Skip to content

Instantly share code, notes, and snippets.

View kevinkeeneyjr's full-sized avatar

Kevin Keeney kevinkeeneyjr

13 followers · 23 following
View GitHub Profile
@jeffgeiger
jeffgeiger / useless.sh
Created February 12, 2016 19:29
Useless Yet Fun Shell Functions
#Silliness abounds
nocolor() { echo -en "\033[0;39m"; }
dots() { clear; while :; do let "first = $RANDOM % 2"; let "second = $RANDOM % 6 +1"; let "PAUSE = $RANDOM % 9 +1"; echo -en "\033[${first};3${second}m⬤ "; sleep .${second}; if [[ $RANDOM -gt 22000 ]]; then echo -en "\b\b\b\b \b\b\b\b"; fi; done; }
arrows() { clear; ARROWS=(⬅ ⬆ ⬇); while :; do let "arrval = $RANDOM % 3"; let "first = $RANDOM % 2"; let "second = $RANDOM % 6 +1"; let "PAUSE = $RANDOM % 9 +1"; echo -en "\033[${first};3${second}m${ARROWS[$arrval]} "; sleep .${second}; if [[ $RANDOM -gt 22000 ]]; then echo -en "\b\b\b\b \b\b\b\b"; fi; done; }
@dcode
dcode / laikaboss_el7.sh
Last active August 29, 2015 14:26
Install Laikaboss on CentOS 7.1
#===============================================================#
# Installing Laikaboss on CentOS 7.1
#===============================================================#
# Enable EPEL repo
sudo yum install -y epel-release
# Install dcode/cyberdev repo
curl -s https://packagecloud.io/install/repositories/dcode/cyberdev/script.rpm.sh | sudo bash
@grigorescu
grigorescu / bro_intel_2.md
Last active December 22, 2015 15:59
Bro Intelligence Framework tutorial - part 3

It’s very possible that hits on intelligence could be something that you want turned into a notice even though the basic intel framework does not provide that functionality. This is an example of data driven notice creation with the do_notice.bro script that is included with Bro.

We need to create a new intelligence file. Create intel-2.dat.

#fields<TAB>indicator<TAB>indicator_type<TAB>meta.source<TAB>meta.do_notice
fetchback.com<TAB>Intel::DOMAIN<TAB>my_special_source<TAB>T

The only difference from the previous intelligence file is the do_notice column.

@grigorescu
grigorescu / bro_intel_1.md
Last active May 17, 2019 16:20
Bro Intelligence Framework tutorial - part 1

First we are going to do an extremely simple case of loading some data and matching it. First we will create an intelligence file in Bro’s intelligence format. Create a file named “intel1.dat” with the following content. Keep in mind that all field separation is with literal tabs! Double check that you don’t have spaces as separators.

#fields<TAB>indicator<TAB>indicator_type<TAB>meta.source
fetchback.com<TAB>Intel::DOMAIN<TAB>my_special_source

The next step will obviously be to load this data into Bro which is done as a configuration option. Put the following script into the same directory as your “intel1.dat” file and call it “intel-1.bro”.