Skip to content

Instantly share code, notes, and snippets.

View Ivlyth's full-sized avatar
🎯
Focusing

Ivlyth Ivlyth

🎯
Focusing
31 followers · 74 following
View GitHub Profile
@Ivlyth
Ivlyth / README.md
Last active June 30, 2022 09:47
使用 nginx 统一卸载 https 抓取 http 明文流量

现在一般部署 web 服务都会选择使用 nginx 或者 apache 等 web 服务器作为前置,然后进行反向代理将请求转发至真实的后端。

使用前置服务器,可以帮我们完成 https 的加密功能,可以提供负载均衡,可以隐藏源站,甚至可以实现缓存,速率控制等统一的功能。

以 nginx 使用为例,一般大家都是配置很多不同的 server 段,并且每个 server 段中通过 proxy_pass 指令将请求转发至给定的后端。

如果安全部门想要审计流量,在这样的前提下很难操作:

  1. 如果在交换机 / 路由器上直接镜像流量分析, 则此时流量依然为加密流量
@Ivlyth
Ivlyth / books.json
Created December 3, 2019 02:44
it books from itpanda.net
[
{
"publisher": " 人民邮电出版社 ",
"isbn": "9787115408037",
"name": "HCNA-WLAN 学习指南 ",
"author": " 高峰,李盼星,杨文良,潘翔,王静 ",
"url": "https://www.itpanda.net/book/447",
"download_url": "https://www.itpanda.net/book/447/download/443",
"id": "447",
"publish_date": "2015-11-1",
@Ivlyth
Ivlyth / install.sh
Last active October 24, 2019 05:34
install netsniff-ng from source on centos 7.4.1708
yum -y install epel-release
# download latest sniff-ng
wget -O netsniff-ng-v0.6.6.tar.gz https://github.com/netsniff-ng/netsniff-ng/archive/v0.6.6.tar.gz
tar -xf netsniff-ng-v0.6.6.tar.gz
cd netsniff-ng-0.6.6
# auto download & build nacl
@Ivlyth
Ivlyth / cal_nic_bandwidth.py
Last active September 27, 2019 08:24
handy function used for cal NIC bandwidth
import psutil
import time
from datetime import datetime
from collections import namedtuple
NicStats = namedtuple('NicStats', ('bytes_recv', 'bytes_sent', 'packets_recv', 'packets_sent', 'dropin', 'dropout'))
def cal_nic_stats(nic_name, duration=1.0, unit_base=1024.0, cycle=10):
def cal():
@Ivlyth
Ivlyth / Sensor Installation and Management.md
Created July 2, 2019 09:39 — forked from nickwallen/Sensor Installation and Management.md
@Ivlyth
Ivlyth / suricata-eve-log-analysis.py
Created July 1, 2019 07:20
suricata-eve-log-analysis
# -*- coding:utf8 -*-
"""
Author : Myth
Date : 2019/7/1
Email : email4myth at gmail.com
"""
from __future__ import unicode_literals
import csv
@Ivlyth
Ivlyth / latency.txt
Created April 28, 2019 06:33 — forked from jboner/latency.txt
Latency Numbers Every Programmer Should Know
Latency Comparison Numbers (~2012)
----------------------------------
L1 cache reference 0.5 ns
Branch mispredict 5 ns
L2 cache reference 7 ns 14x L1 cache
Mutex lock/unlock 25 ns
Main memory reference 100 ns 20x L2 cache, 200x L1 cache
Compress 1K bytes with Zippy 3,000 ns 3 us
Send 1K bytes over 1 Gbps network 10,000 ns 10 us
Read 4K randomly from SSD* 150,000 ns 150 us ~1GB/sec SSD
@Ivlyth
Ivlyth / ambot.md
Last active April 6, 2025 13:18
ambot params 
(ambot3) root@Ivlyth ~
☹  ambot --help
usage: PROG [-h] [-t TARGETS [TARGETS ...]] [-u USER] [-p PASSWORD] [-P PORT] [--sudo-user SUDO_USER] [--sudo-password SUDO_PASSWORD] [--sudo-prompt SUDO_PROMPT] [--wrapper-shell WRAPPER_SHELL] [-o ONLY_TARGETS [ONLY_TARGETS ...]]
            [--ssh-connect-timeout SSH_CONNECT_TIMEOUT] [--ssh-auth-timeout SSH_AUTH_TIMEOUT] [--proxy PROXY] [--continue-targets CONTINUE_TARGETS [CONTINUE_TARGETS ...]] [--overlap-targets OVERLAP_TARGETS [OVERLAP_TARGETS ...]]
            [-C CUSTOMER] [-w WORKING_DIRECTORY] [-s STEPS [STEPS ...]] [-e EXCLUDE_STEPS [EXCLUDE_STEPS ...]] [-a ACTIONS [ACTIONS ...]] [-A STEP_ACTIONS [STEP_ACTIONS ...]] [-n] [-r ROLES [ROLES ...]] [-S SCRIPT_NAME]
            [--step-check STEP_CHECK] [--version] [-G] [-k] [--skip-init-target] [--dry-run] [--collect] [--online] [-f PARAM_FILE] [-N] [-x] [-d] [--yes]
            [--show {running,long_running,stdout,stderr,call,target,uploading} [{running,long_running,stdout,stderr,call,target,uploading} ...]]
@Ivlyth
Ivlyth / fsqmap.md
Created April 15, 2019 06:45
fsqmap params 
(fsqlmap)  ~/workspace/fsqmap >>> fsqli -h
usage: PROG [-h] [-u URL] [-b BURP] [-f FILE] [-D PAYLOAD_DIRECTORIES]
            [-t {xss,ssrf,sqli,crlf,csrf,ognl,openredirect}]
            [--pf-type KEY--OP=VAL] [--pf-and KEY--OP=VAL [KEY--OP=VAL ...]]
            [--pf-or KEY--OP=VAL [KEY--OP=VAL ...]]
            [--pf KEY--OP=VAL [KEY--OP=VAL ...]] [--domain DOMAINS]
            [--exclude-domain EXCLUDE_DOMAINS] [--json] [--xml] [--form]
            [--multipart] [--unknown] [--no-json] [--no-xml] [--no-form]
            [--no-multipart] [--no-unknown] [--get] [--post] [--head] [--put]
@Ivlyth
Ivlyth / dorado-cli.md
Created April 15, 2019 06:39
Dorado CLI params 
cli.js [spider-options] [login-options] <entryPoints>

Options:
  --version                                           Show version number                  [boolean]
  -u, -e, --ep, --entry-points                        爬虫入口地址, 可多次指定               [array]
  -m, --max-page                                      最大跟踪页面数量     [number] [default: 10000]
  --no-more-pending-targets, --nmpt                   是否允许待处理页面数超出 maxPage 限制
                                                                          [boolean] [default: false]
  -r, --max-request                                   最大结果数量           [number] [default: 500]