Ben Reardon

icon indicating a website link https://datavizcomau.wordpress.com/

icon company Ben Reardon icon location Australia icon location Ben Reardon. Engineer, Data Visualisation, InfoSec, Research, Innovation. Unless noted, these repos are personal creations, not related to an employer.

Results 3 comments of Ben Reardon
trafficstars

Parses wrong payload IP

One thought is to look at splitting the payload from the right to left. eg if we split on the last '/' in /Exploit and take the second to last...

Parses wrong payload IP

Another thought is to use a split on a regex that caters for working exploits and the potentially not working edge case, something like: local tmp = split_string(s, /\/\/|\:\/[0-9]{0,3}\.[0-9]{0,3}\.[0-9]{0,3}\.[0-9]{0,3}/); Again,...

add id_orig_h and id_resp_h to log4j.log

I went through a triage exercise yesterday and can confirm that if we had these fields in log4j.log, it would make triage and hunting easier, missing them slowed me down.