Michal Purzynski mpurzynski
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| CAFVER=0.14.6 | |
| all: caf bro | |
| caf: cleancaf fetchcaf buildcaf installcaf | |
| fetchcaf: | |
| wget https://github.com/actor-framework/actor-framework/archive/$(CAFVER).tar.gz |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff -ur bro-2.5.9271b2032.orig/aux/broker/tests/CMakeLists.txt bro-2.5.9271b2032/aux/broker/tests/CMakeLists.txt | |
| --- bro-2.5.9271b2032.orig/aux/broker/tests/CMakeLists.txt 2018-03-23 21:29:56.000000000 -0700 | |
| +++ bro-2.5.9271b2032/aux/broker/tests/CMakeLists.txt 2018-03-23 23:06:20.000000000 -0700 | |
| @@ -13,7 +13,7 @@ | |
| add_executable(${name} ${name}.cc) | |
| endif () | |
| - target_link_libraries(${name} ${libbroker}) | |
| + target_link_libraries(${name} ${libbroker} -lpthread) | |
mpurzynski
/ name -l as bro
Last active
August 27, 2018 19:00
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Unit] | |
| Description=otxupdate cron | |
| [Service] | |
| EnvironmentFile=/etc/profile | |
| Type=oneshot | |
| #WorkingDirectory=/etc/bro/scripts/site/otx | |
| ExecStart=/usr/local/bin/bro-otx.py -c /etc/bro/scripts/site/otx/bro-otx.conf | |
| StandardOutput=syslog | |
| StandardError=syslog |
mpurzynski
/ gist:46a85f1d9ce1c4a7d7427d10c1072cb6
Created
August 27, 2018 19:22
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| systemctl cat otxupdate | |
| # /etc/systemd/system/otxupdate.service | |
| [Unit] | |
| Description=otxupdate cron | |
| [Service] | |
| EnvironmentFile=/etc/profile | |
| Type=oneshot | |
| WorkingDirectory=-/etc/bro/scripts/site/otx | |
| ExecStart=/usr/local/bin/bro-otx.py -c /etc/bro/scripts/site/otx/bro-otx.conf |
mpurzynski
/ monitor_int_enp18s0f0.service
Created
September 14, 2018 20:02
monitor_int_enp18s0f0.service
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #cat /etc/systemd/system/monitor_int_enp18s0f0.service | |
| [Unit] | |
| Description=Configure monitor interfaces | |
| Before=bro.service | |
| Wants=network.target | |
| [Service] | |
| Type=oneshot |
mpurzynski
/ start_myricom_suricata.sh
Created
September 25, 2018 23:37
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| CPU_NUM=`cat /proc/cpuinfo | grep -E 'model name' | wc -l` | |
| if [[ "${CPU_NUM}" -eq 32 ]]; then | |
| export SNF_NUM_RINGS=16 | |
| elif [[ "${CPU_NUM}" -eq 56 ]]; then | |
| export SNF_NUM_RINGS=28 | |
| else | |
| exit 1; |
mpurzynski
/ get-sts-session.sh
Created
October 23, 2018 23:07
— forked from gene1wood/GET-STS-SESSION.md
Tool to create ephemeral awscli/boto config/credentials files for creating a long lasting (36 hour) cached MFA and child assumed role
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # This only needs to be set if in your non-ephemeral AWS config you use a source profile other than "default". | |
| # Source profile is the profile with your actual long lived API keys | |
| SOURCE_PROFILE_NAME= | |
| # This is the ARN of the IAM role that you want to assume by default | |
| DEFAULT_ASSUMED_ROLE_ARN= | |
| # This is an optional descriptive name of the IAM role that you want to assume by default |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| push: | |
| username: details.body.sender.login | |
| email: details.body.pusher.email | |
| id: details.body.sender.id | |
| action: details.body.action | |
| commits: details.body.commits | |
| created: details.body.created | |
| deleted: details.body.deleted | |
| forced: details.body.forced |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| >>> eth.stat('ens33') | |
| {'rx_packets': 44221, 'tx_packets': 21521, 'rx_bytes': 46567966, 'tx_bytes': 2657722, 'rx_broadcast': 0, 'tx_broadcast': 0, 'rx_multicast': 0, 'tx_multicast': 0, 'rx_errors': 0, 'tx_errors': 0, 'tx_dropped': 0, 'multicast': 0, 'collisions': 0, 'rx_length_errors': 0, 'rx_over_errors': 0, 'rx_crc_errors': 0, 'rx_frame_errors': 0, 'rx_no_buffer_count': 0, 'rx_missed_errors': 0, 'tx_aborted_errors': 0, 'tx_carrier_errors': 0, 'tx_fifo_errors': 0, 'tx_heartbeat_errors': 0, 'tx_window_errors': 0, 'tx_abort_late_coll': 0, 'tx_deferred_ok': 0, 'tx_single_coll_ok': 0, 'tx_multi_coll_ok': 0, 'tx_timeout_count': 0, 'tx_restart_queue': 0, 'rx_long_length_errors': 0, 'rx_short_length_errors': 0, 'rx_align_errors': 0, 'tx_tcp_seg_good': 33, 'tx_tcp_seg_failed': 0, 'rx_flow_control_xon': 0, 'rx_flow_control_xoff': 0, 'tx_flow_control_xon': 0, 'tx_flow_control_xoff': 0, 'rx_long_byte_count': 46567966, 'rx_csum_offload_good': 44201, 'rx_csum_offload_errors': 0, 'alloc_rx_buff_failed': 0, 'tx_smbus': 0, ' |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ../tests/alerts/alert_test_suite.py:151: | |
| _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ | |
| ../tests/alerts/alert_test_suite.py:219: in verify_alert_task | |
| self.verify_rabbitmq_alert(found_alert, test_case) | |
| _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ | |
| self = <test_nsm_scan_address.TestNSMScanAddress object at 0x105e27690> | |
| found_alert = {'_id': 'AWcuJF-itQ9ZTot1eXwb', '_index': 'alerts-201811', '_score': 0.0, '_source': {'category': 'nsm', 'events': [{'...zdefhostname': 'mozdefhost', ...}, 'documenttype': 'event'}], 'ircchannel': None, 'notify_mozdefbot': False, ...}, ...} | |
| test_case = <positive_alert_test_case.PositiveAlertTestCase object at 0x105159f90> |