john's repositories
Apollo-11
Original Apollo 11 Guidance Computer (AGC) source code for the command and lunar modules.
assimilate
Assimilate is a series of scripts for using the Naïve Bayes algorithm to find potential malicious activity in HTTP headers
awesome-threat-detection
A curated list of awesome threat detection and hunting resources
awesome-threat-intelligence
A curated list of Awesome Threat Intelligence resources
Clearcut
机器学习分析http代理日志识别恶意活动,一个基础教程,用了nlp的一些特种处理方式加上tf-idf进行特征选择,然后丢进随机森林直接开跑。 讲了日志分析的基本套路,想入手日志分析的可以学习接触一下。基本套路就是 1. 把数据格式化成特征(tfidf就在这里用)这样机器就能处理日志了 2. 选择特征 3. 选择一个模型,一般NLP系列都是先SVM来一发调参 4. 选择合适的评价函数衡量模型好坏,并通过cross validation选择最优参数。链接: https://speakerdeck.com/davidjbianco/getting-started-with-machine-learning-for-incident-detection
fwpass
常见安全设备默认密码
hashcat
Advanced CPU-based password recovery utility
HELK
The Hunting ELK
ioc_writer
openioc to yara
ip2region
准确率99.9%的ip地址定位库,0.0x毫秒级查询,数据库文件大小只有1.5M,提供了java,php,c,python,nodejs,golang查询绑定和Binary,B树,内存三种查询算法,妈妈再也不用担心我的ip地址定位!
RATDecoders
Python Decoders for Common Remote Access Trojans
reading-notes
list some notes
scansio-sonar-splunk
Python scripts to download, parse, and enrich scans.io study data and load into Splunk for research, threat intelligence gathering, and security operations.
searchku
searchku 社工库
shadowsocks-heroku
一键部署,随处可用的 免费shadowsocks-heroku
signature-base
Signature base for my scanner tools
threat_intel-1
Threat Intelligence APIs
threat_note
DPS' Lightweight Investigation Notebook
uestc
关于你电的python库
wooyun-drops-all-articles-package
wooyun drops all article package
wooyun_public
乌云公开漏洞、知识库爬虫和搜索 crawl and search for wooyun.org public bug(vulnerability) and drops
wordbrutepress
Wordpress Brute Force Multithreading with standard and xml-rpc login
ZeroAccess
ZeroAccess v3 toolkit 著名网络木马ZeroAccess源代码