Chris (stof) Langton chrisdlangton
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash -ex | |
| sudo su - | |
| apt-get update | |
| apt-get install -y build-essential git jq curl wget gnupg | |
| wget -q -O - https://archive.kali.org/archive-key.asc | apt-key add - | |
| sh -c "echo 'deb https://http.kali.org/kali kali-rolling main non-free contrib' > /etc/apt/sources.list.d/kali.list" | |
| sh -c "echo 'Package: *' > /etc/apt/preferences.d/kali.pref | |
| echo 'Pin: release a=kali-rolling' >> /etc/apt/preferences.d/kali.pref | |
| echo 'Pin-Priority: 50' >> /etc/apt/preferences.d/kali.pref" | |
| wget http://http.kali.org/kali/pool/main/k/kali-archive-keyring/kali-archive-keyring_2022.1_all.deb |
chrisdlangton
/ xor.py
Created
November 16, 2023 00:02
Use NLP to filter results of bruteforce key length for XOR encoded words, alphanumeric, or phrase
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import string, itertools, time, re | |
| from nltk.corpus import words | |
| from nltk.tokenize import word_tokenize | |
| import nltk | |
| flag = "The message is too secret" | |
| secret_key = 'CTFKey' | |
| def is_mostly_english(text, threshold: float = 0.5): |
chrisdlangton
/ dump_cert.sh
Created
January 18, 2019 03:19
Script to dump the entire cert.sh database as CSV
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| SCHEMA=public | |
| DB=certwatch | |
| HOST=crt.sh | |
| PORT=5432 | |
| USER='guest --no-password' | |
| DIR=$(pwd) | |
| mkdir -p $DIR |
chrisdlangton
/ hawkauth_mitm_poc.js
Last active
July 24, 2023 01:30
PoC for GHSA-mrcf-5cch-47mc mozilla/hawk
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * Gist: https://gist.github.com/chrisdlangton/cd32ad083294c56c509828a7b9f7e90e | |
| * Advisory: https://github.com/chrisdlangton/hawk/security/advisories/GHSA-mrcf-5cch-47mc | |
| */ | |
| const hawk = require('hawk') | |
| const credentials = { | |
| id: 'dh37fgj492je', | |
| key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn', | |
| algorithm: 'sha256' |
chrisdlangton
/ coverletter.txt
Created
February 2, 2023 08:39
ChatGPT Cloud Engineer job application cover letter
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Cloud Engineer Cover Letter | |
| Chris | |
| Write a cover letter for a cloud engineer job at a product focussed company | |
| Dear Hiring Manager, | |
| I am writing to apply for the Cloud Engineer position at [Company Name], and I am confident that my extensive experience and skills make me an ideal candidate for this role. I have a passion for developing and deploying innovative cloud solutions that drive business success, and I am excited about the opportunity to bring my expertise to your team. |
chrisdlangton
/ hosting_providers.py
Created
October 26, 2020 13:43
List of web hosting providers - expected these services have customers that use CNAME records for custom/vanity domains
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| The following python list of tuples is in the form of; | |
| (<url_segment>, <provider_name>) | |
| url_segment: str = a substring match, can be of prefix suffic or any substring | |
| provider_name: str = human friendly name of the provier | |
| """ | |
| hosting_providers = [ | |
| ('.clients.turbobytes.net', 'TurboBytes',), | |
| ('.turbobytes-cdn.com', 'TurboBytes',), | |
| ('.afxcdn.net', 'afxcdn.net',), |
chrisdlangton
/ collect-ip-info.py
Created
November 17, 2017 23:37
Python script to enrich data about IP hosts from csv file
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| ######################################### | |
| # pip install pandas ipwhois | |
| # usage: | |
| # ./collect-ip-info.py | |
| # Place a csv in same directory and change name of file_in variable | |
| # First csv row is header, followed by a single ip per row | |
| # Make sure you put your own google maps api key below | |
| import csv | |
| import requests |
chrisdlangton
/ syscall2seccomp.py
Last active
August 31, 2022 23:51
Automatically generate seccomp profile json by learning from container activity using sysdig
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import fileinput | |
| import json | |
| import argparse | |
| SECCOMP_PROFILE = ('{"defaultAction": "SCMP_ACT_ERRNO",' | |
| '"architectures": [' | |
| '"SCMP_ARCH_X86_64",' | |
| '"SCMP_ARCH_X86",' |
chrisdlangton
/ waybacksploit.sh
Last active
July 8, 2022 21:18
The real dark web - find and exploit forgotten files on servers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| if [ -z $(which retire) ]; then | |
| echo "retire not found. try npm install -g retire" | |
| exit 1 | |
| fi | |
| if [ -z $(which parallel) ]; then | |
| echo "parallel not found. try 'apt install -y parallel'" | |
| exit 1 | |
| fi |
chrisdlangton
/ cloud_metadata.txt
Created
July 5, 2022 00:31
— forked from jhaddix/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## AWS | |
| # from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
| http://169.254.169.254/latest/user-data | |
| http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME] | |
| http://169.254.169.254/latest/meta-data/ami-id | |
| http://169.254.169.254/latest/meta-data/reservation-id | |
| http://169.254.169.254/latest/meta-data/hostname | |
| http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key |
NewerOlder