impfuzzy

Import APIとFuzzy Hashingでマルウエアを分類する ~impfuzzy~

 
■インストール
sudo apt-get install python-dev libfuzzy-dev
sudo pip install pefile
sudo apt-get install ssdeep
 
 
 
cd aa-tools/impfuzzy/pyimpfuzzy/
 
sudo python setup.py install

 

ioc-parser

Tool to extract indicators of compromise from security reports in PDF format
https://github.com/armbues/ioc-parser

$ ./ioc-parser.py -i pdf -o yara waterbug-attack-group.pdf
rule waterbug_attack_group
{
strings:
$Filename1 = "NDProxy.sys"
$CVE1 = "CVE-2013-5065"
$CVE2 = "CVE-2013-3346"
$CVE3 = "CVE-2013-5065"
$Filepath1 = "C:\\windows\\temp\\wincpt.bat"
$Filename2 = "wincpt.bat"
$Filename3 = "cmd.exe"
$Filename4 = "wincpt.bat"
$Filename5 = "Down.dll"
$URL1 = "http://image.servepics.com/css"
$URL2 = "http://www.pinlady.net/PluginDetectArchive/0.8.5/download"
$Filename6 = "jquery.min.js"
$Host1 = "image.servepics.com"
$Host2 = "www.pinlady.net"
$MD51 = "764d67a1dcb2449e2aa6dc3e59a5265f"
$MD52 = "bd07a78793641dc85cf75dc60c06051a"
$IP1 = "11.8.800.94"
$IP2 = "11.0.0.0"
$IP3 = "1.7.0.51"
$IP4 = "12.0.0.41"
$IP5 = "1.7.0.51"
$Host3 = "image.servepics.com"
$Host4 = "image.servepics.com"

[task] redmine インストール

$ sudo apt-get update
$ sudo apt-get install git
$ sudo apt-get install subversion
$ sudo apt-get install ruby
$ sudo apt-get install jruby
$ sudo apt-get install ruby-dev
$ sudo apt-get install ImageMagick
$ sudo apt-get install libmagickwand-dev
$ sudo gem install rmagick
$ sudo apt-get install rails
$ sudo apt-get install -y mysql-server mysql-client
$ git clone https://github.com/redmine/redmine
$ mysql -u root
    
create database redmine character set utf8; create user 'redmine'@'localhost' identified by 'my_password'; grant all privileges on redmine.* to 'redmine'@'localhost';
$ cd ./redmine/config/ $ cp database.yml.example database.yml $ sudo gem install bundler $ cd .. $ sudo apt-get install libmysqlclient-dev $ sudo gem install mysql2 $ bundle install --without development test $ rake generate_secret_token $ RAILS_ENV=production rake db:migrate $ RAILS_ENV=production rake redmine:load_default_data $ ruby bin/rails server webrick -e production

[KANBAN] taiga

$ git clone https://github.com/taigaio/taiga-scripts.git
$ cd taiga-scripts
$ cd scripts
$ vi setup-postgresql.sh

変更前

postgresql-9.3 postgresql-contrib-9.3 \
postgresql-doc-9.3 postgresql-server-dev-9.3

変更後

postgresql postgresql-contrib \
postgresql-doc postgresql-server-dev-9.4

$ bash setup-server.sh

[KANBAN] kanban-listのインストール

git clone https://github.com/volpe28v/kanban-list
sudo apt-get install bundler
sudo apt-get install libpq-dev
sudo gem install pg
sudo apt-get install libsqlite3-dev
sudo gem install sqlite3
bundle
rake db:migrate
rails s