anthonykasza
anthonykasza
/ gist:6326559
Created
August 24, 2013 07:00
A scratch pad of Bro+PostgreSQL. PostgreSQL has native network-ish types, which is nice for Bro stuff. This code probably shouldn't be used anywhere live but makes for good notes. If you want Bro + Database, check out Brownian by Vlad Grigorescu https://github.com/grigorescu/Brownian Currently only conn.log and dns.log are supported.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| su postgres | |
| createuser bro -l -P -E -S -d -R | |
| createdb --owner=bro bro; | |
| psql -h 127.0.0.1 -U bro bro -c " | |
| create table conn( | |
| ts numeric(20,8) NOT NULL, | |
| uid VARCHAR(255) PRIMARY KEY, | |
| id_orig_h CIDR NOT NULL, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Bro Python | |
| set set | |
| table dict(single type) | |
| vector list(single type) | |
| record dict(multiple types) | |
| enum ? enum.Enum | |
| addr ? string or integer ('192.168.1.1', 3232235777) | |
| port ? context specific integer (if fed to a tcp style method, then its a tcp port) |
anthonykasza
/ whois server ips
Last active
October 10, 2019 14:37
tld, whois server name, whois server ips
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {".cx": {"whois.nic.cx": ["185.17.236.37"]}, ".cz": {"whois.nic.cz": ["217.31.205.42"]}, ".co.za": {"whois.registry.net.za": ["206.223.136.238"]}, ".ro": {"whois.rotld.ro": ["192.162.16.108"]}, ".ke": {"whois.kenic.or.ke": ["198.32.67.25"]}, ".kg": {"whois.domain.kg": ["195.38.160.38"]}, ".e164.arpa": {"whois.ripe.net": ["193.0.6.135"]}, ".ch": {"whois.nic.ch": ["130.59.31.241"]}, ".ci": {"whois.nic.ci": ["213.136.100.82"]}, ".kr": {"whois.kr": ["202.30.50.120"]}, ".cl": {"whois.nic.cl": ["200.1.123.2"]}, ".cm": {"whois.netcom.cm": ["195.24.205.62"]}, ".cn": {"whois.cnnic.cn": ["218.241.97.14"]}, ".co": {"whois.nic.co": ["156.154.17.94", "156.154.25.94"]}, ".rs": {"whois.rnids.rs": ["91.199.17.67"]}, ".ca": {"whois.cira.ca": ["192.228.29.2"]}, ".kz": {"whois.nic.kz": ["91.228.39.5"]}, ".cc": {"ccwhois.verisign-grs.com": ["199.7.51.61", "199.7.61.61", "199.7.50.61", "199.7.71.61", "199.7.73.61", "199.7.60.61", "199.7.55.61", "199.7.74.61", "199.7.49.61", "199.7.56.61", "199.7.48.61", "199.7.59.61", "199.7.52.6 |
anthonykasza
/ gist:ef5aa00706df74bbcf79
Created
December 20, 2014 01:08
snapshooter GOZ domains 19-Dec-14
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [{ | |
| "domain": "1ime4s5vqnzih1rrq8tdtpjoa", | |
| "ips": | |
| [ | |
| {"ip_prefix": "", "ns_ip": "54.68.143.189", "ip_country": "", "ip_ttl": 10800, "ns_name": "ns1.dynadot.com.", "ip_address": "69.195.129.70", "asn": 0}, | |
| {"ip_prefix": "", "ns_ip": "54.68.142.171", "ip_country": "", "ip_ttl": 10800, "ns_name": "ns1.dynadot.com.", "ip_address": "69.195.129.70", "asn": 0}, | |
| {"ip_prefix": "", "ns_ip": "54.68.145.110", "ip_country": "", "ip_ttl": 10800, "ns_name": "ns1.dynadot.com.", "ip_address": "69.195.129.70", "asn": 0}, | |
| {"ip_prefix": "", "ns_ip": "54.68.55.168", "ip_country": "", "ip_ttl": 10800, "ns_name": "ns1.dynadot.com.", "ip_address": "69.195.129.70", "asn": 0} | |
| ], | |
| "tld": "biz", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {u'authorities': [{u'domain': u'torpig-sinkhole', | |
| u'subs': u'ns2.', | |
| u'tld': u'org', | |
| u'whois': {u'contacts': {u'admin': {u'city': u'Afula', | |
| u'country': u'IL', | |
| u'email': u'[email protected]', | |
| u'fax': u'+9.7254786002', | |
| u'handle': u'SPAG-38258072', | |
| u'name': u'Torpig Cabal', | |
| u'phone': u'+9.7254786002', |
anthonykasza
/ search.sh
Created
September 14, 2015 01:10
A basic BASH script for searching Github for new and interesting repos
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| if [ -z ${1+x} ]; then | |
| printf "usage: search.sh terms.txt\n\n"; | |
| exit -1; | |
| fi | |
| DT=$(date '+%Y-%m-%d' --date="yesterday") | |
| RESULTS_DIR="./results" | |
| EMAIL="" | |
| if [ ! -d "${RESULTS_DIR}" ]; then |
anthonykasza
/ create.py
Created
December 7, 2015 06:38
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import random | |
| from StringIO import StringIO | |
| import string | |
| import zlib | |
| import base64 as b64 | |
| def get_kmer(read_str, overlap_size, kmer_size): | |
| if read_str.pos > overlap_size: | |
| read_str.seek(overlap_size * -1, 1) |
anthonykasza
/ sequencer.py
Created
December 7, 2015 06:39
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import fileinput | |
| from StringIO import StringIO | |
| import networkx as nx | |
| import subprocess | |
| # https://neil.fraser.name/news/2010/11/04/ | |
| def commonOverlapIndexOf(text1, text2): | |
| text1_length = len(text1) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from StringIO import StringIO | |
| import sys | |
| import random | |
| if len(sys.argv) != 3: | |
| print "usage: hole_punch.py in_filename out_filenae" | |
| exit() | |
| ifname = sys.argv[1] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import random | |
| import fileinput | |
| print 'import "cuckoo"' | |
| a='a444' | |
| for d in fileinput.input(): | |
| d = d.strip() | |
| a = 'a%d' % (random.randint(0, 100000000)) |
OlderNewer