atucom
/ outlier.py
Last active
October 29, 2018 23:18
This returns the files in the current directory that are statistical outliers in terms of file size
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ | |
| @atucom | |
| This returns the files in the target directory that are | |
| statistical outliers in terms of file size | |
| This is useful in the quest for finding target data. | |
| """ | |
| from __future__ import division | |
| import argparse | |
| import sys |
atucom
/ loldongs.py
Created
July 18, 2018 23:23
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| """ LOLDONGS Encoding | |
| This converts data into a series of ASCII dicks. | |
| Because with great power, comes great responsibility. | |
| """ | |
| import argparse | |
| import sys | |
| def encode(inputData): |
atucom
/ gist:1a3b5850c8a63ab74f3d72d8861d80c8
Created
March 19, 2018 20:03
Chop off subdomains from an FQDN
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| #pip3 install tldextract | |
| #Hostnames listed one/line in supplied file | |
| #@atucom | |
| with open('ips.txt.ssl_and_dns.hostnames') as f: | |
| hostnames = f.readlines() | |
| for hostname in hostanmes: | |
| domain = tldextract.extract(hostname) | |
| print(domain.registered_domain) |
atucom
/ ipconvert.py
Created
March 19, 2018 15:16
converts 1.1.1.1-1.1.1.4 notation into individual IPs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| #pip3 install iptools | |
| #converts 1.1.1.1-1.1.1.4 notation into individual IPs | |
| #@atucom | |
| import iptools | |
| with open('ips.txt') as f: | |
| lines = f.readlines() | |
| for line in lines: | |
| if '-' in line: | |
| iprange = line.split('-') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # Written by @Atucom | |
| # This exploits the Vmware Vcenter Remote code execution vulnerability | |
| import argparse | |
| import sys | |
| import logging | |
| import requests | |
| try: |
atucom
/ gist:9c4886f65185944816110990bba9f0a5
Created
July 5, 2017 19:15
Top Ingredients for Homechef
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| The following are the top 100 ingredients as scraped from Homechef's website: | |
| 178 Garlic Cloves | |
| 154 Butter | |
| 115 Shallot | |
| 106 Boneless Skinless Chicken Breasts | |
| 99 Green Onions | |
| 88 Grape Tomatoes | |
| 73 Lemon | |
| 70 Liquid Egg | |
| 65 Red Onion |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Written by John Mocuta (@atucom) with help from Jared McLaren (@jared_mclaren) | |
| #This Burp Plugin allows the user to load many Raw IPs at once without Burp automatically | |
| #adding regexes or modying them in any way. | |
| #Import Burp Objects | |
| from burp import IBurpExtender, IHttpListener, IBurpExtenderCallbacks, ITab | |
| #Import Python Objects | |
| import json |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| #convert a supplied public key to a private key | |
| #This assumes a reasonably weak key length otherwise the loop will do math longer than you'll want to wait. | |
| #@atucom | |
| #you can test this with: | |
| # openssl genrsa -out rsakey_56bit.priv 56 | |
| # openssl rsa -in rsakey_56bit.priv -out rsakey_56bit.pub -outform PEM -pubout | |
| # echo '123456' | openssl rsautl -encrypt -raw -pubin -inkey rsakey_56bit.pub > rsakey_56bit.123456.encrypted | |
| # ruby pub2priv.rb rsakey_56bit.pub | tee pub2priv.generatedpriv | |
| # openssl rsautl -decrypt -in rsakey_56bit.123456.encrypted -keyform PEM -inkey pub2priv.generatedpriv -raw | xxd |
atucom
/ burpiploader.py
Created
July 27, 2016 20:54
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| #@atucom | |
| #this script takes in a one-per-line file of IPs and adds it to Burp without any stupid regexes | |
| # This mimics the same thing as hitting the "add" button in the Scope tab | |
| # to load the resultant file, you need to go to the Scope tab, hit the little gear button in the | |
| # top left and click "load settings", choose the jsonout.txt file and rejoice. | |
| import sys | |
| import json | |
| basejson = """ | |
| { |
atucom
/ dcept-fingerprint.rb
Created
March 7, 2016 19:34
super simple fingerprinter for DCEPT cred serving server
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| #Fingerprints SecureWorks DCEPT | |
| #@atucom | |
| require 'net/http' | |
| require 'json' | |
| if ARGV.empty? | |
| puts "Fingerprints destination HTTP service for DCEPT" | |
| puts "\t Usage: #{$0} IP[:port] " |