Skip to content

Instantly share code, notes, and snippets.

@DiabloHorn
DiabloHorn / pyrawcap.py
Created Mar 9, 2017
Python sniffer using only raw sockets
View pyrawcap.py
#!/usr/bin/env python
#DiabloHorn https://diablohorn.com
#raw python pcap creater
#based on
# http://askldjd.com/2014/01/15/a-reasonably-fast-python-ip-sniffer/
#additional references
# http://www.kanadas.com/program-e/2014/08/raw_socket_communication_on_li.html
import sys
import time
@DiabloHorn
DiabloHorn / pe-aware-split.py
Created Nov 12, 2017
Split file while preserving PE format
View pe-aware-split.py
#!/usr/bin/env python
# DiabloHorn https://diablohorn.com
# blank out bytes taking into account the PE file format
# input file: base64 malware.exe | rev > enc.txt
import sys
import os
#pip install pefile
import pefile
import argparse
import logging
@DiabloHorn
DiabloHorn / mass_analysis_jar.sh
Created Jun 11, 2018
Decompile multiple jar files for analysis
View mass_analysis_jar.sh
#!/bin/bash
#DiabloHorn - https://diablohorn.com
#easy opengrok analysis of all decompiled source
# sudo docker run -v /home/me/Desktop/libanalysis/srces:/src -p 9000:8080 itszero/opengrok
# http://localhost:9000/source/
OUTPUTDIR="srces"
DECOMPATH="/home/me/tools/javadecomp"
DECOMBIN="cfr_0_130.jar"
@DiabloHorn
DiabloHorn / docker-compose.yaml
Last active May 1, 2020
docker compose to run elasticsearch and kibana
View docker-compose.yaml
# Thank you @donnymaasland for this file
# memo to self:
# sudo docker-compose up
version: "3"
services:
elasticsearch:
image: elasticsearch:7.6.2
ports:
- 9200:9200
@DiabloHorn
DiabloHorn / ipless-scan.py
Created Oct 26, 2017
Perform a port scan without having an IP configured on your network interface
View ipless-scan.py
#!/usr/bin/env python
# DiabloHorn - https://diablohorn.com
# scan target IP from an interface with no IP configured
# POC - scapy
# pkt = Ether(dst='00:0c:29:f6:a5:65',src='00:08:19:2c:e0:15') / IP(dst='172.16.218.178',src='172.16.218.255') / TCP(dport=445,flags='S')
# sendp(pkt,iface='eth0')
import sys
from scapy.all import *
View xprotect-brute.py
#!/usr/bin/env python
"""
DiabloHorn - https://diablohorn.com
Brute force the Milestone XProtect Web Client interface
python xprotect-brute.py http://127.0.0.1:8081/XProtectMobile/Communication --userlist u.txt --pwdlist p.txt --httpproxy http://127.0.0.1:9090
"""
import sys
import base64
import argparse
@DiabloHorn
DiabloHorn / example-plugin-logging.py
Created Feb 28, 2021
Example base class to build plugins with logging
View example-plugin-logging.py
# Example minimalistic plugin framework
# https://www.guidodiepen.nl/2019/02/implementing-a-simple-plugin-framework-in-python/
import logging
class BasePlugin(object):
"""
Example class just to remember about logging stuff
We want to override the default formatting of the main logger,
without removing it alltogether