I hereby claim:
- I am sooshie on github.
- I am sconzo (https://keybase.io/sconzo) on keybase.
- I have a public key ASAVPRMJQdtTeO3AxcESG4JTAapjRSrjt_2jjpGj_C7svQo
To claim this, I am signing this object:
Mike Sconzo sooshie
sooshie
/ crxcagrepper.py
Created
April 10, 2020 19:23
Download multiple versions of Chrome extension source from crxcavator.io and run a string search on the files.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Python 3 | |
| # Sometimes hunting for strings in a bunch of different browser extensions and their many versions can be a pain. | |
| # This will call out to crxcavator.io, pull the versions and sources. Then just run a simple string match on it. | |
| # Surprisingly, it works. | |
| # | |
| # sooshie@gmail.com | |
| import requests | |
| import json |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| event file_sniff(f: fa_file, meta: fa_metadata) | |
| { | |
| if ( ! meta?$mime_type ) return; | |
| if ( meta$mime_type == "application/x-dosexec" ) | |
| { | |
| local fname = fmt("%s-%s.%s", f$source, f$id, "._xe"); | |
| Files::add_analyzer(f, Files::ANALYZER_EXTRACT, [$extract_filename=fname]); | |
| } | |
| } |
sooshie
/ digicomp.json
Created
November 1, 2018 19:13
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "packages":[ | |
| { | |
| "name":"digistump", | |
| "maintainer":"Digistump", | |
| "websiteURL":"http://digistump.com", | |
| "email":"support@digistump.com", | |
| "help":{ | |
| "online":"https://digistump.com/board" | |
| }, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #https://r3v3rs3r.wordpress.com/2015/12/12/unicorn-vs-malware/ | |
| from unicorn import * | |
| from unicorn.x86_const import * | |
| from capstone import * | |
| from capstone.x86 import * | |
| import pefile | |
| import struct | |
| import string | |
| import sys |
sooshie
/ sqllite_postgres_cuckoo.txt
Created
September 10, 2015 04:57
Migrate from sqlite to postgres with Cuckoo
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| While not definitive, this should hopefully give you a starting point in migrating from the initial/defalt sqlite setup for cuckoo to postgres. | |
| Postgres setup | |
| 1) install postgres (apt-get install postgresql) | |
| 2) install postgres dev (something like: apt-get install postgresql-server-dev-9.3) | |
| 3) install psycopg2 (pip install psycopg2) | |
| 4) login to postgres and create a user (I created 'cuckoo') | |
| 5) create a database and give the user created in #4 rights to it (I created 'cuckoo' here as well) | |
| Migrate data |
sooshie
/ ZeuS dataset for D3 class
Created
August 18, 2015 20:11
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Data for the Data Visualization and Infographics with D3! Class |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| scp -o ProxyCommand="ssh -A $user1@$host1 nc $host2 22" -r localdir/ $user2@$host2:/remote/directory | |
| ssh -A $user1@$host1 -t ssh $user2@$host2 |
sooshie
/ crits s3 bucket creation
Created
June 17, 2015 16:28
Protip: when using CRITS with S3 make sure to create the buckets
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Run this to create the buckets before using CRITS to store files. | |
| # Also don't forget to make sure the relevant info is in database.py | |
| python manage.py create_buckets |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -e | |
| set -x | |
| if [ $# -ne 2 ] | |
| then | |
| echo "Wrong number of arguments supplied." | |
| echo "Usage: $0 <server_url> <deploy_key>." | |
| exit 1 |
NewerOlder