"index\\\": \\\"zeekicata-*\\\",\\n    \\\"query\\\": {\\n      \\\"bool\\\": {\\n        \\\"must\\\": [\\n          \\\"_DASHBOARD_CONTEXT_\\\",\\n          \\\"_TIME_RANGE_[firstPacket]\\\",\\n          {\\n            \\\"match\\\": {\\n              \\\"event.dataset\\\": \\\"files\\\"\\n            }\\n          },\\n          {\\n            \\\"match\\\": {\\n              \\\"event.provider\\\": \\\"zeek\\\"\\n            }\\n          }\\n        ]\\n      }\\n    },\\n    \\\"aggs\\\": {\\n      \\\"uris\\\": {\\n        \\\"terms\\\": {\\n          \\\"field\\\": \\

## vboxmacos.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                mmguero
                / vboxmacos.md
            
            
              Last active
              April 23, 2024 17:27
            
              
                VirtualBox on macOS fixes
              
          
    Make sure NSHighResolutionCapable in /Applications/VirtualBox.app/Contents/Resources/VirtualBoxVM.app/Contents/Info.plisst is set to <false/> for a pretty difference in performance.
$ grep -i NSHigh /Applications/VirtualBox.app/Contents/Resources/VirtualBoxVM.app/Contents/Info.plisst
    <key>NSHighResolutionCapable</key>          <true/>
Set it like this:

  
## release_cleaver.ps1
# release_cleaver.ps1

# Split and join large files into 2 gigabyte chunks. sha256 sum is
#   also calculated and saved on split and checked on join.


$ErrorActionPreference = "Stop"


# Split a binary file into a series of smaller files

## release_cleaver.sh
#!/usr/bin/env bash

# release_cleaver.sh
# Split and join large files into 2 gigabyte chunks. sha256 sum is
#   also calculated and saved on split and checked on join.

if [ -z "$BASH_VERSION" ]; then
  echo "Wrong interpreter, please run \"$0\" with bash"
  exit 1
fi

## calibredb_set_metadata_using_find.sh
for ID in $(find . -type f -iname "*Vigilantes v*" | grep -Po "\d\d\d\d" | grep -v ^20); do \
  for METADATA in 'authors:Hideyuki Furuhashi' 'series:My Hero Academia: Vigilantes'; do \
    /app/calibre/bin/calibredb --library-path=/books set_metadata -f "$METADATA" "$ID"; \
   done; \
done

## mp3join.sh
detox *.mp3 && \
  rm -f mylist.txt &&\
  for FILE in *.mp3; do \
    echo "file '$FILE'" >> mylist.txt; \
   done;
   ffmpeg -f concat -safe 0 -i mylist.txt -vn -c:a copy ../"$(basename "$(pwd)").mp3"; \
  rm -f mylist.txt

## wpa_supplicant.conf
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
country=US

network={
	ssid="Your network SSID"
	psk="Your WPA/WPA2 security key"
	key_mgmt=WPA-PSK
}
	services:
	samba:
	image: docker.io/dperson/samba:latest
	environment:
	TZ: 'America/Denver'
	USERID: 0
	GROUPID: 0
	ports:
	- "0.0.0.0:137:137/udp"
	- "0.0.0.0:138:138/udp"
	{
	"attributes": {
	"description": "",
	"kibanaSavedObjectMeta": {
	"searchSourceJSON": "{\"query\":{\"query\":\"\",\"language\":\"kuery\"},\"filter\":[]}"
	},
	"title": "markdown URL example",
	"uiStateJSON": "{}",
	"version": 1,
	"visState": "{\"title\":\"markdown URL example\",\"type\":\"metrics\",\"aggs\":[],\"params\":{\"id\":\"61ca57f0-469d-11e7-af02-69e470af7417\",\"type\":\"markdown\",\"series\":[{\"id\":\"61ca57f1-469d-11e7-af02-69e470af7417\",\"color\":\"#54B399\",\"split_mode\":\"terms\",\"split_color_mode\":\"opensearchDashboards\",\"metrics\":[{\"size\":1,\"agg_with\":\"noop\",\"order\":\"desc\",\"id\":\"61ca57f2-469d-11e7-af02-69e470af7417\",\"type\":\"top_hit\",\"field\":\"zeek.files.extracted_uri\",\"order_by\":\"firstPacket\"}],\"separate_axis\":0,\"axis_position\":\"right\",\"formatter\":\"number\",\"chart_type\":\"line\",\"line_width\":1,\"point_size\":1,\"fill\":0.5,\"stacked\":\"none\",\"color_rules\":[{\"value\":0,\"id\":\"1f169c40-f12a-11ee-9364-f9bff3c7f983\"
	# release_cleaver.ps1

	# Split and join large files into 2 gigabyte chunks. sha256 sum is
	# also calculated and saved on split and checked on join.


	$ErrorActionPreference = "Stop"


	# Split a binary file into a series of smaller files
	#!/usr/bin/env bash

	# release_cleaver.sh
	# Split and join large files into 2 gigabyte chunks. sha256 sum is
	# also calculated and saved on split and checked on join.

	if [ -z "$BASH_VERSION" ]; then
	echo "Wrong interpreter, please run \"$0\" with bash"
	exit 1
	fi
	for ID in $(find . -type f -iname "Vigilantes v" \| grep -Po "\d\d\d\d" \| grep -v ^20); do \
	for METADATA in 'authors:Hideyuki Furuhashi' 'series:My Hero Academia: Vigilantes'; do \
	/app/calibre/bin/calibredb --library-path=/books set_metadata -f "$METADATA" "$ID"; \
	done; \
	done
	detox *.mp3 && \
	rm -f mylist.txt &&\
	for FILE in *.mp3; do \
	echo "file '$FILE'" >> mylist.txt; \
	done;
	ffmpeg -f concat -safe 0 -i mylist.txt -vn -c:a copy ../"$(basename "$(pwd)").mp3"; \
	rm -f mylist.txt
	ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
	update_config=1
	country=US

	network={
	ssid="Your network SSID"
	psk="Your WPA/WPA2 security key"
	key_mgmt=WPA-PSK
	}