Skip to content
View guarismo's full-sized avatar
1 follower · 3 following

Achievements

Achievement: Pull SharkAchievement: YOLOAchievement: Arctic Code Vault Contributor

Achievements

Achievement: Pull SharkAchievement: YOLOAchievement: Arctic Code Vault Contributor

Block or report guarismo

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Pinned Loading

  1. Splunk searches Splunk searches
    1 
    New Scheduled Task created on Windows:
    2 
    
              
    
              
    
                3
                
    `source="XmlWinEventLog:Security" EventID=4698 | rex field=EventData_Xml "<Data Name='TaskName'>(?<task_name>.+)</Data>" | rex field=EventData_Xml "&lt;Command&gt;(?<command>.+)&lt;/Command&gt;" | rex field=EventData_Xml "&lt;Arguments&gt;(?<args>.+)&lt;/Arguments&gt;" | table  _time host src_user src_nt_domain task_name command args | fillnull value=NA`
    
              
    
              
    
                4
                
    
              
    
              
    
                5
                
    New Service created on Windows:
    
              
    
          
    
    
    
  
    

    2. 

      

  2. 
  
    
    
    
      
    
        
        Microsoft Sentinel Kusto Queries  Microsoft Sentinel Kusto Queries      
    

          
    
              
    
                1
                
    CheckPoint firewall name extractions
    
              
    
              
    
                2
                
    
              
    
              
    
                3
                
    ```
    
              
    
              
    
                4
                
    // Query to extract Checkpoint device names from logs
    
              
    
              
    
                5
                
    CommonSecurityLog
    
              
    
          
    
    
    
  
    

    3. 

      
  3. 
  
    
    
    
      
    
        
    
            
          ghostwriter-client  ghostwriter-client          Public
        
    
      
    


      
    
        Node.js GraphQL client for Ghostwriter penetration test reporting
      
    

      
    
          
  
  JavaScript


      
    
    
    
  
    

    4. 

      
  4. 
  
    
    
    
      
    
        
    
            
          guarismo.github.io  guarismo.github.io          Public
        
    
      
    


      
    
        My cyber security research blog
      
    

      
    
          
  
  CSS


      
    
    
    
  
    

    5. 

      
  5. 
  
    
    
    
      
    
        
    
            
          shodan-recon  shodan-recon          Public
        
    
      
    


      
    
        Comprehensive Shodan API wrapper for reconnaissance and asset discovery
      
    

      
    
          
  
  JavaScript


      
    
    
    
  
    

    6.