I hereby claim:
- I am johnnykv on github.
- I am jkv (https://keybase.io/jkv) on keybase.
- I have a public key whose fingerprint is 960C 3124 BAE6 276F DB40 9713 B0B2 7FDC 7DF5 4468
To claim this, I am signing this object:
Johnny Vestergaard johnnykv
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sqlite3 | |
| import csv | |
| import glob | |
| import pprint | |
| def get_count(conn, query_string): | |
| cursor.execute(query_string) | |
| return cursor.fetchone()[0] | |
| def get_general_stats(cursor): |
johnnykv
/ process_activity_file.py
Created
August 20, 2016 14:14
script to parse and save heralding activity logs to sqlite
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # Copyright (C) 2016 Johnny Vestergaard <[email protected]> | |
| # | |
| # This program is free software: you can redistribute it and/or modify | |
| # it under the terms of the GNU General Public License as published by | |
| # the Free Software Foundation, either version 3 of the License, or | |
| # (at your option) any later version. | |
| # This program is distributed in the hope that it will be useful, | |
| # but WITHOUT ANY WARRANTY; without even the implied warranty of |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <group name="syslog, dolos,"> | |
| <rule id="48201" level="12"> | |
| <decoded_as>beeswarm</decoded_as> | |
| <match>session on port</match> | |
| <description>Someone tried to connect to a honeypot</description> | |
| </rule> | |
| <rule id="48202" level="14"> | |
| <decoded_as>beeswarm</decoded_as> | |
| <match>authentication attempt from</match> |
johnnykv
/ sip_template.py
Created
September 10, 2014 19:48
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import socket | |
| import logging | |
| from beeswarm.drones.honeypot.capabilities.handlerbase import HandlerBase | |
| logger = logging.getLogger(__name__) | |
| class SIP(HandlerBase): |
johnnykv
/ keybase.md
Created
July 14, 2014 17:45
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <stix:STIX_Package xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
| xmlns:cybox="http://cybox.mitre.org/cybox-2" | |
| xmlns:cyboxCommon="http://cybox.mitre.org/common-2" | |
| xmlns:AddressObj="http://cybox.mitre.org/objects#AddressObject-2" | |
| xmlns:PortObj="http://cybox.mitre.org/objects#PortObject-2" | |
| xmlns:SocketAddressObj="http://cybox.mitre.org/objects#SocketAddressObject-1" | |
| xmlns:NetworkConnectionObj="http://cybox.mitre.org/objects#NetworkConnectionObject-2" | |
| xmlns:stix="http://stix.mitre.org/stix-1" | |
| xmlns:stixCommon="http://stix.mitre.org/common-1" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <stix:STIX_Package xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
| xmlns:cybox="http://cybox.mitre.org/cybox-2" | |
| xmlns:cyboxCommon="http://cybox.mitre.org/common-2" | |
| xmlns:AddressObj="http://cybox.mitre.org/objects#AddressObject-2" | |
| xmlns:PortObj="http://cybox.mitre.org/objects#PortObject-2" | |
| xmlns:HTTPSessionObj="http://cybox.mitre.org/objects#HTTPSessionObject-2" | |
| xmlns:stix="http://stix.mitre.org/stix-1" | |
| xmlns:stixCommon="http://stix.mitre.org/common-1" | |
| xmlns:incident="http://stix.mitre.org/Incident-1" |
johnnykv
/ conpot_stix.xml
Last active
December 31, 2015 01:29
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <stix:STIX_Package xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
| xmlns:cybox="http://cybox.mitre.org/cybox-2" | |
| xmlns:cyboxCommon="http://cybox.mitre.org/common-2" | |
| xmlns:AddressObj="http://cybox.mitre.org/objects#AddressObject-2" | |
| xmlns:PortObj="http://cybox.mitre.org/objects#PortObject-2" | |
| xmlns:SocketAddressObj="http://cybox.mitre.org/objects#SocketAddressObject-1" | |
| xmlns:NetworkConnectionObj="http://cybox.mitre.org/objects#NetworkConnectionObject-2" | |
| xmlns:stix="http://stix.mitre.org/stix-1" | |
| xmlns:stixCommon="http://stix.mitre.org/common-1" |
johnnykv
/ gist:7900890
Created
December 10, 2013 21:50
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="UTF-8"?> | |
| <stix:STIX_Package xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
| xmlns:cybox="http://cybox.mitre.org/cybox-2" | |
| xmlns:cyboxCommon="http://cybox.mitre.org/common-2" | |
| xmlns:cyboxVocabs="http://cybox.mitre.org/default_vocabularies-2" | |
| xmlns:AddressObj="http://cybox.mitre.org/objects#AddressObject-2" | |
| xmlns:PortObj="http://cybox.mitre.org/objects#PortObject-2" | |
| xmlns:SocketAddressObj="http://cybox.mitre.org/objects#SocketAddressObject-1" | |
| xmlns:NetworkConnectionObj="http://cybox.mitre.org/objects#NetworkConnectionObject-2" | |
| xmlns:stix="http://stix.mitre.org/stix-1" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <stix:STIX_Package xmlns:CodeObj="http://cybox.mitre.org/objects#CodeObject-2" xmlns:ioc-tr="http://schemas.mandiant.com/2010/ioc/TR/" xmlns:GUIObj="http://cybox.mitre.org/objects#GUIObject-2" xmlns:UnixVolumeObj="http://cybox.mitre.org/objects#UnixVolumeObject-2" xmlns:WinNetworkRouteEntryObj="http://cybox.mitre.org/objects#WinNetworkRouteEntryObject-2" xmlns:maec="http://maec.mitre.org/XMLSchema/maec-package-2" xmlns:WinDriverObj="http://cybox.mitre.org/objects#WinDriverObject-2" xmlns:NetworkSocketObj="http://cybox.mitre.org/objects#NetworkSocketObject-2" xmlns:GUIDialogBoxObj="http://cybox.mitre.org/objects#GUIDialogboxObject-2" xmlns:LibraryObj="http://cybox.mitre.org/objects#LibraryObject-2" xmlns:openiocTM="http://stix.mitre.org/extensions/TestMechanism#OpenIOC2010-1" xmlns:WinThreadObj="http://cybox.mitre.org/objects#WinThreadObject-2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:DiskObj="http://cybox.mitre.org/objects#DiskObject-2" xmlns:NetworkConnectionObj="http://cybox.mitre.org/obj |
NewerOlder