Skip to content

Instantly share code, notes, and snippets.

View gist:eccab7459a436999a90faafa0e3eeec7
curl -s https://www.cloudflare.com/ips-v4/ | grep -v pre
103.22.200.0/22
103.31.4.0/22
104.16.0.0/12
108.162.192.0/18
131.0.72.0/22
141.101.64.0/18
162.158.0.0/15
172.64.0.0/13
173.245.48.0/20
@xxdesmus
xxdesmus / producteev{.}io_Phish.txt
Last active Sep 24, 2016
producteev{.}io phishing email
View producteev{.}io_Phish.txt
producteev{.}com is the real domain. This email references producteev{.}io
Domain Name: PRODUCTEEV{.}COM
Registrar: DOMAIN.COM, LLC
Sponsoring Registrar IANA ID: 886
Whois Server: whois.domain.com
Referral URL: http://www.domain.com
Name Server: NS-1234.AWSDNS-26.ORG
Name Server: NS-1604.AWSDNS-08.CO.UK
Name Server: NS-473.AWSDNS-59.COM
View 192.175.111.254.txt
GET / HTTP/1.1
GET / HTTP/1.1
GET / HTTP/1.1
GET / HTTP/1.1
GET / HTTP/1.1
GET / HTTP/1.1
GET / HTTP/1.1
GET / HTTP/1.1
GET / HTTP/1.1
GET / HTTP/1.1
View out.txt
/var/log/nginx/access.log:XForwardedFor: 91.121.31.52 RemoteAddr: 91.121.31.52 LocalTime: [18/Aug/2016:23:36:50 -0400] Host: canhazip.com Request: "POST /login/?login_only=1 HTTP/1.1" Status: 405 BodyBytes: 166 Referer: "-" UA: "Railgun/5.3.0" Country: FR RequestLength: "417" RayID: 2d4a9044ec7c2bf4-AMS
/var/log/nginx/access.log:XForwardedFor: 91.121.31.52 RemoteAddr: 91.121.31.52 LocalTime: [18/Aug/2016:23:36:52 -0400] Host: canhazip.com Request: "POST /login/?login_only=1 HTTP/1.1" Status: 405 BodyBytes: 166 Referer: "-" UA: "Railgun/5.3.0" Country: FR RequestLength: "417" RayID: 2d4a904cb53500dd-AMS
/var/log/nginx/access.log:XForwardedFor: 91.121.31.52 RemoteAddr: 91.121.31.52 LocalTime: [18/Aug/2016:23:36:55 -0400] Host: canhazip.com Request: "POST /login/?login_only=1 HTTP/1.1" Status: 405 BodyBytes: 166 Referer: "-" UA: "Railgun/5.3.0" Country: FR RequestLength: "417" RayID: 2d4a9060e5e92c4e-AMS
/var/log/nginx/access.log:XForwardedFor: 91.121.31.52 RemoteAddr: 91.121.31.52 LocalTime: [18/Aug/2016:23:
View gist:bd7bdcbcc172e7049d1e16b04e508b88
Should In-House Lawyers Use Slack?
The workplace messaging service Slack is generating lots of buzz these days, with The New York Times declaring it the “app that may finally sink email.” But should legal departments use the software? Some general counsel say that giving advice over a chat platform isn’t much different than email. But other legal department leaders are approaching Slack cautiously, citing concerns over privacy and a general preference to give legal advice face-to-face.
Slack and other messaging apps, which allow real-time chat among employees throughout the workday, have gained popularity in the workplace in the past few years. Like email, the technology can also archive and search conversations. In addition to Slack, big players in the space include HipChat, Yammer (a Microsoft subsidiary) and Google Hangouts.
Ken Carter, the general counsel of the San Francisco-based web performance and security company CloudFlare Inc., said that for security reasons his team prefers HipChat. Companies t
@xxdesmus
xxdesmus / gist:72e9254963ebea33a0d2
Created Nov 28, 2015 — forked from sethkinast/gist:5914577
Tiny script to grab Tor exitnodes and ban them via CloudFlare's API
View gist:72e9254963ebea33a0d2
#!/bin/bash
SERVERS=(108.162.196.125 108.162.197.125)
for server in ${SERVERS[*]}
do
echo "Now processing $server"
wget --timeout=10 -t1 -O tor.txt https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=$server
for ip in `tail -n +4 tor.txt`
@xxdesmus
xxdesmus / wget.txt
Created Sep 28, 2015 — forked from suzannealdrich/wget.txt
wget spider cache warmer
View wget.txt
wget --spider -o wget.log -e robots=off -r -l 5 -p -S --header="X-Bypass-Cache: 1" live-mysite.gotpantheon.com
# Options explained
# --spider: Crawl the site
# -o wget.log: Keep the log
# -e robots=off: Ignore robots.txt
# -r: specify recursive download
# -l 5: Depth to search. I.e 1 means 'crawl the homepages'.  2 means 'crawl the homepage and all pages it links to'...
# -p: get all images, etc. needed to display HTML page
# -S: print server response
View dyre-dga.py
#! /usr/bin/env python
# Dyre/Dyreza DGA
# Implementation by Talos
# From http://blogs.cisco.com/security/talos/threat-spotlight-dyre
# Another Python implementation was also posted back in December 2014 by moritz.kroll:
# https://www.virustotal.com/en/file/3716902c64afe40369e6ed67f9b9f7eea30f809348b3558adcff622965e80435/analysis/
from datetime import date
from hashlib import sha256
from socket import gethostbyname, gaierror
View keybase.md

Keybase proof

I hereby claim:

  • I am xxdesmus on github.
  • I am xxdesmus (https://keybase.io/xxdesmus) on keybase.
  • I have a public key whose fingerprint is BBAA 6BCE 3305 7FD6 6452 7115 57B6 0114 DE0B 314D

To claim this, I am signing this object:

View vpnsetup.sh
#!/bin/sh
#
# Amazon EC2 user-data file for automatic configuration of IPsec/L2TP VPN
# on a Ubuntu server instance. Tested with 14.04 (Trusty) AND 12.04 (Precise).
# With minor modifications, this script *can also be used* on dedicated servers
# or any KVM- or XEN-based Virtual Private Server (VPS) from other providers.
#
# DO NOT RUN THIS SCRIPT ON YOUR PC OR MAC! THIS IS MEANT TO BE RUN WHEN
# YOUR AMAZON EC2 INSTANCE STARTS!
#