I hereby claim:
- I am norandom on github.
- I am wishi (https://keybase.io/wishi) on keybase.
- I have a public key whose fingerprint is 4D3E 31D9 369C A804 6C90 B91C 813D A454 4A2E FC36
To claim this, I am signing this object:
norandom
/ prefetch_analysis.py
Created
February 25, 2024 14:13
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ######################## | |
| # Windows 10 Prefetch Parser | |
| # Created by 505Forensics (http://www.505forensics.com) | |
| # Modified by Marius Ciepluch (2024, Python 3) | |
| # | |
| # Usage: Utilize this script to parse either a single or set of Windows 10 prefetch files | |
| # | |
| # Dependencies: This script requires the installation of libscca (https://github.com/libyal/libscca), and was only tested in a Linux environment | |
| # | |
| # Output: Script will output in CSV to stdout by default. |
norandom
/ windows_registry_date_convert.py
Created
February 25, 2024 12:10
Converts Windows Registry dates to a human readable format
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| Copyright (c) 2024 Marius Ciepluch | |
| Permission is hereby granted, free of charge, to any person obtaining a copy | |
| of this software and associated documentation files (the "Software"), to deal | |
| in the Software without restriction, including without limitation the rights | |
| to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | |
| copies of the Software, and to permit persons to whom the Software is | |
| furnished to do so, subject to the following conditions: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <time.h> | |
| // Function to convert a byte into its hexadecimal string representation | |
| void byteToHex(unsigned char byte, char hexStr[3]) { | |
| const char hexDigits[] = "0123456789abcdef"; | |
| hexStr[0] = hexDigits[byte >> 4]; // Extract the high nibble (4 bits) and find its hex character | |
| hexStr[1] = hexDigits[byte & 0x0F]; // Extract the low nibble and find its hex character | |
| hexStr[2] = '\0'; // Null-terminate the string |
norandom
/ setup_net_arch.sh
Last active
February 16, 2024 09:59
Persist DHCP provisioned IP config (Arch, systemd-networkd)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Interface name, e.g., enp1s0 | |
| IFACE="enp1s0" | |
| # Ensure systemd-networkd is enabled | |
| systemctl enable systemd-networkd | |
| systemctl start systemd-networkd | |
| systemctl start systemd-resolved |
norandom
/ setup_net.sh
Last active
February 15, 2024 17:40
Persist DHCP provisioned IP config (Debian, Ubuntu, netplan)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Interface name | |
| IFACE="enp1s0" | |
| # Get current IP, netmask, and gateway | |
| IP=$(ip addr show $IFACE | grep 'inet ' | awk '{print $2}') | |
| GATEWAY=$(ip route | grep default | awk '{print $3}') | |
| DNS=$(awk '/^nameserver/ {print $2}' /run/systemd/resolve/resolv.conf | tr '\n' ' ') |
norandom
/ sysmon_xml_to_json.py
Last active
January 23, 2024 19:19
Sysmon XML to JSON transformer (Linux) https://because-security.atlassian.net/wiki/spaces/Linix/pages/21659649/Build+install+and+integrate+Sysmon+for+Linux+Mint+Ubuntu+21+x86-64+VM
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| Copyright (c) 2024 Marius Ciepluch | |
| Permission is hereby granted, free of charge, to any person obtaining a copy | |
| of this software and associated documentation files (the "Software"), to deal | |
| in the Software without restriction, including without limitation the rights | |
| to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | |
| copies of the Software, and to permit persons to whom the Software is |
norandom
/ squarespace_custom.css
Last active
March 14, 2024 12:31
Custom CSS for Squarespace SaaS CMS https://because-security.atlassian.net/wiki/spaces/WT/pages/20578319/Squarespace+CMS+SaaS#Custom-CSS-with-advanced-typography
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @font-face { | |
| font-family: 'sys'; | |
| src: url('//static1.squarespace.com/static/65840324827cd665497dee69/t/658587e66906431c71b9e141/1703249894559/sys400-webfont.ttf'); | |
| } | |
| .dropcaps { | |
| font-family: "sys",sans-serif; | |
| font-size: 300% !important; | |
| width: 0.8em !important; | |
| line-height: 80% !important; |
norandom
/ log2vec_wrapper.sh
Last active
January 23, 2024 19:21
A wrapper around the Log2Vec tools https://github.com/NetManAIOps/Log2Vec/tree/master - Log File Vectorization https://because-security.atlassian.net/wiki/spaces/LML/pages/11927594/Log2Vec+conda+Python+3.9
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| : ' | |
| Copyright (c) 2024 Marius Ciepluch | |
| Permission is hereby granted, free of charge, to any person obtaining a copy | |
| of this software and associated documentation files (the "Software"), to deal | |
| in the Software without restriction, including without limitation the rights | |
| to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | |
| copies of the Software, and to permit persons to whom the Software is |
norandom
/ conda_env_log2vec.yml
Created
January 16, 2024 07:28
Conda environment for log2vec https://github.com/NetManAIOps/Log2Vec
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: log2vec | |
| channels: | |
| - conda-forge | |
| - anaconda | |
| - defaults | |
| dependencies: | |
| - _libgcc_mutex=0.1=main | |
| - _openmp_mutex=5.1=1_gnu | |
| - blas=1.0=mkl | |
| - brotli-python=1.0.9=py39h6a678d5_7 |