el-brujo ehnwebmaster
Bsebring
/ abuseipdb_report.lua
Last active
February 9, 2024 14:26
A Lua script developed to work with Suricata. This script reports malicious IPs to abuseipdb.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env lua | |
| -- Tells Suricata to only execute this script if the | |
| -- packet triggered an alert | |
| function init (args) | |
| local needs = {} | |
| needs["type"] = "packet" | |
| needs["filter"] = "alerts" | |
| return needs | |
| end |
rraallvv
/ open-cloudflare_(firewalld).sh
Last active
November 19, 2022 22:44
Open public ports to Cloudflare for Firewalld
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # Instructions: | |
| # | |
| # 1) Place this script in the /root/ directory, give it proper permissions. | |
| # $ sudo chmod +x /root/open-cloudflare.sh | |
| # | |
| # 2) Open the cron job editor | |
| # $ sudo crontab -e | |
| # |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Put this file under /etc/spamassassin/ and run an sa-update or reload amavis etc. | |
| # | |
| #-------------------------------------------------- | |
| # The only RBL I trust, UCEPROTECT1 (single IP, not IP-ranges or entire ISPs) http://uceprotect.net | |
| #-------------------------------------------------- | |
| header RCVD_IN_UCEPROTECT1 eval:check_rbl_txt('uceprotect1', 'dnsbl-1.uceprotect.net') | |
| describe RCVD_IN_UCEPROTECT1 Listed in dnsbl-1.uceprotect.net | |
| tflags RCVD_IN_UCEPROTECT1 net | |
| score RCVD_IN_UCEPROTECT1 1.8 |
ikawka
/ cloudflare-trace.js
Last active
December 31, 2023 12:29
Trace current user's location via javascript with CloudFlare provided the /cdn-cgi/trace is enabled.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| (function($){ | |
| $(function(){ | |
| $.ajax({ | |
| contentType: 'application/text; charset=utf-8', | |
| crossBrowser: true, | |
| type: 'GET', | |
| url: '/cdn-cgi/trace', | |
| }).done(function(d){ | |
| var data = d.replace(/[\r\n]+/g, '","').replace(/\=+/g, '":"'); | |
| data = '{"' + data.slice(0, data.lastIndexOf('","')) + '"}'; |