Skip to content

Instantly share code, notes, and snippets.

View sgnls's full-sized avatar

sgnls

22 followers · 14 following
View GitHub Profile
@sgnls
sgnls / Kusto_Lift_Graph.md
Created March 18, 2026 14:21 — forked from ddamenova/Kusto_Lift_Graph.md

Kusto Graph Functions for Cybersecurity Investigations

A set of Kusto (KQL) functions that transform tabular query results into graph structures — nodes and edges — for visual exploration in Kusto Explorer. Designed for lifting cybersecurity activity logs into graphs to aid in threat hunting and incident investigations. These set of functions were created by Saar Ron, John Lambert, and Diana Damenova.

Why Graphs?

Security logs are inherently relational: IPs connect to domains, users authenticate to devices, processes spawn other processes. Tabular views flatten these relationships, making it harder to spot patterns. These functions let you take any Kusto query result and, with a simple JSON mapping, project it into a graph you can explore visually with make-graph in the Kusto Explorer desktop app.

Functions

@sgnls
sgnls / resticheat.md
Created April 11, 2022 18:30 — forked from perfecto25/resticheat.md
Restic cheatsheet

Restic backup application - commands cheatsheet

Installation & config

  1. add Retic repo
  2. yum install restic

add a Restic credential file to root

vim /root/.restic
@sgnls
sgnls / C2s_Jan_15_2021.json
Created January 24, 2021 23:02 — forked from myrtus0x0/C2s_Jan_15_2021.json
{
"formbook": [
"http://www.evana-rohanihijab.com/iic6/",
"http://www.alsagranit.info/rhk/",
"http://www.deejayatl.com/khm/",
"http://www.afrogurls.com/wzpq/",
"http://www.themagiczones.com/llp/",
"http://www.maggiesdelibellyllc.com/th7/",
"http://www.mompndo.com/h2h/",
"http://www.transparentpetcrate.com/lnb/",
@sgnls
sgnls / trash.sh
Created August 13, 2020 17:33 — forked from geek-at/trash.sh
The script used to trash a banking phishing site
#!/bin/bash
while :; do
verf=$(cat /dev/urandom | tr -dc '0-9' | fold -w 8 | head -n 1)
pin=$(cat /dev/urandom | tr -dc '0-9' | fold -w 5 | head -n 1)
ip=$(printf "%d.%d.%d.%d\n" "$((RANDOM % 256))" "$((RANDOM % 256))" "$((RANDOM % 256))" "$((RANDOM % 256))")
@sgnls
sgnls / gist:085a4d30c04457e634302b9b629ae07d
Created July 13, 2020 20:51 — forked from ToadKing/gist:38c6a249a1419c1df6cce4b7174f1fdb
<div id="wheel" ref="wheelContainer" :style="styles.wheel">
<img :style="styles.ticker"
ref="ticker"
:src="settings.ticker.url"/>
<div id="inner-wheel">
<img v-if="settings.centerImage.enabled"
:src="settings.centerImage.url"
:style="styles.centerImage" />
<svg viewBox="-1 -1 2 2"
xmlns="http://www.w3.org/2000/svg"
@sgnls
sgnls / 98-steelseries.rules
Created July 13, 2020 20:50 — forked from ToadKing/98-steelseries.rules
steelseries udev rules+script
ACTION=="add", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="1038" RUN+="/etc/udev/rules.d/steelseries-perms.py '%E{DEVNAME}'"
@sgnls
sgnls / airwave64.sh
Created May 24, 2020 19:04 — forked from rodlie/airwave64.sh
Build and install Airwave64 on Ubuntu Bionic (https://youtu.be/p93Fj3I3t9I)
#!/bin/sh
# Build and install Airwave64
# https://github.com/rodlie - <ole.andre.rodlie@gmail.com>
#
CWD=`pwd`
AIRWAVE_GIT="https://github.com/phantom-code/airwave"
AIRWAVE_COMMIT="8cd3507a46c2f7809a2ef8481cbded7dcbbae8ff"
VST_V="369_01_03_2018_build_132"
@sgnls
sgnls / wireshark-dark.py
Created January 3, 2020 11:01 — forked from hexdefined/wireshark-dark.py
Invert the luminosity of Wireshark packets (for dark themes)
#!/usr/bin/env python3
import fileinput
import re
from colorsys import *
def rgb_to_hsl(r, g, b):
return hsv_to_hsl(*rgb_to_hsv(r, g, b))
def hsl_to_rgb(h, s, l):
return hsv_to_rgb(*hsl_to_hsv(h, s, l))
@sgnls
sgnls / cntlm_npm.md
Created May 7, 2019 08:29 — forked from triskell/cntlm_npm.md
[Windows 7] CNTLM and NPM behind NTLM proxy

CNTLM and NPM behind NTLM proxy on Windows 7

CNTLM

  • Install CNTLM in a folder where you have full rights to run it as administrator.

  • Open cntlm.ini and fill it :

Username    YOUR_USERNAME
Domain YOUR_DOMAIN
@sgnls
sgnls / generate.c
Created March 12, 2019 14:36 — forked from munificent/generate.c
A random dungeon generator that fits on a business card
#include <time.h> // Robert Nystrom
#include <stdio.h> // @munificentbob
#include <stdlib.h> // for Ginny
#define r return // 2008-2019
#define l(a, b, c, d) for (i y=a;y\
<b; y++) for (int x = c; x < d; x++)
typedef int i;const i H=40;const i W
=80;i m[40][80];i g(i x){r rand()%x;
}void cave(i s){i w=g(10)+5;i h=g(6)
+3;i t=g(W-w-2)+1;i u=g(H-h-2)+1;l(u