Skip to content

Instantly share code, notes, and snippets.

DiabloHorn DiabloHorn

Block or report user

Report or block DiabloHorn

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@DiabloHorn
DiabloHorn / poc_client.py
Created Apr 9, 2017
Client part of IP whitelist bypass POC
View poc_client.py
#!/usr/bin/env python
"""
DiabloHorn - https://diablohorn.com
POC client on 'infected' machines to receive injected packets
intended to bypass IP whitelisting
"""
import sys
import time
import socket
from threading import Thread
@DiabloHorn
DiabloHorn / poc_server.py
Created Apr 9, 2017
Server part of IP whitelist bypass POC
View poc_server.py
#!/usr/bin/env python
"""
DiabloHorn - https://diablohorn.com
POC server to inject packets towards 'infected' machine
intended to bypass IP whitelisting
"""
import time
import socket
from scapy.all import *
View xprotect-brute-js.user.js
// ==UserScript==
// @name xprotect-brute-js
// @namespace ns-xprotect-brute-js
// @description Brute force Milestone XProtect Web Client
// @include http://localhost:8081/index.html
// @version 1
// @grant none
// ==/UserScript==
//DiabloHorn - https://diablohorn.com
var foundcreds = 0;
View xprotect-brute.py
#!/usr/bin/env python
"""
DiabloHorn - https://diablohorn.com
Brute force the Milestone XProtect Web Client interface
python xprotect-brute.py http://127.0.0.1:8081/XProtectMobile/Communication --userlist u.txt --pwdlist p.txt --httpproxy http://127.0.0.1:9090
"""
import sys
import base64
import argparse
@DiabloHorn
DiabloHorn / Makefile.target
Created Dec 12, 2017
Reference files to expose a QEMU guest memory
View Makefile.target
# -*- Mode: makefile -*-
BUILD_DIR?=$(CURDIR)/..
include ../config-host.mak
include config-target.mak
include config-devices.mak
include $(SRC_PATH)/rules.mak
$(call set-vpath, $(SRC_PATH):$(BUILD_DIR))
View file_processor.py
#!/usr/bin/env python
#DiabloHorn - https://diablohorn.com
import sys
import os
import csv
import argparse
import shutil
try:
import magic
@DiabloHorn
DiabloHorn / ChangePassword.java
Created Jan 23, 2018 — forked from zach-klippenstein/ChangePassword.java
The keystore password on Java keystore files is utterly pointless. You can reset it without knowing it, as shown by this code. Note that private keys are still secure, as far as I know. The JKS implementation is copyright Casey Marshall (rsdio@metastatic.org), and the original source is available at http://metastatic.org/source/JKS.java. I've in…
View ChangePassword.java
import java.util.*;
import java.io.*;
import java.security.*;
public class ChangePassword
{
private final static JKS j = new JKS();
public static void main(String[] args) throws Exception
{
@DiabloHorn
DiabloHorn / whitelist_finder.py
Created Feb 18, 2018
Identify whitelisted IP addresses using spoofing techniques in conjunction with arp poisoning
View whitelist_finder.py
#!/usr/bin/env python
#DiabloHorn - https://diablohorn.com
#Find whitelisted IP addresses on a network & application level
import sys
import logging
import threading
import argparse
from scapy.all import *
@DiabloHorn
DiabloHorn / mass_analysis_jar.sh
Created Jun 11, 2018
Decompile multiple jar files for analysis
View mass_analysis_jar.sh
#!/bin/bash
#DiabloHorn - https://diablohorn.com
#easy opengrok analysis of all decompiled source
# sudo docker run -v /home/me/Desktop/libanalysis/srces:/src -p 9000:8080 itszero/opengrok
# http://localhost:9000/source/
OUTPUTDIR="srces"
DECOMPATH="/home/me/tools/javadecomp"
DECOMBIN="cfr_0_130.jar"
@DiabloHorn
DiabloHorn / pe-aware-split.py
Created Nov 12, 2017
Split file while preserving PE format
View pe-aware-split.py
#!/usr/bin/env python
# DiabloHorn https://diablohorn.com
# blank out bytes taking into account the PE file format
# input file: base64 malware.exe | rev > enc.txt
import sys
import os
#pip install pefile
import pefile
import argparse
import logging
You can’t perform that action at this time.