I hereby claim:
- I am xxdesmus on github.
- I am xxdesmus (https://keybase.io/xxdesmus) on keybase.
- I have a public key whose fingerprint is BBAA 6BCE 3305 7FD6 6452 7115 57B6 0114 DE0B 314D
To claim this, I am signing this object:
Justin xxdesmus
xxdesmus
/ gist:eccab7459a436999a90faafa0e3eeec7
Created
September 28, 2016 04:25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| curl -s https://www.cloudflare.com/ips-v4/ | grep -v pre | |
| 103.22.200.0/22 | |
| 103.31.4.0/22 | |
| 104.16.0.0/12 | |
| 108.162.192.0/18 | |
| 131.0.72.0/22 | |
| 141.101.64.0/18 | |
| 162.158.0.0/15 | |
| 172.64.0.0/13 | |
| 173.245.48.0/20 |
xxdesmus
/ producteev{.}io_Phish.txt
Last active
September 24, 2016 20:33
producteev{.}io phishing email
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| producteev{.}com is the real domain. This email references producteev{.}io | |
| Domain Name: PRODUCTEEV{.}COM | |
| Registrar: DOMAIN.COM, LLC | |
| Sponsoring Registrar IANA ID: 886 | |
| Whois Server: whois.domain.com | |
| Referral URL: http://www.domain.com | |
| Name Server: NS-1234.AWSDNS-26.ORG | |
| Name Server: NS-1604.AWSDNS-08.CO.UK | |
| Name Server: NS-473.AWSDNS-59.COM |
xxdesmus
/ 192.175.111.254.txt
Last active
September 20, 2016 02:34
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| GET / HTTP/1.1 | |
| GET / HTTP/1.1 | |
| GET / HTTP/1.1 | |
| GET / HTTP/1.1 | |
| GET / HTTP/1.1 | |
| GET / HTTP/1.1 | |
| GET / HTTP/1.1 | |
| GET / HTTP/1.1 | |
| GET / HTTP/1.1 | |
| GET / HTTP/1.1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /var/log/nginx/access.log:XForwardedFor: 91.121.31.52 RemoteAddr: 91.121.31.52 LocalTime: [18/Aug/2016:23:36:50 -0400] Host: canhazip.com Request: "POST /login/?login_only=1 HTTP/1.1" Status: 405 BodyBytes: 166 Referer: "-" UA: "Railgun/5.3.0" Country: FR RequestLength: "417" RayID: 2d4a9044ec7c2bf4-AMS | |
| /var/log/nginx/access.log:XForwardedFor: 91.121.31.52 RemoteAddr: 91.121.31.52 LocalTime: [18/Aug/2016:23:36:52 -0400] Host: canhazip.com Request: "POST /login/?login_only=1 HTTP/1.1" Status: 405 BodyBytes: 166 Referer: "-" UA: "Railgun/5.3.0" Country: FR RequestLength: "417" RayID: 2d4a904cb53500dd-AMS | |
| /var/log/nginx/access.log:XForwardedFor: 91.121.31.52 RemoteAddr: 91.121.31.52 LocalTime: [18/Aug/2016:23:36:55 -0400] Host: canhazip.com Request: "POST /login/?login_only=1 HTTP/1.1" Status: 405 BodyBytes: 166 Referer: "-" UA: "Railgun/5.3.0" Country: FR RequestLength: "417" RayID: 2d4a9060e5e92c4e-AMS | |
| /var/log/nginx/access.log:XForwardedFor: 91.121.31.52 RemoteAddr: 91.121.31.52 LocalTime: [18/Aug/2016:23: |
xxdesmus
/ gist:bd7bdcbcc172e7049d1e16b04e508b88
Created
July 16, 2016 03:35
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Should In-House Lawyers Use Slack? | |
| The workplace messaging service Slack is generating lots of buzz these days, with The New York Times declaring it the “app that may finally sink email.” But should legal departments use the software? Some general counsel say that giving advice over a chat platform isn’t much different than email. But other legal department leaders are approaching Slack cautiously, citing concerns over privacy and a general preference to give legal advice face-to-face. | |
| Slack and other messaging apps, which allow real-time chat among employees throughout the workday, have gained popularity in the workplace in the past few years. Like email, the technology can also archive and search conversations. In addition to Slack, big players in the space include HipChat, Yammer (a Microsoft subsidiary) and Google Hangouts. | |
| Ken Carter, the general counsel of the San Francisco-based web performance and security company CloudFlare Inc., said that for security reasons his team prefers HipChat. Companies t |
xxdesmus
/ gist:72e9254963ebea33a0d2
Created
November 28, 2015 23:14
— forked from sethkinast/gist:5914577
Tiny script to grab Tor exitnodes and ban them via CloudFlare's API
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| SERVERS=(108.162.196.125 108.162.197.125) | |
| for server in ${SERVERS[*]} | |
| do | |
| echo "Now processing $server" | |
| wget --timeout=10 -t1 -O tor.txt https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=$server | |
| for ip in `tail -n +4 tor.txt` |
xxdesmus
/ wget.txt
Created
September 28, 2015 20:03
— forked from suzannealdrich/wget.txt
wget spider cache warmer
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| wget --spider -o wget.log -e robots=off -r -l 5 -p -S --header="X-Bypass-Cache: 1" live-mysite.gotpantheon.com | |
| # Options explained | |
| # --spider: Crawl the site | |
| # -o wget.log: Keep the log | |
| # -e robots=off: Ignore robots.txt | |
| # -r: specify recursive download | |
| # -l 5: Depth to search. I.e 1 means 'crawl the homepages'. 2 means 'crawl the homepage and all pages it links to'... | |
| # -p: get all images, etc. needed to display HTML page | |
| # -S: print server response |
xxdesmus
/ dyre-dga.py
Last active
August 29, 2015 14:21
— forked from jedisct1/dyre-dga.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /usr/bin/env python | |
| # Dyre/Dyreza DGA | |
| # Implementation by Talos | |
| # From http://blogs.cisco.com/security/talos/threat-spotlight-dyre | |
| # Another Python implementation was also posted back in December 2014 by moritz.kroll: | |
| # https://www.virustotal.com/en/file/3716902c64afe40369e6ed67f9b9f7eea30f809348b3558adcff622965e80435/analysis/ | |
| from datetime import date | |
| from hashlib import sha256 | |
| from socket import gethostbyname, gaierror |
xxdesmus
/ vpnsetup.sh
Last active
August 29, 2015 14:13
— forked from hwdsl2/.MOVED.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # | |
| # Amazon EC2 user-data file for automatic configuration of IPsec/L2TP VPN | |
| # on a Ubuntu server instance. Tested with 14.04 (Trusty) AND 12.04 (Precise). | |
| # With minor modifications, this script *can also be used* on dedicated servers | |
| # or any KVM- or XEN-based Virtual Private Server (VPS) from other providers. | |
| # | |
| # DO NOT RUN THIS SCRIPT ON YOUR PC OR MAC! THIS IS MEANT TO BE RUN WHEN | |
| # YOUR AMAZON EC2 INSTANCE STARTS! | |
| # |