Skip to content

Instantly share code, notes, and snippets.

View pevandenburie's full-sized avatar

Paul-Emmanuel Vandenburie pevandenburie

  • Gatewatcher
  • France
View GitHub Profile
@pevandenburie
pevandenburie / broker_install.md
Last active April 9, 2019 09:02
Broker install
@pevandenburie
pevandenburie / scapy-ether.bro
Created March 31, 2019 07:32
scapy-ether.bro
type Val: record {
pkt_type: string;
src: string;
dst: string;
# type: string;
};
event etherpkt(description: Input::EventDescription,
t: Input::Event, data: Val) {
# do something here...
@pevandenburie
pevandenburie / pkt2Bro.py
Last active March 31, 2019 21:28
pkt2Bro: Scapy parsed packet to Bro Event.
#!/usr/bin/env python3
from scapy.packet import Packet
import os, sys
def pkt2Bro(pkt):
out = {}
layer = pkt.getlayer(0)
import json
from base64 import b64encode
import binascii
from Crypto.Cipher import AES
from Crypto.Random import get_random_bytes
print("Hello AES-CCM")
# Key: 1AE1CC81F39199114EB794C944E655DF
# Timestamp: 5c52184b
@pevandenburie
pevandenburie / sandbox.sh
Last active October 4, 2016 13:57
Docker sandbox: sandbox.sh -c "echo 'Hello World'"
#! /bin/bash
docker run -it --rm ubuntu /bin/bash $@
@pevandenburie
pevandenburie / node-red-ip-startup.json
Created March 30, 2016 20:45
Node-RED startup with IP address, followed with yahoo weather
[{"id":"b565f7ad.4a9a08","type":"subflow","name":"Subflow 1","info":"","in":[{"x":-10,"y":373,"wires":[{"id":"634395b1.9cbc6c"}]}],"out":[{"x":475,"y":376,"wires":[{"id":"39b05034.c64fb","port":0}]}]},{"id":"39b05034.c64fb","type":"function","z":"b565f7ad.4a9a08","name":"parse","func":"\nvar city = msg.payload.query.results.channel.location.city;\nvar country = msg.payload.query.results.channel.location.country;\nvar forecast = msg.payload.query.results.channel.item.forecast;\n\nvar line1 = \"1:\"+city+\" (\"+country+\")\";\nvar line2 = \"2:\"+forecast[0].day+\": \"+forecast[0].text;\nvar line3 = \"3:\"+forecast[1].day+\": \"+forecast[1].text;\nvar line4 = \"4:\"+forecast[2].day+\": \"+forecast[2].text;\n\n//clear the screen and send the messages\nmsg.payload = \"clr:\";\nnode.send(msg);\nmsg.payload = line1;\nnode.send(msg);\nmsg.payload = line2;\nnode.send(msg);\nmsg.payload = line3;\nnode.send(msg);\nmsg.payload = line4;\nnode.send(msg);\n\n//return msg;","outputs":1,"noerr":0,"x":345,"y":376,"wires":[[]]}
[{"id":"3d33a278.c2cc5e","type":"subflow","name":"Subflow 1","info":"","in":[{"x":-10,"y":373,"wires":[{"id":"8e386c16.71c79"}]}],"out":[{"x":475,"y":376,"wires":[{"id":"ce58d70f.31a728","port":0}]}]},{"id":"ce58d70f.31a728","type":"function","z":"3d33a278.c2cc5e","name":"parse","func":"\nvar city = msg.payload.query.results.channel.location.city;\nvar country = msg.payload.query.results.channel.location.country;\nvar forecast = msg.payload.query.results.channel.item.forecast;\n\nvar line1 = \"1:\"+city+\" (\"+country+\")\";\nvar line2 = \"2:\"+forecast[0].day+\": \"+forecast[0].text;\nvar line3 = \"3:\"+forecast[1].day+\": \"+forecast[1].text;\nvar line4 = \"4:\"+forecast[2].day+\": \"+forecast[2].text;\n\n//clear the screen and send the messages\nmsg.payload = \"clr:\";\nnode.send(msg);\nmsg.payload = line1;\nnode.send(msg);\nmsg.payload = line2;\nnode.send(msg);\nmsg.payload = line3;\nnode.send(msg);\nmsg.payload = line4;\nnode.send(msg);\n\n//return msg;","outputs":1,"noerr":0,"x":345,"y":376,"wires":[[]]