I hereby claim:
- I am neu5ron on github.
- I am neu5ron (https://keybase.io/neu5ron) on keybase.
- I have a public key whose fingerprint is 6A0E 02A4 E191 1C10 DAB4 F257 C2E9 3D96 A895 5C05
To claim this, I am signing this object:
Nate Guagenti neu5ron
neu5ron
/ dynamic-dns.txt
Last active
September 10, 2022 10:08
This list has moved to the repo https://github.com/neu5ron/dynamic_dns_lists
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 3d-game.com #dtdns.com | |
| 4irc.com #dtdns.com | |
| b0ne.com #dtdns.com | |
| bbsindex.com #dtdns.com | |
| chatnook.com #dtdns.com | |
| darktech.org #dtdns.com | |
| deaftone.com #dtdns.com | |
| dtdns.net #dtdns.com | |
| effers.com #dtdns.com | |
| etowns.net #dtdns.com |
neu5ron
/ valid_domain_name_regex
Last active
July 2, 2023 10:40
Valid domain name regex including internationalized domain name
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| domain_regex = r'(([\da-zA-Z])([_\w-]{,62})\.){,127}(([\da-zA-Z])[_\w-]{,61})?([\da-zA-Z]\.((xn\-\-[a-zA-Z\d]+)|([a-zA-Z\d]{2,})))' | |
| #Python | |
| domain_regex = '{0}$'.format(domain_regex) | |
| valid_domain_name_regex = re.compile(domain_regex, re.IGNORECASE) | |
| self.domain_name = self.domain_name.lower().strip().encode('ascii') | |
| if re.match(valid_domain_name_regex, self.domain_name ): | |
| return True | |
| else: | |
| return False |
neu5ron
/ dynamic-dns-providers
Last active
May 18, 2024 11:55
This list has moved to the repo https://github.com/neu5ron/dynamic_dns_lists
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| dynu.com | |
| dyn.com | |
| no-ip.com | |
| noip.com | |
| changeip.com | |
| afraid.org | |
| duckdns.org | |
| dnsdynamic.org | |
| duiadns.net | |
| myonlineportal.com |
neu5ron
/ keybase.md
Created
October 14, 2016 17:41
neu5ron
/ nxlog-cuckoo-to-logstash.conf
Last active
February 1, 2018 23:26
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #define ROOT C:\Program Files\nxlog | |
| define ROOT C:\Program Files (x86)\nxlog | |
| Moduledir %ROOT%\modules | |
| CacheDir %ROOT%\data | |
| Pidfile %ROOT%\data\nxlog.pid | |
| SpoolDir %ROOT%\data | |
| LogFile %ROOT%\data\nxlog.log | |
| <Extension _json> |
neu5ron
/ DNSCrypt Ubuntu;OpenDNS Crypt
Last active
January 8, 2017 20:06
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo apt-get -y install build-essential checkinstall automake libtool pkg-config; | |
| wget -O libsodium.tar.gz https://download.libsodium.org/libsodium/releases/LATEST.tar.gz | |
| mkdir libsodium && tar -zxvf libsodium.tar.gz -C libsodium --strip-components=1; | |
| cd libsodium; | |
| chmod +x configure && sh ./configure; | |
| make; | |
| sudo make install; | |
| sudo ldconfig; | |
| cd ../; | |
| wget -O dnscrypt.tar.gz https://download.dnscrypt.org/dnscrypt-proxy/LATEST.tar.gz; |
neu5ron
/ 511-windows-event-powershell-operational.conf
Last active
August 13, 2018 18:50
Windows PowerShell Logstash Parser. Parses EventID's 4103 and 4104. Hash Script Block Text ---- useful for finding reoccuring scripts we want to whitelist/blacklist. Hash Script Block Text and UserID ---- because sometimes certain accounts should not run certain scripts, so filtering just by hash could be a problem.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| filter { | |
| if [@meta][log][type] == "windows-wef" { | |
| # PowerShell Operational Only | |
| if [Channel] == "Microsoft-Windows-PowerShell/Operational" { | |
| # EventID 4103 | |
| if [EventID] == 4103 { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <QueryList> | |
| <Query Id="0" Path="Security"> | |
| <Select Path="Security"> | |
| *[EventData[Data[@Name='ObjectName'] and (Data='C:\Users\Public\Documents\new-login-information.txt')]] | |
| and | |
| *[System[(EventID='4663')]] | |
| </Select> | |
| </Query> | |
| </QueryList> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #define ROOT C:\Program Files\nxlog | |
| define ROOT C:\Program Files (x86)\nxlog | |
| Moduledir %ROOT%\modules | |
| CacheDir %ROOT%\data | |
| Pidfile %ROOT%\data\nxlog.pid | |
| SpoolDir %ROOT%\data | |
| LogFile %ROOT%\data\nxlog.log | |
| <Extension _json> |
neu5ron
/ additional_http_headers-main.bro
Last active
January 9, 2019 11:18
Add Additional HTTP Header fields to Bro http logs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| module HTTP; | |
| # Add additional HTTP Headers | |
| redef record Info += { | |
| #Origin "Origin" | |
| origin: string &log &optional; | |
| }; | |
| event http_header(c: connection, is_orig: bool, name: string, value: string) &priority=5 |
OlderNewer