midnightslacker

$ curl --help
Usage: curl [options...] <url>
     --abstract-unix-socket <path> Connect via abstract Unix domain socket
     --alt-svc <file name> Enable alt-svc with this cache file
     --anyauth       Pick any authentication method
 -a, --append        Append to target file when uploading
     --basic         Use HTTP Basic Authentication
     --cacert <file> CA certificate to verify peer against
     --capath <dir>  CA directory to verify peer against
 -E, --cert <certificate[:password]> Client certificate file and password

midnightslacker

#!/bin/bash

# This script attempts to locate potential dangling domains on AWS. You need AWS CLI installed and your keys configured
# Make sure you insert your Bing API key below as well.
# All the sleeps were necessary to not allocate the same IP address multiple times


while true
do
	unset IP

midnightslacker

#!/bin/bash

REGIONS=`aws ec2 describe-regions --query Regions[].RegionName  --output text`

for r in $REGIONS ; do
	VAULTS=`aws backup list-backup-vaults --query BackupVaultList[].BackupVaultName --output text --region $r`

	for v in $VAULTS ; do
		RECOVERY_POINTS=`aws backup list-recovery-points-by-backup-vault --backup-vault-name $v --query RecoveryPoints[].RecoveryPointArn --output text --region $r`
		for a in $RECOVERY_POINTS ; do

midnightslacker

openssl

Install

Install the OpenSSL on Debian based systems

sudo apt-get install openssl

midnightslacker

How to Build a Cuckoo Sandbox Malware Analysis System

I had a heck of a time getting a Cuckoo sandbox running, and below I hope to help you get one up and running relatively quickly by detailing out the steps and gotchas I stumbled across along the way. I mention this in the references at the end of this gist, but what you see here is heavily influenced by this article from Nviso

Build your Linux Cuckoo VM

1. Setup a Ubuntu 16.04 64-bit desktop VM (download here) in VMWare with the following properties:

• 100GB hard drive
• 2 procs
• 8 gigs of RAM

midnightslacker

#  ---------------------------------------------------------------------------
#
#  Description:  This file holds all my BASH configurations and aliases
#
#  Sections:
#  1.   Environment Configuration
#  2.   Make Terminal Better (remapping defaults and adding functionality)
#  3.   File and Folder Management
#  4.   Searching
#  5.   Process Management

midnightslacker

filter Expand-DefenderAVSignatureDB {
<#
.SYNOPSIS

Decompresses a Windows Defender AV signature database (.VDM file).

.DESCRIPTION

Expand-DefenderAVSignatureDB extracts a Windows Defender AV signature database (.VDM file). This function was developed by reversing mpengine.dll and with the help of Tavis Ormandy and his LoadLibrary project (https://github.com/taviso/loadlibrary). Note: Currently, "scrambled" databases are not supported although, I have yet to encounter a scrambled database. Thus far, all databases I've encountered are zlib-compressed.

midnightslacker

# Carbon Black Evil PowerShell LSASS Query
#
# Prints out malicious Powershell events that have a crossproc event for c:\windows\system32\lsass.exe
#
# Author: Jason Lang (@curi0usJack)
#
# Prereqs (Windows 10)
#	Install bash on Win10
#	sudo apt-get install python-pip
#	sudo pip install --upgrade requests

midnightslacker

Use these rapid keyboard shortcuts to control the GitHub Atom text editor on Mac OSX.

Key to the Keys

• ⌘ : Command key
• ⌃ : Control key
• ⌫ : Delete key
• ← : Left arrow key
• → : Right arrow key
• ↑ : Up arrow key

midnightslacker

sudo apt-get install -y supervisor

sudo mkdir /usr/share/elasticsearch
cd /usr/share/elasticsearch

sudo wget https://download.elasticsearch.org/kibana/kibana/kibana-4.0.1-linux-x64.tar.gz
sudo wget https://download.elasticsearch.org/elasticsearch/elasticsearch/elasticsearch-1.4.4.tar.gz
sudo wget https://download.elasticsearch.org/logstash/logstash/logstash-1.4.2.tar.gz

sudo tar -zxvf elasticsearch-0.90.0.tar.gz