Skip to content

Instantly share code, notes, and snippets.

BeanBagKing /
Last active April 2, 2023 05:54
Returns an English letter frequency score for command line logs.
# Article reference:
import urllib
import httplib2
from xml.dom import minidom
import math
baseurl = 'https://<domain>'
BeanBagKing / 1105.csv
Created March 9, 2021 17:20
1105 Media Inc. Pi-Hole Blacklist
View 1105.csv
We can make this file beautiful and searchable if this error is corrected: No commas found in this CSV file in line 0.
# 1105 MEDIA INC. Blacklist
View gist:71375f9548ae896a0cf4cc2f7ba6e759
apt install cowsay fortune lolcat
while true; do fortune | cowsay -f `find /usr/share/cowsay/cows/ -type f | sort -R | head -n1` | lolcat -a -s 75; sleep 2; done
Kali version:
clear; while true; do /usr/games/fortune | /usr/games/cowsay -f `find /usr/share/cowsay/cows/ -type f | sort -R | head -n1` | /usr/games/lolcat -a -s 75; sleep 2; clear; done
Credit @jeffmcjunkin
View .bashrc
# ~/.bashrc: executed by bash(1) for non-login shells.
# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
# for examples
# If not running interactively, don't do anything
[ -z "$PS1" ] && return
# don't put duplicate lines in the history. See bash(1) for more options
# ... or force ignoredups and ignorespace
BeanBagKing /
Created January 20, 2017 03:17
diffi - Better diff output script
# diffi - Better diff output script
# BeanBagKing -
# If both arguments aren't given, print help text
if [ -z $1 ] || [ -z $2 ]; then
echo "Usage: `basename $0` [OLD] [NEW]"
exit 1
BeanBagKing / john_help.txt
Created November 8, 2016 18:53
John Help Documentation
View john_help.txt
root@kali:~# john -h
John the Ripper password cracker, version [linux-x86-64-avx]
Copyright (c) 1996-2015 by Solar Designer and others
--single[=SECTION] "single crack" mode
--wordlist[=FILE] --stdin wordlist mode, read words from FILE or stdin
--pipe like --stdin, but bulk reads, and allows rules
--loopback[=FILE] like --wordlist, but fetch words from a .pot file
BeanBagKing / hashcat_help.txt
Created November 8, 2016 18:52
Hashcat Help Documentation
View hashcat_help.txt
hashcat64.exe -a 0 -w 0 -m 1000 -r rules/lmNTLM.rule hashes/ntlm.txt lists/lab.txt
hashcat64.exe -a 0 -w 1 -m 1800 hashes/unixmd5.txt lists/rockyou.txt
hashcat64.exe -a 3 -w 1 -m 1800 --increment ?a?a?a?a?a hashes/unixmd5.txt
C:\hashcat-3.10>hashcat64.exe -h
hashcat, advanced password recovery
Usage: hashcat [options]... hash|hashfile|hccapfile [dictionary|mask|directory]...
BeanBagKing /
Created October 28, 2016 15:52
Combines multiple pcaps, extracts and decodes TCP streams.
# Takes multiple pcap files (packet*.pcap) and...
### Combines them into one pcap (combined.pcap)
### Detects the number of TCP streams
### For each stream, converts it to ascii and stores them in order in a file (encoded_streams.txt)
### Converts URL (percent encoded) values to plaintext equivalent (decoded_streams.txt)
# Run this in the same directory as your packet*.pcap files
BeanBagKing /
Created October 20, 2016 15:26
Takes a URL encoded file (such as a TCP stream) and decodes it.
import urllib
fin = open("urlencoded.txt")
fout = open("urldecoded.txt", "wt")
for line in fin:
BeanBagKing /
Last active April 24, 2021 16:42
Hunting One Liners
# Linux - Look for attempts to hide files (note the spaces)
find / \( -name '. ' -o -name '.. ' -o -name '...' -o -name ' ' \)
# Linux - Find last 20 modified files
### Excluded directoreis for /proc, /sys
### Excludes /tmp/sort* as these are used by this process
##### Exclude directory - find . -type d \( -path dir1 -o -path dir2 -o -path dir3 \) -prune -o -print
find / -type d \( -path /proc -o -path /sys \) -prune -o -print -type f ! -wholename "/tmp/sort*" -exec stat --format '%Y :%y %n' "{}" \; | sort -nr | cut -d: -f2- | head
# Find 20 largest files