git clone https://github.com/MISP/misp-docker
cd misp-docker
docker compose up
av-gantimurov
av-gantimurov
/ yt-dlp.conf
Created
October 8, 2024 06:43
Конфигурационный файл для yt-dlp для загрузки видео с каналов по списку.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # downloading youtube video channels | |
| # | |
| # yt-dlp --config-location yt-dlp.conf | |
| # or put this config to work directory | |
| # | |
| # list of channels in CUR_DIR/channels.txt | |
| # | |
| # video format not above 1080p + best audio | |
| --continue |
av-gantimurov
/ yt-dlp.conf
Created
October 8, 2024 06:36
Конфигурационный файл для загрузки плейлистов с видео
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # downloading youtube video playlist | |
| # yt-dlp --config-location yt-dlp.conf <PLAYLIST_LINK> [[PLAYLIST_LINK] ..] | |
| # or put this config to work directory | |
| --continue | |
| --ignore-errors | |
| --output "%(playlist)s/%(playlist_index)s - %(title)s - (%(duration)ss) [%(resolution)s] [%(id)s].%(ext)s" | |
| --merge-output-format mkv |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| Небольшой скрипт для проверки есть ли файл на MalwareBazaar и загрузки в | |
| указанную директорию. Для работы нужен `apikey` MalwareBazaar. | |
| Если директория не указана, то только проверяет наличие файла и сохраняет | |
| полученный ответ в текущую директорию. | |
| Файлы загружает в виде архивов zip с паролем infected. Так отдает MalwareBazaar. | |
| Можно указать список хешей для проверки - опция `-F`. | |
| Поддерживает хеши `md5`, `sha1`, `sha256`. | |
| Python 3.8+ |
av-gantimurov
/ FakeNet with mitmproxy.md
Last active
February 13, 2023 05:19
Small tutorial about setup internet simulator with FakeNet-NG and mitmproxy on Debian 11
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| # Description | |
| Simple script for cleaning yara rules. | |
| Delete meta, tags and comments. | |
| Can obfuscate rule names and fix conditions. | |
| Can detect duplicated rules and exclude them. | |
| Doesn't support yara include option. |
av-gantimurov
/ 5eed7c82d9bfdc607a8aabbf5eacd72c.txt
Created
December 4, 2020 06:47
Decrypted strings for AgentTesla 5eed7c82d9bfdc607a8aabbf5eacd72c
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Found namespace 'A2135806-43C6-4A7D-80DD-C322D5C9F2B5' | |
| Found class '5C3A5EFF-0EBA-40BD-AA04-F848E6988197' | |
| Found 788 crypted strings | |
| Found crypted array with 11982 bytes | |
| Decrypted 788 strings | |
| Extracted 788 strings | |
| '' | |
| '\x00' | |
| '\x00\x00\x00' | |
| '\x02' |
av-gantimurov
/ agent_tesla_decode_xor.py
Last active
December 4, 2020 07:13
Script for decoding strings in decompiled AgentTesla samples
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # -*- coding: utf-8 -*- | |
| """ | |
| Script for decoding string in AgentTesla source code for samples from Oct2020 | |
| Searches for specific class name. Class name may be defined by command arg. | |
| Author: Gantimurov Alexander | |
| Date: 2020-12-04 10:13 | |
| """ |
av-gantimurov
/ 151c1498ad114e882ceed52e03333ded.txt
Created
December 4, 2020 06:13
String from AgentTesla md5:151c1498ad114e882ceed52e03333ded
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| '\x00' | |
| '\x00\x00\x00' | |
| '\x02' | |
| '\x03' | |
| '\tINTEGER ' | |
| '\tOBJECTIDENTIFIER ' | |
| '\tOCTETSTRING ' | |
| '\n' | |
| '\r' | |
| '\r\n' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import itertools | |
| def xor(data, key): | |
| return bytearray(a ^ b for a, b in zip(data, itertools.cycle(key))) |
NewerOlder