Skip to content

Instantly share code, notes, and snippets.

View adliwahid's full-sized avatar

Adli Wahid adliwahid

6 followers · 3 following
View GitHub Profile
@adliwahid
adliwahid / demo_web_honeypot.py
Created March 23, 2016 23:38 — forked from glaslos/demo_web_honeypot.py
demo_web_honeypot
import SimpleHTTPServer
import SocketServer
paths = set()
class Handler(SimpleHTTPServer.SimpleHTTPRequestHandler):
def do_GET(self):
# Detect remote file inclusion
if '=http' in self.path:
@adliwahid
adliwahid / tmux-cheatsheet.markdown
Created March 28, 2016 23:46 — forked from MohamedAlaa/tmux-cheatsheet.markdown
tmux shortcuts & cheatsheet

tmux shortcuts & cheatsheet

start new:

tmux

start new with session name:

tmux new -s myname
@adliwahid
adliwahid / mirror.sh
Created April 17, 2016 10:27
httrack for mirroring site on archive.org (waybackmachine)
#this is useful for copying snapshotted sites at archive.org
#copied from http://superuser.com/questions/532036/trouble-using-wget-or-httrack-to-mirror-archived-website
#replace ${wayback_url} with the full URL i.e. http://web.archive.org/web/20020705161639/http://kict.iiu.edu.my/
#replace ${domain_name} with the domain name of the site you'r mirroring without the 'http', so kict.iiu.edu.my
httrack\
${wayback_url}\
'-*'\
'+*/${domain_name}/*'\
-N1005\
--advanced-progressinfo\
@adliwahid
adliwahid / keybase.md
Created December 7, 2016 14:49

Keybase proof

I hereby claim:

  • I am adliwahid on github.
  • I am adliwahid (https://keybase.io/adliwahid) on keybase.
  • I have a public key whose fingerprint is 0CA9 A0A3 42C0 241E 6AE9 B24C 53F7 CE5C 6352 3696

To claim this, I am signing this object:

@adliwahid
adliwahid / gist:7bd1d37195f6a081354b7143280044c7
Created January 14, 2021 01:48
Logstash configuration + Virustotal API with http filter + memcached
# There's a virustotal filter for logstash if you search the Internet
# I have a field hash that contains the sha256 of the file downloaded on the honeypot
# memcached is used to store the query results in memory
# query is made to memcached, if there's nothing there then make the http request with the API key
# memcached is used to minimize the # of queries made given the same file hash
# the returned results is stored in vt.* field . You may need to remove fields that you don't need
# you'll also need to install memcached and the logstash memcached filter
input {}
@adliwahid
adliwahid / .zshrc
Last active February 1, 2021 05:45
minimal zsh configuragion (.zshrc)
# https://scriptingosx.com/2019/06/moving-to-zsh-part-3-shell-options/
# notes from https://thevaluable.dev/zsh-install-configure/
export PATH="/usr/local/sbin:$PATH"
PROMPT='%F{cyan}%n%f%F{yellow}@[%m]%f in %F{green}%~%f -> '
#prompt on the right side
RPROMPT='%*'
# aliases
@adliwahid
adliwahid / gist:f955b2538afd7cbdf1798fd829e47930
Created January 31, 2025 01:18 — forked from rishiloyola/gist:79f869749bf54d135f7f6fe61e0e99a7
[ELK Stack] Generate TLS certs for filebeat and logstash
1. Generate new domain name for logstash server.
For this tutorial
domain name = logstash-prod.xyz.com
ip = 1.2.3.4
* Enter to following directory
```
$ sudo mkdir /etc/pki
$ cd /etc/pki