csereno’s gists

csereno / startcapture.bat

Created October 5, 2018 19:32

Batch file to start a Wireshark (dumpcap) capture and output the files to a directory.

	@ECHO OFF
	CD C:\Temp\WireSharkCaptures\
	DEL . /F /Q
	"C:\Program Files\Wireshark\dumpcap.exe -i1 -n -t -b files:400 -b filesize:40000 -f "not port 3389" -w "C:\Temp\WireSharkCaptures\filename.pcap"

csereno / nslookup.bat

Created October 5, 2018 19:23

nslookup that strips out the server and address returning just the answer

csereno / CloudWatchAgentConfig.json

Created October 1, 2018 20:35

AWS CloudWatch Agent configuration file example for Linux with standard /var/log/messages, secure, and yum logs

	{
	"agent": {
	"metrics_collection_interval": 10,
	"logfile": "/opt/aws/amazon-cloudwatch-agent/logs/amazon-cloudwatch-agent.log"
	},
	"metrics": {
	"metrics_collected": {
	"cpu": {
	"resources": [
	"*"

csereno / MovePhotos.ps1

Last active January 5, 2019 04:59

	<#
	Script to move photos from Plex upload to folders organized by date
	File modified for multiple folders by csereno as taken from: https://stackoverflow.com/questions/21103613/powershell-script-to-move-files-into-year-month-folders-based-on-creation-timest

	Set Variables of Source folder(s) and Destination folder
	Assign variable of files
	For each file assign the Directory variable the information for file creation year and month
	if the year and month folder do not exist, then create them from file creation information
	Move file to sub-folder of year and month from file creation information passed into Directory variable
	#>

csereno / curltime.bash

Created May 11, 2018 14:38

Bash function that runs curl and formats output with various parameters to identify where delays are occurring. Include in your .bashrc file

	#FUNCTIONS
	function ctime() {
	curl -x proxy.address.com:80 -so /dev/null -w "\
	namelookup: %{time_namelookup}s\n\
	connect: %{time_connect}s\n\
	appconnect: %{time_appconnect}s\n\
	pretransfer: %{time_pretransfer}s\n\
	redirect: %{time_redirect}s\n\
	starttransfer: %{time_starttransfer}s\n\
	-------------------------\n\

csereno / ManageCap.ps1

Last active March 28, 2018 21:34

PowerShell script to delete old captures, archive current ones, and start a new one. Also includes a Windows scheduled task template

	# Created by csereno
	# 3/28/2018
	# PowerShell script to delete captures older than 14 days, archive current ones, and start a new one using WinDump.
	# Works with PowerShell 2016 and requires WinDump.exe
	# Note: Changes will be needed to work with different environments.

	$ArchivePath = "C:\Temp\CaptureArchive"
	$CapturePath = "C:\Temp\Captures"
	$Daysback = "-14"
	$CurrentDate = Get-Date

csereno / Convert_To_PCAP.bat

Created March 19, 2018 21:25

Converts PCAPng files to the PCAP format

	# Created by csereno
	# Requires Wireshark's editcap to be installed
	# 1. CHANGE PATH TO CONVERT DIRECTORY (replace the $$$'s)
	# 2. Add the capture files to the 'Convert' folder
	# 3. Run the script
	#
	for %%f in (C:\$$$\Convert\cap) do ("C:\Program Files\Wireshark\editcap" -F libpcap %%f %%f.pcap)

csereno / Rename_To_Wireshark.ps1

Last active March 6, 2018 19:57

PowerShell script to rename file(s) to WireShark fileset format

	# Created by csereno
	# 1. Copy the file into a folder on your PC
	# 2. Add the capture files to the folder
	# 3. Run the script
	#
	$capname = Read-Host -Prompt "What is the new file name?"
	$i=1
	dir .cap* \| %{Rename-Item $_ -NewName ($capname + '_{0:D5}{1}' -f $i++,($_.Extension -replace '[^a-zA-Z.]',''))}
	dir .cap* \| Rename-Item -NewName {$_.BaseName+'_'+$_.LastWriteTime.ToString('yyyyMMddHHmmss')+($_.Extension -replace '[^a-zA-Z.]','')}

csereno / tcpdump_commands.md

Last active February 11, 2019 19:09

TCPDump Commands

Determine interface

tcpdump -D

Capture and Display Top Conversations

tcpdump -i eth1 -tnn -c 20000 | awk -F " " '{print $2" "$3" "$4}' | sort | uniq -c | sort -nr | more

Read a file

csereno csereno