Skip to content

Instantly share code, notes, and snippets.

View trumb's full-sized avatar
💭
I may be slow to respond.

Maurice Brown trumb

💭
I may be slow to respond.
4 followers · 18 following
View GitHub Profile
@jaredcatkinson
jaredcatkinson / Get-InjectedThread.ps1
Last active April 22, 2024 19:09
Code from "Taking Hunting to the Next Level: Hunting in Memory" presentation at SANS Threat Hunting Summit 2017 by Jared Atkinson and Joe Desimone
function Get-InjectedThread
{
<#
.SYNOPSIS
Looks for threads that were created as a result of code injection.
.DESCRIPTION
@jareware
jareware / s3-curl-backups.md
Last active May 11, 2024 23:39
Simple, semi-anonymous backups with S3 and curl

⇐ back to the gist-blog at jrw.fi

Simple, semi-anonymous backups with S3 and curl

Backing stuff up is a bit of a hassle, to set up and to maintain. While full-blown backup suites such as duplicity or CrashPlan will do all kinds of clever things for you (and I'd recommend either for more complex setups), sometimes you just want to put that daily database dump somewhere off-site and be done with it. This is what I've done, with an Amazon S3 bucket and curl. Hold onto your hats, there's some Bucket Policy acrobatics ahead.

There's also a tl;dr at the very end if you just want the delicious copy-pasta.

Bucket setup