I hereby claim:
- I am ca0s on github.
- I am ca0s (https://keybase.io/ca0s) on keybase.
- I have a public key whose fingerprint is 934E ACB3 C857 033B 6692 6307 0DCC 241E 962D D18C
To claim this, I am signing this object:
ca0s
/ keybase.md
Created
September 30, 2014 18:29
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/env python2 | |
| # quick'n dirty http file transfer connection hanging | |
| # ca0s @ ka0labs.net | |
| import argparse | |
| import socket | |
| import sys | |
| httpquery = ('''POST %s HTTP/1.1 |
ca0s
/ trafficmap.py
Created
March 10, 2016 20:11
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python2 | |
| # ca0s {at} ka0labs.net | |
| # do something like this to get a proper input file. replace "1" with the position of the client's ip | |
| # $ cat access.log | cut -d' ' -f 1 | sort | uniq -c | sort | |
| # map.png is any world map. i use https://www.ka0labs.net/ca0s/b/map.png | |
| # example outputs at | |
| # https://www.ka0labs.net/ca0s/b/traffic.png | |
| # https://www.ka0labs.net/ca0s/b/traffic2.png |
ca0s
/ afl_pipe2sock.py
Created
September 4, 2017 07:39
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python2 | |
| # ca0s @ ka0labs.net | |
| # make AFL write to a FIFO file, relay it to your server's socket | |
| import argparse | |
| import socket | |
| import select | |
| import sys | |
| import os |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python2 | |
| import argparse | |
| import olefile | |
| import struct | |
| import sys | |
| def parse_objdata(obj): | |
| cobj = obj.lstrip('\\') | |
| cobj = cobj.lstrip("objdata ") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import argparse | |
| import re | |
| import os | |
| from concurrent.futures import ThreadPoolExecutor, as_completed | |
| def regex(s): | |
| try: |
ca0s
/ cobaltstrikeparser.py
Created
September 10, 2019 08:49
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Parses a cobalt strike config dump. Feed it a file containing | |
| # a memory dump which starts with the config. | |
| import struct | |
| import sys | |
| def _read_short(data, index): | |
| return struct.unpack('>H', data[index : index + 2])[0] | |
| def _read_int(data, index): |
ca0s
/ http-screenshot.nse
Created
October 29, 2019 10:12
A slightly improved version of nmap's http-screenshot.nse
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| local shortport = require "shortport" | |
| local stdnse = require "stdnse" | |
| description = [[ | |
| Gets a screenshot from a Web service using webshot.js, a nodejs/puppeteer script. | |
| It can be used with IVRE. | |
| ]] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from concurrent.futures import ThreadPoolExecutor, as_completed | |
| from pythonwhois import get_whois | |
| from ipwhois import IPWhois | |
| import argparse | |
| import socket | |
| import re | |
| # naive but will suffice | |
| ip_re = re.compile(r'\d+\.\d+\.\d+\.\d+') |
ca0s
/ simports.py
Created
October 31, 2019 09:44
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import socket | |
| import signal | |
| import logging | |
| import sys | |
| logging.basicConfig() | |
| log = logging.getLogger("portsim") | |
| log.setLevel(logging.INFO) | |
| ports = list(range(2000, 2200)) |
OlderNewer