Skip to content

Instantly share code, notes, and snippets.

View neu5ron's full-sized avatar

Nate Guagenti neu5ron

124 followers · 28 following
View GitHub Profile
@v-fox
v-fox / NVMe_tweaks.md
Last active November 4, 2025 23:58
Linux kernel optimizations for NVMe

By default Linux distros are unoptimized in terms of I/O latency. So, here are some tips to improve that.

Most apps still don't do multi-threaded I/O access, so it's a thread-per-app which makes per-app speed always bottlenecked by single-core CPU performance (that's not even accounting for stuttering on contention between multiple processes), so even with NVMe capable of 3-6 GB/s of linear read you may get only 1-2 GB/s with ideal settings and 50-150/100-400 MB/s of un/buffered random read (what apps actually use in real life) is the best you can hope for.

All writes are heavily buffered on 3 layers (OS' RAM cache, device's RAM cache, device's SLC-like on-NAND cache), so it's difficult to get real or stable numbers but writes are largelly irrelevant for system's responsiveness, so they may be sacrificed for better random reads.

The performance can be checked by:

  • `fio --name=read --readonly --rw={read/randread} --ioengine=libaio --iodepth={jobs_per_each_worker's_command} --bs={4k/2M} --direct={0/1} --num
@vysecurity
vysecurity / Azure
Last active August 31, 2017 05:14
admin.iris.net
admin.mywebvalet.net
admin.seo.com.cn
api.mywebvalet.net
api.nuget.org
api.squaremeal.co.uk
app.iris.net
app.mywebvalet.net
app.swyftmedia.com
cdn.24sevenoffice.com
@dcode
dcode / rock_hardware.adoc
Last active July 31, 2019 04:41

ROCK Sensor Parts List

Below is the hardware I use for development and home use of my ROCK sensor. It’s an extremely powerful system in a small form factor, under $1000. The most important aspects to me were that I wanted IPMI for baremetal remote management, dual Intel NICs, quiet, and relatively low-power. I sit by this thing and work everyday and don’t want to wear hearing protection while I write code.

The prices reflect what I paid for them in March 2016. No doubt the prices will have changed and newer, better stuff is probably available. Things like RAM and SSDs go on sale all the time, so look for that if you’re a bargain shopper.

@Tuurlijk
Tuurlijk / logstash.conf
Created March 3, 2017 14:21
National Vulnerability Database (NVD) XML | JSON | logstash
input {
tcp {
port => 5000
codec => json_lines {
}
}
}
## Add your filters / logstash plugins configuration here
filter {
@justincjahn
justincjahn / 10-cisco-elasticsearch.conf
Last active October 30, 2025 12:54
Logstash: Processing Cisco Logs
#
# INPUT - Logstash listens on port 8514 for these logs.
#
input {
udp {
port => "8514"
type => "syslog-cisco"
}
@x0rz
x0rz / fake_sandbox.ps1
Created April 14, 2016 13:56
# Simulate fake processes of analysis sandbox/VM that some malware will try to evade
# This just spawn ping.exe with different names (wireshark.exe, vboxtray.exe, ...)
# It's just a PoC and it's ugly as f*ck but hey, if it works...
# Usage: .\fake_sandbox.ps1 -action {start,stop}
param([Parameter(Mandatory=$true)][string]$action)
$fakeProcesses = @("wireshark.exe", "vmacthlp.exe", "VBoxService.exe",
"VBoxTray.exe", "procmon.exe", "ollydbg.exe", "vmware-tray.exe",
@gfoss
gfoss / PowerShell Command Line Logging
Last active January 10, 2025 19:49
Detect and alert on nefarious PowerShell command line activity
# PowerShell Audit Logging for LogRhythm SIEM - 2015
# For detecting dangerous PowerShell Commands/Functions
Log Source Type:
MS Event Log for Win7/Win8/2008/2012 - PowerShell
Add this file to your PowerShell directory to enable verbose command line audit logging
profile.ps1
$LogCommandHealthEvent = $true
$LogCommandLifeCycleEvent = $true