wesyoung
/ gist:ee5db7548989541d8757cb7e839fa275
Last active
February 2, 2018 18:13
csirtg spam automator workflow
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://discussions.apple.com/thread/5675123 | |
| property theAddress : "phish@...." | |
| property theReportSubject : "SPAM report (message attached)" | |
| -- | |
| using terms from application "Mail" | |
| on perform mail action with messages theMsgs for rule theRule | |
| repeat with eachMsg in theMsgs | |
| tell application "Mail" | |
| try | |
| set theSubject to subject of eachMsg |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ pip install csirtg-smrt | |
| $ csirtg-smrt -r isc_miners.yml -d --format [bro|table|csv|...] | |
| parser: json | |
| remote: https://isc.sans.edu/api/threatlist/miner?json | |
| defaults: | |
| provider: isc.sans.edu | |
| tlp: green | |
| altid_tlp: white | |
| application: |
wesyoung
/ gist:cb9f091ec2e8ae34763ab116256a4197
Last active
December 10, 2017 14:24
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| - name: copy csirtg-smrt rules | |
| command: cp -r "/tmp/bearded-avenger-{{ cif_version }}/rules/default/" "{{ smrt_rules_path | default(smrt.rules_path) }}" | |
| - name: Update rule permissions | |
| file: | |
| path: "{{ smrt_rules_path | default(smrt.rules_path) }}/default" | |
| mode: u=rwX,g=rwX,o= | |
| recurse: yes | |
| owner: "{{ smrt_user | default(smrt.user) }}" |
wesyoung
/ capybara cheat sheet
Created
August 21, 2017 10:50
— forked from zhengjia/capybara cheat sheet
capybara cheat sheet
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| =Navigating= | |
| visit('/projects') | |
| visit(post_comments_path(post)) | |
| =Clicking links and buttons= | |
| click_link('id-of-link') | |
| click_link('Link Text') | |
| click_button('Save') | |
| click('Link Text') # Click either a link or a button | |
| click('Button Value') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import magic | |
| import sys | |
| from pprint import pprint | |
| f = sys.argv[1] | |
| def _is_ascii(f, mime): | |
| if mime == 'ASCII text': |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # -*- encoding: utf-8 -*- | |
| from __future__ import absolute_import, print_function | |
| import io | |
| import os | |
| import re | |
| from glob import glob | |
| from os.path import basename | |
| from os.path import dirname |
wesyoung
/ gist:db5401217773d4ca6a35
Created
June 10, 2015 15:35
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [1983] [Wed Jun 10 15:30:16 2015] [warning]: DBD::Pg::st execute failed: ERROR: syntax error at or near "WHERE" | |
| LINE 1: ...ELECT txn.id FROM Transactions txn JOIN Tickets t WHERE txn.... | |
| ^ at /usr/local/share/perl/5.18.2/DBIx/SearchBuilder/Handle.pm line 586, <$handle> line 1. (/usr/local/share/perl/5.18.2/DBIx/SearchBuilder/Handle.pm:586) | |
| [1983] [Wed Jun 10 15:30:16 2015] [warning]: RT::Handle=HASH(0x477ed38) couldn't execute the query 'DELETE FROM Transactions WHERE id IN (SELECT txn.id FROM Transactions txn JOIN Tickets t WHERE txn.ObjectType = 'RT::Ticket' AND txn.ObjectId = t.id AND t.Type = 'ticket' AND t.Queue = ? AND ((txn.Type = 'Set' AND txn.Field = 'Status') OR txn.Type = 'Status'))' at /usr/local/share/perl/5.18.2/DBIx/SearchBuilder/Handle.pm line 599, <$handle> line 1. | |
| DBIx::SearchBuilder::Handle::SimpleQuery('RT::Handle=HASH(0x477ed38)', 'DELETE FROM Transactions WHERE id IN (SELECT txn.id FROM Tran...', 3) called at /usr/local/share |
wesyoung
/ gist:405636d18690179ca0e9
Created
December 15, 2014 13:48
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # To prevent data loss, services for www.abuse.ch (blog) and ZeuS Tracker are temporary suspended. | |
| # | |
| # Some background: | |
| # I run abuse.ch and associated projects in my spare time. Beside abuse.ch, I have a full-time job that is very demanding. I run abuse.ch for non-profit, hence I have to rely on donations and "good-will" from 3rd parties. | |
| # | |
| # abuse.ch and ZeuS Tracker are running on very old hardware. In the past days, the server that is hosting those services crashed several times for reasons that are unknown to me. Due to this, some mysql database corrupted which caused irreparable damages to a few mysql tables (fortunately, I should have a working backup lying around somewhere in my attic). | |
| # | |
| # I'm very sorry to say that due to limited resources, I currently do not have any possibility to get abuse.ch and ZeuS Tracker up and running again on this server. | |
| # | |
| # If you are able and willed to support my efforts with a hosting plan, please contact me at contactme[at]abuse{DOT}ch |
wesyoung
/ gist:d3eea2c61d8449b6d0d0
Created
December 15, 2014 13:37
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| syn on | |
| set tabstop=4 | |
| set expandtab | |
| set autoindent | |
| filetype on | |
| "filetype plugin on | |
| "filetype indent on " file type based indentation | |
| autocmd FileType make set noexpandtab |
wesyoung
/ gist:f8d3a9fd5bc041d228a0
Created
September 28, 2014 12:56
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // RFC5070 -- http://tools.ietf.org/html/rfc5070 | |
| // this doc organized to follow the RFC text | |
| // global enums | |
| enum restriction_type | |
| { | |
| restriction_type_default = 1; | |
| restriction_type_need_to_know = 2; | |
| restriction_type_private = 3; | |
| restriction_type_public = 4; |