This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from collections import Counter | |
from scapy.all import * | |
import pandas as pd | |
import seaborn as sns | |
import matplotlib.pyplot as plt | |
def buildPktList(): | |
pcap_file = rdpcap('sender.pcap') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
(module | |
(import "js" "mem" (memory 1)) | |
(import "console" "log" (func $log (param i32))) | |
(func $getbyte (param $pos i32) (result i32) | |
local.get $pos | |
i32.const 255 | |
i32.and | |
) | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from scapy.all import * | |
import sys | |
import binascii | |
import uuid | |
def buildPktList(): | |
pcap_file = rdpcap('teamviewer-sent.pcapng') | |
pkt_list = [] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
╟ PCAP File Header ╢ | |
╒═════════════════════════════════════════════════════╕ | |
│ │ | |
│ ┌ ┐ ════════════════════════════ │ | |
d4c3 b2a1 │ Magic Number | |
│ │ ╌╌╌╌ ╌╌╌╌ │ ════════════════════════════ │ | |
0200 0400 │ Major Version/Minor Version | |
│ │ ╌╌╌╌ ╌╌╌╌ │ ════════════════════════════ │ | |
0000 0000 │ Reserved | |
│ │ ╌╌╌╌ ╌╌╌╌ │ ════════════════════════════ │ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ids = Import-Csv .\test-hosts.csv | |
$HostIds = $ids.ID | |
$Param = @{ | |
Command = 'getsid' | |
HostIds = $HostIds | |
} | |
$results = Invoke-FalconRTR @Param |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
for (cur = g_list_last(follow_info_.payload); cur; cur = g_list_previous(cur)) { | |
if (dialogClosed() || !isReadRunning) break; | |
*** | |
QByteArray buffer; | |
if (!skip) { | |
//add exception for MUHPROTO | |
if(follow_type_ == FOLLOW_MUHPROTO) { | |
buffer.clear(); |