Chris (stof) Langton chrisdlangton
chrisdlangton
/ waybacksploit.sh
Last active
July 8, 2022 21:18
The real dark web - find and exploit forgotten files on servers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| if [ -z $(which retire) ]; then | |
| echo "retire not found. try npm install -g retire" | |
| exit 1 | |
| fi | |
| if [ -z $(which parallel) ]; then | |
| echo "parallel not found. try 'apt install -y parallel'" | |
| exit 1 | |
| fi |
chrisdlangton
/ cloud_metadata.txt
Created
July 5, 2022 00:31
— forked from jhaddix/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## AWS | |
| # from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
| http://169.254.169.254/latest/user-data | |
| http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/ami-id | |
| http://169.254.169.254/latest/meta-data/reservation-id | |
| http://169.254.169.254/latest/meta-data/hostname | |
| http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key |
chrisdlangton
/ cose_lookup.js
Created
July 16, 2021 07:48
Lookups for CBOR Object Signing and Encryption (COSE) used in WebAuthn
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** https://tools.ietf.org/id/draft-ietf-cose-webauthn-algorithms-03.html */ | |
| const COSE_Key_Types = [ | |
| void 0, | |
| 'OKP, Octet Key Pair - Elliptic Curve', | |
| 'EC2, Elliptic Curve Keys w/ x- and y-coordinate pair', | |
| 'RSA, RSA Key', | |
| 'Symmetric, Symmetric Keys', | |
| 'HSS-LMS, Public key for HSS/LMS hash-based digital signature', | |
| 'WalnutDSA, WalnutDSA public key', | |
| ] |
chrisdlangton
/ proxy_download_to_file.js
Last active
June 5, 2021 14:45
Node.js 14 download to file via proxy
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require('dotenv').config() | |
| const { URL } = require('url'); | |
| const http = require('http') | |
| const https = require('https') | |
| const yaml = require('js-yaml') | |
| const fs = require('fs') | |
| const config = yaml.load(fs.readFileSync(process.env.CONFIG_FILE, 'utf8')) | |
| const download_to_file = (url, dest_path, callback) => { | |
| const file = fs.createWriteStream(dest_path) |
chrisdlangton
/ .gitconfig
Last active
March 15, 2021 22:43
git-secrets for GCP Terraform Kube Ruby Python Linux etc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [secrets] | |
| providers = git secrets --aws-provider | |
| patterns = (A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16} | |
| patterns = (\"|')?(AWS|aws|Aws)?_?(SECRET|secret|Secret)?_?(ACCESS|access|Access)?_?(KEY|key|Key)(\"|')?\\s*(:|=>|=)\\s*(\"|')?[A-Za-z0-9/\\+=]{40}(\"|')? | |
| patterns = (\"|')?(AWS|aws|Aws)?_?(ACCOUNT|account|Account)_?(ID|id|Id)?(\"|')?\\s*(:|=>|=)\\s*(\"|')?[0-9]{4}\\-?[0-9]{4}\\-?[0-9]{4}(\"|')? | |
| allowed = AKIAIOSFODNN7EXAMPLE | |
| allowed = wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY | |
| patterns = private_key | |
| patterns = client_email | |
| patterns = private_key_id |
chrisdlangton
/ managed_dns.py
Last active
March 8, 2021 13:49
List of managed dns providers - WAF, Firewall, DDOS protection, CDN, Anti-bots, Anti-spam
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| The following python list of tuples is in the form of; | |
| (<url_segment>, <provider_name>, <ns_ignore_list>) | |
| url_segment: str = a substring match, can be of prefix suffic or any substring | |
| provider_name: str = human friendly name of the provier | |
| ns_ignore_list: list(str) = a list of url_segment substrings used to identify if the NS lookup is | |
| always going to be a match, useful when checking for provider customers | |
| usage of the service and excluding obligatory references to minimise | |
| double counting an single usage | |
| """ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # script to check website status (online/ofline) | |
| while read site | |
| do | |
| if wget -p "$site" -O /dev/null &>/dev/null; then | |
| echo "$site is up" | |
| else | |
| # action to do if website offline | |
| echo "[$(date +%d-%m-%Y:%H:%M:%S)] $site is not reachable." | ./slack-post.sh |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| CWD=$(pwd) | |
| TMP_DIR=$1 | |
| if [[ $EUID -eq 0 ]]; then | |
| echo -e "${RED}x${NC} This script must not be run as root" | |
| exit 1 | |
| fi | |
| if [ -z $(which python3) ]; then |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Likely just: curl -i <url> | |
| # Github | |
| https://github.com/<username>.keys | |
| # Bitbucket | |
| https://bitbucket.org/api/1.0/users/<accountname>/ssh-keys |
chrisdlangton
/ rotate-credentials.sh
Last active
May 17, 2020 04:16
Use the temporary AWS security credentials created by STS assume-role rotated hourly
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env sh | |
| if [ -z "$(which aws)" ]; then | |
| echo "aws command not callable" | |
| exit 1 | |
| fi | |
| if [ -z "$(which python)" ]; then | |
| echo "python command not found" | |
| exit 1 |