Skip to content

Instantly share code, notes, and snippets.

View rafaeldtinoco's full-sized avatar
:octocat:
Nerd

Rafael David Tinoco rafaeldtinoco

:octocat:
Nerd
View GitHub Profile
@rafaeldtinoco
rafaeldtinoco / ai-generate-mp3-loop.sh
Created July 15, 2025 16:46
Generate MP3 for Videos
#!/usr/bin/env bash
# Fail on error.
set -e
# Check for API key.
if [ -z "$OPENAI_API_KEY" ]; then
echo "❌ Set your OPENAI_API_KEY environment variable first."
exit 1
fi
@rafaeldtinoco
rafaeldtinoco / detection_net_example.json
Created June 2, 2025 01:19
detection network example
{
"data": {
"uuid": "873e668e4689a38116fa1695ef9c119e2f298a3e224e5740f5b2b9977b5a3e22",
"timestamp": "2025-06-02T01:18:11Z",
"metadata": {
"name": "adult_domain_access",
"format": "network_peers",
"version": "1.0",
"description": "Access to porn and adult content",
"documentation": "https://garnet.gitbook.io/jibril/detections/network-peers/adult_domain_access",
{
"data": {
"uuid": "4a3d6adb872be4846a25a48b5d73648c9633595de6b3c97107595ef7d606f096",
"timestamp": "2025-06-02T01:07:40Z",
"metadata": {
"name": "file_example_blergh",
"format": "file_access",
"version": "1.0",
"description": "Detect access magic files as an example",
"documentation": "https://garnet.gitbook.io/jibril/detections/file-access/file_example",
@rafaeldtinoco
rafaeldtinoco / 2025-05-15-detections.json
Last active May 15, 2025 12:53
2025-05-15-detections.json
{
"data": {
"body": {
"fullinfo": {
"files": {
"etc": {
"gnutls": {
"config": "open|read|close"
},
"ld.so.cache": "mmap|open|close",
{
"name": "os_network_fingerprint_0_5",
"type": "os_network_fingerprint",
"verdict": {
"false_positive": true,
"severity": "low",
"description": "The event involves a CI/CD pipeline runner executing a curl command to access www.zabbix.com. The process ancestry shows legitimate CI/CD processes, and the file access to /etc/hosts is typical for network operations. The network flow indicates a standard HTTPS connection to a known monitoring service, suggesting routine activity. No malicious indicators are present, making this a likely false positive."
}
}
{
{
"data": {
"body": {
"file": {
"file": "/tmp/blergh",
"dir": "/tmp",
"basename": "blergh",
"actions": "open|read|close",
"fasync": false,
"flock": false,
@rafaeldtinoco
rafaeldtinoco / wazuh-printer.md
Created February 11, 2025 11:54
example of wazuh printer

Wazuh Printer

An example of a Jibril event transformation to Wazuh.

// main.go

package main

import (