This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# bash generate random alphanumeric string | |
# | |
# bash generate random 32 character alphanumeric string (upper and lowercase) and | |
NEW_UUID=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1) | |
# bash generate random 32 character alphanumeric string (lowercase only) | |
cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import argparse | |
""" | |
Shiotob DGA | |
Generates domains for the Shiotob malware | |
- top level domains alternate between '.net' and '.com' | |
- domains are between 14 and 19 characters long | |
- domains consist of all letters and digits 123945 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import argparse | |
def get_domains(nr, how_many): | |
bases = { | |
1: { | |
'length': 7, | |
'tld': 'com', | |
'key': '1676d5775e05c50b46baa5579d4fc7', | |
'base': 0x45AE94B2 | |
}, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import argparse | |
from datetime import datetime | |
seed_const = 42 | |
days_period = 16 | |
nr_of_domains = 64 | |
third_lvl_min_len = 8 | |
third_lvl_max_len = 15 | |
class Rand: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
""" | |
generate domains according to: | |
- https://www.endgame.com/blog/malware-with-a-personal-touch.html | |
- http://www.rsaconference.com/writable/presentations/file_upload/br-r01-end-to-end-analysis-of-a-domain-generating-algorithm-malware-family.pdf | |
requires words1.txt and words2.txt | |
""" | |
import time | |
from datetime import datetime | |
import argparse |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import datetime, re, difflib | |
def k10(stack): | |
if len(stack) <= 1: | |
return | |
checkHashes, checkDuplicates, checkDelta, checkName = True, True, True, True | |
score, dCount, fCount, deltaScore, fnameScore, chainAverage = 65, 0, 0, 0, 0, 0 | |
duplicates, dChain, fChain, features = [], [], [], [ 'valid_filenames' ] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* Compile with: g++ -Wall –Werror -o shell shell.c */ | |
#include <stdio.h> | |
#include <stdlib.h> | |
#include <string.h> | |
#include <ctype.h> | |
#include <unistd.h> | |
#include <sys/types.h> | |
#include <sys/wait.h> |
NewerOlder