Skip to content

Instantly share code, notes, and snippets.

View 2xyo's full-sized avatar

2*yo 2xyo

64 followers · 112 following
  • Personnal
  • France
View GitHub Profile
@2xyo
2xyo / d3fend.ttl
Created April 22, 2024 21:10
PR #229
:NetworkSignatureAnalysis a :NetworkTrafficAnalysis,
owl:Class,
owl:NamedIndividual ;
rdfs:label "Network Signature Analysis" ;
rdfs:subClassOf :NetworkTrafficAnalysis,
[ a owl:Restriction ;
owl:onProperty :analyzes ;
owl:someValuesFrom :NetworkTraffic ] ;
:d3fend-id "D3-NSA" ;
@2xyo
2xyo / Readme.md
Last active October 6, 2023 21:00
Msticpy contributing 
Fork the current repository, then clone your fork
$ git clone https://github.com/YOUR-USERNAME/msticpy.git
$ cd msticpy
$ git remote add upstream https://github.com/microsoft/msticpy.git
# Create a branch for your feature/fix
$ git switch -c [branch-name]
$ python3.11 -m venv .venv --prompt "msticpy"
$ source .venv/bin/activate
$ pip install --upgrade pip wheel setuptools
@2xyo
2xyo / install.sh
Last active February 22, 2022 21:37
SPLUNK - attack_range_local - WSL
# doc https://www.vagrantup.com/docs/other/wsl & https://www.vagrantup.com/downloads
# https://github.com/splunk/attack_range_local/wiki/Ubuntu-18.04-Installation
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 20.04.4 LTS
Release: 20.04
Codename: focal
@2xyo
2xyo / gist:ff5808bab4eeb9dd20adce9216a1ed6f
Created May 7, 2021 09:37
STIX 2.1 7D
{
"id": "extension-definition--d83fce45-ef58-4c6c-a3f4-1fbc32e98c6e",
"type": "extension-definition",
"spec_version": "2.1",
"name": "Extension Foo 1",
"description": "This schema adds two properties to a STIX object",
"created": "2014-02-20T09:16:08.989000Z",
"modified": "2014-02-20T09:16:08.989000Z",
"created_by_ref": "identity--11b76a96-5d2b-45e0-8a5a-f6994f370731",
@2xyo
2xyo / opencti_indicator.py
Created April 4, 2021 22:36
opencti_indicator.py PEP 484
# coding: utf-8
from __future__ import annotations
import json
from typing import Any, Dict, List, Optional, TYPE_CHECKING
if TYPE_CHECKING:
from pycti import OpenCTIApiClient
@2xyo
2xyo / test.md
Created May 13, 2020 14:06
opencti STIX support TEST
STIX Object STIX Property Summary Categories API Web UI
Python Golang
Import Export Import Export Import Export
Cyber-observable Objects
@2xyo
2xyo / 2.0.txt
Last active May 12, 2020 19:18
$ stix2_validator xfe-collection_e6d351c8e832b560eb84be0f89079285.json --version 2.0
================================================================================
[-] Results for: xfe-collection_e6d351c8e832b560eb84be0f89079285.json
[X] STIX JSON: Invalid
[!] Warning: bundle--a38af589-724f-4e03-98fc-99bf7564a9fe: {101} Custom property 'custom_objects' should have a type that starts with 'x_' followed by a source unique identifier (like a domain name with dots replaced by hyphen), a hyphen and then the name.
[!] Warning: indicator--00d1e89b-636c-ad69-ad8f-46545b6758b8: {214} labels contains a value not in the indicator-label-ov vocabulary.
[!] Warning: indicator--268ee28f-bfe9-164e-e626-ea46d24687f1: {214} labels contains a value not in the indicator-label-ov vocabulary.
[X] bundle--a38af589-724f-4e03-98fc-99bf7564a9fe: objects[0]: {'id': 'indicator--00d1e89b-636c-ad69-ad8f-46545b6758b8', 'type': 'indicator', 'created': '2020-05-05T13:09:07.912Z', 'modified': '2020-05-05T13:09:07.912Z', 'lab
@2xyo
2xyo / console.txt
Last active November 13, 2020 17:16
Mémo GIT
DOC https://gist.github.com/Chaser324/ce0505fbed06b947d962
git clone [email protected]:2xyo/client-python.git client-python-wheel
cd client-python-wheel
git remote add upstream https://github.com/OpenCTI-Platform/client-python.git
git remote -v
# Fetch from upstream remote
git fetch upstream
@2xyo
2xyo / stix-capec-cut.json
Created April 15, 2020 13:42
stix-capec-cut.json
{
"objects": [
{
"definition_type": "statement",
"definition": {
"statement": "CAPEC is sponsored by US-CERT in the office of Cybersecurity and Communications at the U.S. Department of Homeland Security. Copyright \u00a9 2007 - 2017, The MITRE Corporation. CAPEC and the CAPEC logo are trademarks of The MITRE Corporation."
},
"type": "marking-definition",
"id": "marking-definition--17d82bb2-eeeb-4898-bda5-3ddbcd2b799d",
"created": "2019-10-11T00:37:51.719182Z"
@2xyo
2xyo / win10.log
Created March 23, 2020 12:09
vagrant up dc wef win10
Bringing machine 'dc' up with 'virtualbox' provider...
Bringing machine 'wef' up with 'virtualbox' provider...
Bringing machine 'win10' up with 'virtualbox' provider...
==> dc: Clearing any previously set forwarded ports...
==> dc: Fixed port collision for 22 => 2222. Now on port 2200.
==> dc: Clearing any previously set network interfaces...
==> dc: Preparing network interfaces based on configuration...
dc: Adapter 1: nat
dc: Adapter 2: hostonly