new blog post, start of a malware development project (not published yet)
This commit is contained in:
parent
cd03cf1e1a
commit
51e3323e1a
40
content/posts/basic-javascript.md
Normal file
40
content/posts/basic-javascript.md
Normal file
|
@ -0,0 +1,40 @@
|
|||
+++
|
||||
title = 'Learning basic JavaScript with Obsidian'
|
||||
date = "2024-10-08"
|
||||
updated = 2024-10-08
|
||||
[taxonomies]
|
||||
tags = ['programming', 'Obsidian', 'JavaScript']
|
||||
+++
|
||||
|
||||
For a little while now, I have been using Obsidian for my note taking .✍️. So far, it's been great: I love the Neovim-support, the idea and use of backlinks, the different ways in which you can arrange and use the sidepanes, adding custom states to tasks.
|
||||
|
||||
As I started using Obsidian more and more, especially for my work as a SOC security analyst, I started wondering if I could 'stay' in Obsidian as much as possible, even including things like hour sheets into my workflow. I was happy to find this offline, fast and intuitive plugin, [ObsidianSimpleTimeTracker](https://github.com/Ellpeck/ObsidianSimpleTimeTracker). Incorporating this into my daily notes with a simple template, I am able to open my Obsidian vault, create a new daily note (which is automatically given the current date as the file name) and start recording my hours per task and project ⏰. Great!
|
||||
|
||||
There was one thing missing though, something you definitely need when tracking hours: an overview. Of course I could sift through all the daily notes, but maybe I could create a dynamic overview of the hours worked per project per day somehow? The [Github-repo of ObsidianSimpleTimeTracker](https://github.com/Ellpeck/ObsidianSimpleTimeTracker#-tracker-data-in-dataview) has a handy example of how to load time tracker data in your vault and print the duration. I just had to rework this example to fit my needs. How hard could it be?
|
||||
|
||||
First off, I don't know any JavaScript 🙈. It's a gap in my (beginner) programming skill set I hope to fill one day. But for the moment, I had nothing to go off, but to think of how I would solve this problem in a language I am more familiar with, like Python 🐍. After a few days of fiddling around, I got stuck on a for loop issue. I was able to iterate through the entries (duration of tracked work) and entry names (name given to tracked work, like a project) of each tracker in my daily notes.
|
||||
|
||||
But for some reason, I **wasn't** able to do both after each other ➰. Finally, I found a solution: I had to do both at the same time 🙃 Basically, I found an answer without understanding the answer 💢. But, for the time being, a quick and dirty solution to my very personal problem is good enough. As I start learning JavaScript, I could reinvestigate this script further. For now, here is the code I have, which I still have to edit [per the very nice and helpful comments the creator of the ObsidianSimpleTimeTracker-plugin gave me](https://github.com/Ellpeck/ObsidianSimpleTimeTracker/issues/58).
|
||||
|
||||
The next thing would be to build this out to a neat table, to actually give the overview that I want (this still produces a list that is too long). There's always room for improvement 👷.
|
||||
|
||||
```js
|
||||
let api = dv.app.plugins.plugins["simple-time-tracker"].api;
|
||||
|
||||
for(let page of dv.pages('#tijd-bijhouden').sort(p => p.file.name, 'desc')) {
|
||||
// load trackers in the file with the given path
|
||||
|
||||
let trackers = await api.loadAllTrackers(page.file.path);
|
||||
|
||||
if (trackers.length)
|
||||
dv.el("strong", "Trackers in: " + page.file.name);
|
||||
|
||||
for (let {section, tracker} of trackers) {
|
||||
let number_of_trackers = trackers.entries.length;
|
||||
for (let i = 0; i < alltrackers; i++) {
|
||||
if (tracker.entries[i])
|
||||
dv.el('p', 'doel: ' + tracker.entries[i]['name'] + '<br>' + 'tijdsduur: ' + api.formatDuration(api.getDuration(tracker.entries[i])))
|
||||
}
|
||||
}
|
||||
}
|
||||
```
|
20
content/projects/malware-development.md
Normal file
20
content/projects/malware-development.md
Normal file
|
@ -0,0 +1,20 @@
|
|||
+++
|
||||
title = "Malware development"
|
||||
description = "Example description with a lot of words but without any meaning. Why use lorem ipsum when you can just write a lot of text that has no underlying meaning?"
|
||||
weight = 1
|
||||
updated = 2024-09-29
|
||||
[extra]
|
||||
remote_image = "https://images.unsplash.com/photo-1620121692029-d088224ddc74?ixlib=rb-4.0.3&ixid=MnwxMjA3fDB8MHxwaG90by1wYWdlfHx8fGVufDB8fHx8&auto=format&fit=crop&w=1632&q=80"
|
||||
+++
|
||||
|
||||
**This is a work in progress! Here I hope to organize learnings from various malware development series and courses I am currently taking.
|
||||
|
||||
# Where to place your payload
|
||||
|
||||
This table showcases possible places to put your payload within a PE file with notes about the section and why to place a payload there.
|
||||
|
||||
| section name | purpose | reason(s) to store payload |
|
||||
|--------------|---------|----------------------------|
|
||||
| `.data` | contains initialized global <br> and static variables | section is readable and writable, <br> making it suited for an encrypted payload |
|
||||
| `rdata` | ? | ? |
|
||||
|
|
@ -1,25 +0,0 @@
|
|||
+++
|
||||
title = "Flask SOC site"
|
||||
description = "A Python-powered Flask website to look up domains, URLs and IP addresses."
|
||||
weight = 1
|
||||
updated = 2024-09-12
|
||||
[extra]
|
||||
remote_image = "https://code.joostagterhoek.nl/joost/flask-soc-site/media/branch/main/screenshots/screenshot-flask-soc-site-2024-09-06.jpg"
|
||||
# link_to = "https://code.joostagterhoek.nl/joost/flask-soc-site"
|
||||
+++
|
||||
|
||||
This is a 🐍 Python project to build a one-page website that aims to help a security operations center (SOC) analyst. You will be able to enter a host (URL, IP address, email address) and look up security-relevant information. This includes:
|
||||
|
||||
- 🪳 [VirusTotal](https://virustotal.com) and [AbuseIPDB](https://abuseipdb.com) results on a URL, domain name or IP (v4 and v6) address (🔴 color-coded undetected, harmless and malicious results)
|
||||
- 📧 DMARC and SPF information on domain names (also from URLs and email addresses).
|
||||
- ✍️ Generic domain registration information.
|
||||
|
||||
This is done with (among others) the following Python-modules:
|
||||
|
||||
| module | purpose | usage |
|
||||
|--------------|--------------------------------------------------------|----------------------------------------|
|
||||
| `flask` | lightweight WSGI web application framework | development server |
|
||||
| `Datatables` | JavaScript HTML table enhancing library | organizing and coloring lookup results |
|
||||
| `requests` | HTTP library | query VirusTotal- and AbuseIPDB-APIs |
|
||||
| `checkdmarc` | Python module for validating SPF and DMARC DNS records | look up SPF and DMARC records |
|
||||
|
|
@ -1,24 +0,0 @@
|
|||
+++
|
||||
title = "CLI host lookup"
|
||||
description = "A command-line interface tool to look up hosts (IP address, URL, domain and email address) and provide information relevant to security analysts (registrar information, SPF/DMARC records, VirusTotal and AbuseIPDB results). "
|
||||
weight = 1
|
||||
updated = 2024-09-02
|
||||
[extra]
|
||||
# You can also crop the image in the url by adjusting w=/h=
|
||||
remote_image = "https://code.joostagterhoek.nl/joost/cli-lookup/media/branch/main/assets/imgs/README_2024-09-02_14-40-00.png"
|
||||
+++
|
||||
|
||||
This is a 🐍 Python project to build a command-line interface application that aims to help a security operations center (SOC) analyst. You are able to enter a host (URL, IP address, email address) and look up security-relevant information. This includes:
|
||||
|
||||
- 📧 DMARC and SPF information on domain names (also from URLs and email addresses).
|
||||
- ✍️ Generic domain registration information.
|
||||
|
||||
This is done with (among others) the following Python-modules:
|
||||
|
||||
| module | purpose | usage |
|
||||
|--------------|--------------------------------------------------------|----------------------------------------|
|
||||
| `rich` | library for writing rich text to the terminal | display and color lookup results |
|
||||
| `tqdm` | wraps any iterable and displays a smart progress bar | display progress for multiple lookups |
|
||||
| `requests` | HTTP library | query VirusTotal- and AbuseIPDB-APIs |
|
||||
| `checkdmarc` | Python module for validating SPF and DMARC DNS records | look up SPF and DMARC records |
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
+++
|
||||
title = "Project 3"
|
||||
description = "Example description"
|
||||
weight = 1
|
||||
|
||||
[extra]
|
||||
remote_image = "https://images.unsplash.com/photo-1462556791646-c201b8241a94?ixlib=rb-4.0.3&ixid=MnwxMjA3fDB8MHxwaG90by1wYWdlfHx8fGVufDB8fHx8&auto=format&fit=crop&w=1465&q=80"
|
||||
+++
|
||||
|
||||
Example project page
|
|
@ -1,10 +0,0 @@
|
|||
+++
|
||||
title = "Project 4"
|
||||
description = "Example description with a lot of words but without any meaning. Why use lorem ipsum when you can just write a lot of text that has no underlying meaning?"
|
||||
weight = 1
|
||||
|
||||
[extra]
|
||||
remote_image = "https://images.unsplash.com/photo-1620121692029-d088224ddc74?ixlib=rb-4.0.3&ixid=MnwxMjA3fDB8MHxwaG90by1wYWdlfHx8fGVufDB8fHx8&auto=format&fit=crop&w=1632&q=80"
|
||||
+++
|
||||
|
||||
Example project page
|
Loading…
Reference in New Issue
Block a user