Given an input PCAP and a location in a Bro script, this script will filter the PCAP into a new file, which contains only the connections that visited that script location. This script can help filter a large PCAP to narrow down problematic connections, such as protocol violations, weirds, etc.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import BaseHTTPServer | |
from SimpleHTTPServer import SimpleHTTPRequestHandler | |
import sys | |
import base64 | |
key = "" | |
class AuthHandler(SimpleHTTPRequestHandler): | |
''' Main class to present webpages and authentication. ''' | |
def do_HEAD(self): |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <stdlib.h> | |
#include <stdio.h> | |
#include <string.h> | |
#include <iostream> | |
#include <unistd.h> | |
#include <boost/thread.hpp> | |
#include <sys/mman.h> | |
#include <poll.h> | |
#include <arpa/inet.h> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Ron Sweeney | |
# Dev Arboretum | |
# Original Post: http://www.clubpacswestmi.net/articles/2007/4/1/a-ruby-hl7-sniffer | |
require 'pcap' | |
require 'Ethernet' | |
require 'rubygems' | |
require 'ruby-hl7' | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package main | |
import ( | |
"fmt" | |
"os" | |
) | |
func main() { | |
err := os.Rename("/dir1/file1", "/dir2/file2") |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package main | |
import ( | |
git "github.com/libgit2/git2go" | |
"log" | |
) | |
func credentialsCallback(url string, username string, allowedTypes git.CredType) (git.ErrorCode, *git.Cred) { | |
ret, cred := git.NewCredSshKey("git", "/home/vagrant/.ssh/id_rsa.pub", "/home/vagrant/.ssh/id_rsa", "") | |
return git.ErrorCode(ret), &cred |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# To minimize bugs, include this comment: | |
# | |
# | |
# _oo0oo_ | |
# o8888888o | |
# 88" . "88 | |
# (| -_- |) | |
# 0\ = /0 | |
# ___/`---'\___ | |
# .' \| |// '. |
This is a short article on how we integrate stash and slack in openmind
First of all i assume you have:
- a working stash installation
- a repository you to notify slack on pushes
- stash user with administration priviledges
- full access to the server (linux) where stash is installed on
- a team configured on slack
- slack user with administration priviledges
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
event protocol_confirmation (c: connection, atype: Analyzer::Tag, aid: count) | |
{ | |
if ( atype == Analyzer::ANALYZER_SMTP ) | |
{ | |
local both_file = generate_extraction_filename(Conn::extraction_prefix, c, "both.dat"); | |
local both_f = open(both_file); | |
set_contents_file(c$id, CONTENTS_BOTH, both_f); | |
} | |
} |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
import os | |
import sys | |
import time | |
DEFAULT_LOG = "/bro/logs/current/conn.log" | |
def config(): | |
print """ | |
graph_category network |
NewerOlder