LZ HackingLZ
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://cloud.google.com/blog/topics/threat-intelligence/untangling-iran-apt42-operations/ | |
| import argparse | |
| import random | |
| import win32com.client | |
| def insert_digit(word, digit): | |
| pos = random.randint(1, len(word) - 1) | |
| return word[:pos] + digit + word[pos:] | |
| def generate_command(url, file_path): |
HackingLZ
/ nessus_report_download.py
Created
March 26, 2024 13:35
Download Nessus reports as CSV via API
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import time | |
| import os | |
| # Nessus API credentials and host | |
| nessus_url = "https://123.123.123.123:8834" | |
| access_key = "x" | |
| secret_key = "x" | |
| headers = { | |
| 'X-ApiKeys': f'accessKey={access_key}; secretKey={secret_key}', |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import argparse | |
| import random | |
| import re | |
| import requests | |
| import string | |
| import socket | |
| import xml.etree.ElementTree as ET | |
| def generate_random_username(min_length=7, max_length=16): | |
| length = random.randint(min_length, max_length) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import argparse | |
| import zipfile | |
| import os | |
| import re | |
| def modify_all_files_in_zip(zip_path, search_pattern, replace_with): | |
| temp_dir = 'temp_unzip' | |
| os.makedirs(temp_dir, exist_ok=True) | |
| with zipfile.ZipFile(zip_path, 'r') as zip_ref: |
HackingLZ
/ aws_convert.py
Last active
February 22, 2024 20:12
Convert AWS Key ID to AWS Account ID single/output csv
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python3 | |
| # https://trufflesecurity.com/blog/canaries | |
| import argparse | |
| import base64 | |
| import binascii | |
| import csv | |
| parser = argparse.ArgumentParser(description='Process AWS Key ID(s) to AWS Account ID(s)') | |
| parser.add_argument('-k', '--keyid', type=str, help='Single AWS Key ID to process') |
HackingLZ
/ cs_parse_encodingrules.py
Created
January 10, 2024 22:15
Parser for tweet https://twitter.com/banthisguy9349/status/1745039649750360459
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #https://twitter.com/banthisguy9349/status/1745039649750360459 | |
| import argparse | |
| import base64 | |
| import codecs | |
| from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes | |
| from cryptography.hazmat.backends import default_backend | |
| from os import urandom | |
| import urllib.request | |
| import hashlib | |
| import re |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <%@ page import="java.io.IOException, java.nio.file.*, java.nio.file.attribute.BasicFileAttributes, java.nio.file.attribute.FileTime" %> | |
| <html> | |
| <head> | |
| <title>File Move Stomp</title> | |
| </head> | |
| <body> | |
| <h1>File Move Example</h1> | |
| <form method="post"> | |
| <label for="inputFile">Input File Path:</label> | |
| <input type="text" name="inputFile" id="inputFile" required><br> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Original script and research by commial | |
| ### https://github.com/commial/experiments/tree/master/windows-defender | |
| ### Set LUADec_Path to binary | |
| ### https://github.com/viruscamp/luadec | |
| import struct | |
| import argparse | |
| import sys | |
| import os | |
| import io | |
| import subprocess |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import csv | |
| import requests | |
| import argparse | |
| from bs4 import BeautifulSoup | |
| from colorama import Fore, Style, init | |
| init(autoreset=True) | |
| known_security_vendors = [ | |
| 'symantec', 'mcafee', 'trendmicro', 'kaspersky', 'bitdefender', |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python3 | |
| import re | |
| import zipfile | |
| import argparse | |
| from urllib.parse import urlparse | |
| from colorama import Fore, Style, init | |
| init() |
NewerOlder