Skip to content

Instantly share code, notes, and snippets.

View visuve's full-sized avatar

visuve visuve

9 followers · 3 following
View GitHub Profile
@visuve
visuve / pertti.py
Created January 1, 2023 22:05
Magic!
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
import sys
if __name__ == "__main__":
word = sys.argv[1]
size = len(word)
@visuve
visuve / PicoDeploy.cs
Last active July 30, 2022 11:02
Deploy .uf2 files on a Pico and open a serial port for monitoring
using System.IO.Ports;
using System.Management;
class PicoDeploy
{
private static void Main(string[] args)
{
if (args.Length == 0)
{
Console.WriteLine("Usage:");
@visuve
visuve / Defender.reg
Last active March 1, 2022 21:31
Add context menu entry to scan files or folders with Windows Defender
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\*\shell\Defender]
@="Scan File with Windows Defender"
"Icon"="C:\\Program Files\\Windows Defender\\MpDlpCmd.exe,0"
[HKEY_CLASSES_ROOT\*\shell\Defender\command]
@="cmd.exe /k \"\"C:\\Program Files\\Windows Defender\\MpCmdRun.exe\" -Scan -ScanType 3 -File \"%1\"\""
@visuve
visuve / swap_endian.cpp
Created December 7, 2021 15:46
Swap endian
#include <iostream>
#include <algorithm>
#include <array>
template <typename T>
constexpr T swap_endian(T value)
{
union
{
T value;
@visuve
visuve / roulette.py
Last active November 25, 2021 14:07
A very annoying game
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
""" roulette.py - dare to play?"""
__author__ = "visuve"
__credits__ = ["visuve"]
__license__ = "0BSD"
import ctypes
import os
@visuve
visuve / filebeat-to-so.md
Last active August 17, 2023 06:37
Filebeat integration with Security Onion

1. Configure Security Onion firewall

  • Allow Filebeat agent input to Logstash

2. Install Filebeat agent in an end-user machine

  • E.g. sudo apt install ./filebeat-7.15.0-amd64.deb
  • NOTE: this should already exist in the "Downloads" directory

3. Configure Filebeat in /etc/filebeat/filebeat.yml

  • Configure the output.logstash section
  • Configure the filebeat.inputs section where the type is filestream
    • Add only /home/ite/f-secure.log path in it
  • Remove all else!
@visuve
visuve / griketi-grok.md
Last active August 17, 2023 06:37
Grok parser tutorial

0. Introduction

  • In this tutorial a grok parser is built for F-Secure (Windows) products which use "fs_ccf_log" logger component

1. Open Grok debugger & familiarize with the Grok syntax

2021-09-07 22:06:42.377 [2a88.23e0] D: main: Debug-viesti
@visuve
visuve / fs-simu.py
Last active August 17, 2023 06:37
F-Secure Simulator
"""
2021-09-07 22:06:42.377 [2a88.23e0] D: main: Debug-viesti
2021-09-07 22:06:42.377 [2a88.23e0] I: main: Informatiivinen viesti
2021-09-07 22:06:42.377 [2a88.23e0] .W: main: Varoitusviesti
2021-09-07 22:06:42.377 [2a88.23e0] *E: main: Virheviesti
"""
from datetime import datetime
import os
import random
@visuve
visuve / Glances.md
Last active September 8, 2021 07:35
Glances & UFW configuration guide

1. Configure glances

1.1 Install glances

  • apt install glances

1.2 Start glances on boot

  • Remove old initd startup config
    • rm /etc/init.d/glances
  • Create new systemd config
@visuve
visuve / Reverse.cpp
Created November 2, 2020 13:26
Reverse a string
#include <cstdio>
#include <utility>
template <typename T, size_t N>
constexpr void Reverse(T (&str)[N])
{
constexpr size_t len = N - 2;
for (size_t i = 0, j = len; i <= j; ++i, --j)
std::swap(str[i], str[j]);