Extracts the package table of contents as an XML file
xar --dump-toc={header.xml} -f {file.pkg}
Clean up the TOC to just the RSA signature information
/usr/bin/xmllint --xpath '//signature[@style="RSA"]' {header.xml} > {rsa.raw}
peasead
/ update-agents.sh
Last active
June 6, 2023 22:23
Updates Fleet-managed Elastic agents that are stuck in an "Updating" status.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Shell script to update Elastic Agents that are stuck in an "Updating" state in Fleet. | |
| # Example : | |
| # KIBANA_URL="https://my-kibana-host:5601" | |
| # PASSWORD="secret-password" | |
| # ./update-agents.sh | |
| KIBANA_URL="https://kibana-url:port" | |
| PASSWORD="elastic-user-password" | |
| AGENT_IDS=` |
peasead
/ macos-setup.sh
Last active
October 26, 2021 18:01
— forked from seven62/macos-setup.sh
Script and readme to configure a new mac
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| #set -eux | |
| # Create Profile Directories | |
| mkdir ~/{bin,code,dev} | |
| # Installing Homebrew if necessary | |
| if system_profiler SPApplicationsDataType | grep brew >/dev/null 2>&1; then echo "Homebrew already installed. Moving on."; else /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install.sh)"; fi | |
| # Install CLI Tools |
peasead
/ malware-bazaar-tag-download.sh
Created
June 15, 2021 19:04
Download samples from Malware Bazaar based on tag.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Bash script to download Malware Bazaar based on tag | |
| # Define tag and number of samples to download | |
| TAG=insert-malware-bazaar-tag | |
| DOWNLOAD_LIMIT=100 | |
| # Determin OS | |
| OS=$(uname -s) | |
| # Download hash values from tag, save the SHA256 hashes |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cat input.ndjson | jq -s . |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cat file.json | jq -c '.[]' > output.ndjson |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # python3 csv-to-ndjson.py | |
| # pip3 install csv json | |
| import csv | |
| import json | |
| csvfile = open('in.csv', 'r') | |
| jsonfile = open('out.ndjson', 'w') | |
| fieldnames = ("field1","field2","field3") |
peasead
/ mac-os-elastic-agent-install.sh
Last active
March 29, 2023 03:10
Install the Elastic Agent on macOS systems.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash -eux | |
| # Single script to install the Elastic Agent on macOS | |
| # Downloads the Elastic Agent and saves it to your computer in the current directory (example in Downloads, Desktop, etc.) | |
| curl -OL https://artifacts.elastic.co/downloads/beats/elastic-agent/elastic-agent-8.2.0-darwin-x86_64.tar.gz | |
| # Uses the Tar command to decompress the Elastic Agent and prepare it for installation | |
| tar zxf elastic-agent-8.2.0-darwin-x86_64.tar.gz | |
| # Enters the Elastic Agent directory that was decompressed in the previous step |
peasead
/ extract-pkg-x509-cert.md
Last active
April 29, 2021 22:44
Extracting code-signing certificates from .pkg files
peasead
/ win-2019-ad-deploy.ps1
Last active
February 4, 2021 20:38
Deploy Windows 2019 Active Directory and DNS services
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://www.virtualgyanis.com/post/step-by-step-how-to-install-and-configure-domain-controller-on-windows-server-2019 | |
| Import-Module ADDSDeployment | |
| Install-ADDSForest ` | |
| -CreateDnsDelegation:$false ` | |
| -DatabasePath "C:\Windows\NTDS" ` | |
| -DomainMode "WinThreshold" ` | |
| -DomainName "huntops.blue" ` | |
| -DomainNetbiosName "HUNTOPS" ` | |
| -ForestMode "WinThreshold" ` | |
| -InstallDns:$true ` |
peasead
/ gist:e9c06979cb3c2dfef383da05abd89bf9
Created
October 6, 2020 14:48
PCAP Through Packetbeat
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Update packetbeat.shutdown_timeout=20s to fit your time requirements | |
| /usr/local/bin/packetbeat -I file.pcap -t -E packetbeat.shutdown_timeout=20s |
NewerOlder