I hereby claim:
- I am himanshudas on github.
- I am himanshudas (https://keybase.io/himanshudas) on keybase.
- I have a public key whose fingerprint is 516D B134 9D3D 09D2 FB64 4690 2BCF EF3C 06C5 39FD
To claim this, I am signing this object:
Himanshu Kumar Das himanshudas
himanshudas
/ gist:6a8eea67c737de3c74c6
Created
April 4, 2015 20:17
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 2012/02/22 10:08:10 [error] 32141#0: *61 NAXSI_FMT: ip=88.191.133.106&server=blog.memze.ro&uri=/wp-cron.php&total_processed=1&total_blocked=1&zone0=REQUEST&id0=1&var_name0=WEIRD, client: 88.191.133.106, server: blog.memze.ro, request: "POST /wp-cron.php?doing_wp_cron=1329901690 HTTP/1.0", host: "blog.memze.ro" | |
| 2012/02/22 10:08:10 [error] 32141#0: *61 NAXSI_FMT: ip=88.191.133.106&server=blog.memze.ro&uri=/wp-cron.php&total_processed=1&total_blocked=1&zone0=REQUEST&id0=1&var_name0=WEIRD, client: 88.191.133.106, server: blog.memze.ro, request: "POST /wp-cron.php?doing_wp_cron=1329901690 HTTP/1.0", host: "blog.memze.ro" | |
| 2012/02/22 10:08:10 [error] 32141#0: *61 NAXSI_FMT: ip=88.191.133.106&server=blog.memze.ro&uri=/wp-cron.php&total_processed=1&total_blocked=1&zone0=REQUEST&id0=1&var_name0=WEIRD, client: 88.191.133.106, server: blog.memze.ro, request: "POST /wp-cron.php?doing_wp_cron=1329901690 HTTP/1.0", host: "blog.memze.ro" | |
| 2012/02/22 10:08:10 [error] 32141#0: *61 NAXSI_FMT: ip=88.191.133.106&server=blog.memze |
himanshudas
/ gist:fe105457668ec5a03c36
Created
July 26, 2015 09:29
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| "Dear Himanshu, | |
| With reference to your complaint number 20060051, we would like to inform that for your order we are INITIATING the REFUND process for order number 7088345815 . Since you've paid the amount using credit card/debit card/bank account, you’ll receive your amount back of Rs 500 /- to the same account. | |
| Please note that your amount will reflect to your bank debit/credit card within next 4 business days. | |
| We hope we've solved your issue to your satisfaction. We again apologize for the inconvenience caused." | |
himanshudas
/ keybase.md
Created
October 30, 2015 16:18
himanshudas
/ osquery.conf
Created
November 12, 2015 18:52
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "options": { | |
| "host_identifier": "hostname", | |
| "schedule_splay_percent": 10, | |
| "verbose": true | |
| }, | |
| "schedule": { | |
| "distinct_users": { | |
| "query": "select distinct user from logged_in_users where user is not '';", | |
| "interval": 60 |
himanshudas
/ osquery.conf
Created
November 12, 2015 19:36
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "options": { | |
| "host_identifier": "hostname", | |
| "schedule_splay_percent": 10 | |
| }, | |
| "schedule": { | |
| "macosx_kextstat": { | |
| "query": "SELECT * FROM kernel_extensions;", | |
| "interval": 10 | |
| } |
himanshudas
/ azure
Created
June 22, 2017 20:59
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ["40.112.124.0/24","65.52.128.0/19","94.245.97.0/24","104.47.169.0/24","104.214.240.0/24","137.116.192.0/19","168.63.0.0/19","168.63.96.0/20","168.63.112.16/28","168.63.112.64/26","168.63.112.128/25","168.63.113.0/24","168.63.114.0/23","168.63.116.0/22","168.63.120.0/21","193.149.80.0/22","213.199.128.0/21","213.199.136.0/22","213.199.180.32/28","213.199.180.112/28","213.199.183.0/24","23.97.128.0/17","23.98.46.0/24","23.100.0.0/20","23.101.64.0/20","40.74.0.0/18","40.90.141.160/27","40.114.128.0/18","104.40.128.0/17","104.44.90.192/27","104.44.93.192/27","104.44.95.96/28","104.45.0.0/18","104.45.64.0/20","104.46.32.0/19","137.117.128.0/17","168.61.56.16/28","168.61.56.32/27","168.61.56.64/26","168.61.56.128/26","168.61.56.192/28","168.61.56.224/27","168.61.57.32/27","168.61.57.64/26","168.61.57.128/25","168.61.58.0/26","168.61.58.128/26","168.61.58.192/28","168.61.58.224/27","168.61.59.0/25","168.61.59.224/28","168.61.60.0/24","168.61.61.0/26","168.61.61.96/27","168.61.61.128/25","168.61.62.0/23","191.233.64 |
himanshudas
/ seccomp-read
Created
July 13, 2019 08:54
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://eigenstate.org/notes/seccomp | |
| https://github.com/gparent/seccomp-helloworld | |
| http://doger.io/ | |
| https://ghedo.github.io/pflask/ | |
| https://github.com/CodethinkLabs/sandboxlib | |
| http://opensourceforu.com/2016/07/many-approaches-sandboxing-linux/ | |
| www.insanitybit.com/2014/09/08/3719/ | |
| http://stackoverflow.com/questions/40107782/how-to-seccomp-a-subprocess | |
| https://s3hh.wordpress.com/2012/07/24/playing-with-seccomp/ | |
| https://blog.yadutaf.fr/2014/05/29/introduction-to-seccomp-bpf-linux-syscall-filter/ |
himanshudas
/ gist:b988c98b2f50094b2bffeac235c57448
Created
March 5, 2020 03:21
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| setTimeout(function() { | |
| Java.perform(function () { | |
| try{ | |
| var Squareup_OkHostnameVerifier_Activity = Java.use('com.squareup.okhttp.internal.tls.OkHostnameVerifier'); | |
| Squareup_OkHostnameVerifier_Activity.verify.overload('java.lang.String', 'java.security.cert.X509Certificate').implementation = function (str1, str2) { | |
| console.log('[+] Bypassing Squareup OkHostnameVerifier {1}: ' + str1); | |
| return true; | |
| catch(err){ | |
| console.log(err.stack); | |
| } |
himanshudas
/ subdomain_wordlist.txt
Created
March 23, 2020 13:10
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 0-1603.xichen0.dev | |
| 0-177 | |
| 0-18 | |
| 0-193 | |
| 0-2009.cgibbs0.dev | |
| 0-3a.xichen0.dev | |
| 0-42.ll.dev | |
| 0-50.cgibbs0.dev | |
| 0-5a.xichen0.dev | |
| 0-625.cgibbs0.dev |
himanshudas
/ logstash-grok-pattern-enriched-vpc-flow-logs
Created
May 27, 2020 14:53
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Enriched VPC Flow Log fields | |
| ${version} ${vpc-id} ${subnet-id} ${instance-id} ${interface-id} ${account-id} ${type} ${srcaddr} ${dstaddr} ${srcport} ${dstport} ${pkt-srcaddr} ${pkt-dstaddr} ${protocol} ${bytes} ${packets} ${start} ${end} ${action} ${tcp-flags} ${log-status} | |
| # https://aws.amazon.com/about-aws/whats-new/2020/05/add-enriched-metadata-to-amazon-vpc-flow-logs-published-to-cloudwatch-logs-and-s3/ | |
| #GROK Pattern | |
| %{NUMBER:version:int} %{NOTSPACE:vpc-id} %{NOTSPACE:subnet-id} - %{NOTSPACE:interface-id} %{NUMBER:account-id} %{NOTSPACE:type} %{NOTSPACE:srcaddr} %{NOTSPACE:dstaddr} %{NUMBER:srcport:int} %{NUMBER:dstport:int} %{NOTSPACE:srcpktaddr} %{NOTSPACE:dstpktaddr} %{NOTSPACE:protocol} %{NUMBER:bytes:int} %{NUMBER:packets:int} %{NUMBER:start:int} %{NUMBER:end:int} %{NOTSPACE:action} %{NOTSPACE:tcpflags} %{NOTSPACE:logstatus} |
OlderNewer