mgaulton
JadedDragoon
/ badips-ipset.sh
Last active
June 10, 2020 17:48
A script to create and update an ipset with ip addresses retrieved from the badips.com blacklist. (With just a little effort should work with url to any source of IPs separated by newlines)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Script for blocking IPs which have been reported to www.badips.com | |
| # via ipsets. | |
| # | |
| # - THIS SCRIPT DOES NOT BLOCK ANYTHING - | |
| # This script only updates ipsets with applicable data from | |
| # badips.com. Actually blocking the ips in that ipset is left | |
| # up to the user (so that you may do so however you prefer). | |
| # | |
| # Additionally, this script does not persist the ipsets through |
mgaulton
/ postfix-modify-header
Created
August 19, 2016 20:55
— forked from eegrok/postfix-modify-header
Modify the to: header in postfix
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # so recently I had an issue where I wanted to send email sent to a local user root (from logwatch, e.g.) to a different email address | |
| # simple enough -- just add a ~root/.forward file, with the contents [email protected] | |
| # all the email gets sent there... | |
| # but the email shows up with a to: header of [email protected] | |
| # what I really want is the to: header to be [email protected] | |
| # so I can filter emails, etc... below is how to do that. | |
| #uncomment the following line in /etc/postfix/main.cf | |
| #header_checks = regexp:/etc/postfix/header_checks |
alirobe
/ reclaimWindows10.ps1
Last active
May 14, 2025 14:03
This Windows 10 Setup Script turns off a bunch of unnecessary Windows 10 telemetery, bloatware, & privacy things. Not guaranteed to catch everything. Review and tweak before running. Reboot after running. Scripts for reversing are included and commented. Fork of https://github.com/Disassembler0/Win10-Initial-Setup-Script (different defaults). N.…
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### | |
| ### | |
| ### UPDATE: For Win 11, I recommend using this tool in place of this script: | |
| ### https://christitus.com/windows-tool/ | |
| ### https://github.com/ChrisTitusTech/winutil | |
| ### https://www.youtube.com/watch?v=6UQZ5oQg8XA | |
| ### iwr -useb https://christitus.com/win | iex | |
| ### | |
| ### OR take a look at | |
| ### https://github.com/HotCakeX/Harden-Windows-Security |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| echo "Baned last log" | |
| awk '($(NF-1) = /Ban/){print $NF}' /var/log/fail2ban.log | sort | uniq -c | sort -n | |
| echo "------------ Baned in all files --------------" | |
| zgrep -h "Ban " /var/log/fail2ban.log* | awk '{print $NF}' | sort | uniq -c | |
| echo "------------ Baned by subnet --------------------" | |
| zgrep -h "Ban " /var/log/fail2ban.log* | awk '{print $NF}' | awk -F\. '{print $1"."$2"."}' | sort | uniq -c | sort -n | tail | |
| echo "------------ Baned by date -------------------------" | |
| zgrep -h "Ban " /var/log/fail2ban.log* | awk '{print $5,$1}' | sort | uniq -c |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # file /etc/fail2ban/jail.conf | |
| [rutweb-badbot] | |
| enabled = true | |
| filter = rutweb-badbot | |
| action = iptables-multiport[name=badbot, port="80,443"] | |
| logpath = /var/log/httpd/badbot.log | |
| bantime = 600 | |
| maxretry = 1 | |
| # end file |
samuraee
/ iptable-block-torrent
Last active
October 20, 2024 06:54
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # block torrent traffic by iptable/firewall for VPN/Proxy server | |
| # [email protected] | |
| # Delete all existing rules | |
| iptables -F | |
| # Set default chain policies | |
| iptables -P INPUT DROP | |
| iptables -P FORWARD DROP |
Belphemur
/ iptables-tarpit.conf
Last active
October 10, 2022 18:29
Tarpit Action for Fail2ban with rate limit
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Fail2Ban configuration file | |
| # | |
| # Author: Cyril Jaquier | |
| # Modified: Yaroslav O. Halchenko <[email protected]> | |
| # made active on all ports from original iptables.conf | |
| # Modified: Antoine Aflalo <[email protected]> | |
| # Used the iptables-allports.conf as base for TARPIT. | |
| # | |
| # |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| jail.conf: | |
| [apache-antiloris] | |
| enabled = true | |
| filter = antiloris | |
| action = iptables-multiport[name=apache-antiloris,port="80,443"] | |
| logpath = /var/log/httpd/error_log | |
| filter.d/antiloris.conf: | |
| [Definition] | |
| # Option: failregex |
trepmal
/ honeypot.conf
Last active
March 1, 2016 19:46
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # /etc/fail2ban/filter.d/honeypot.conf | |
| # | |
| # Fail2Ban configuration file | |
| # | |
| # Author: Charles Lecklider | |
| # | |
| [INCLUDES] | |
| # Read common prefixes. If any customizations available -- read them from |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| echo "Updating SearchSploit... (Kali Linux)" | |
| # move into the exploit db directory within Kali | |
| cd /usr/share/exploitdb | |
| echo "Downloading latest archive..." | |
| wget http://www.exploit-db.com/archive.tar.bz2 | |
| echo "Downloaded archive, proceeding to extract..." | |
| tar -xjvf archive.tar.bz2 |
NewerOlder