Ian Gallagher craSH

## upgradebrews
#!/bin/bash
#
# Very simple script that updates your brew formula repo and
# then upgrades all installed and outdated formulae
# Run with -y to upgrade formulae automatically
#

# Update the repo
brew update

## ssl_info
#!/bin/bash
#
# Check a given host/port for supported SSL/TLS cipher suites.
# If nmap is available, do a service fingerprint on it as well
#
# This requires that you have "sslciphercheck", available here:
# http://www.pvv.ntnu.no/~josteitv/papers/ssl_vuln_code.tar.gz
#
# Usage: ssl_info <host> <port>
#

## get_axfr.py
#!/usr/bin/env python
## Attempts to get a domain transfer from the nameservers for the given domain
## Requires dnspython http://www.dnspython.org/

import sys, socket
from dns import resolver, rdatatype, query
import dns.exception

def do_axfr(nameserver, domain):
    print "Querying %s" % (nameserver,)

## .gitignore
# .gitignore for .NET projects
# Thanks to Derick Bailey
# http://www.lostechies.com/blogs/derickbailey/archive/2009/05/18/a-net-c-developer-s-gitignore-file.aspx
# Additional Thanks to
# - Alexey Abramov

# Standard VS.NET and ReSharper Foo
obj
bin
*.csproj.user

## gpg.conf
personal-digest-preferences SHA512 SHA384 SHA256 SHA224 SHA1 RIPEMD160 MD5
personal-cipher-preferences AES256 TWOFISH BLOWFISH AES192 AES CAMELLIA256 CAMELLIA192 CAMELLIA128 3DES CAST5
keyserver hkp://subkeys.pgp.net
keyserver hkp://pgp.mit.edu
keyserver-options auto-key-retrieve
use-agent

## threaded_urlretrieve.py
#!/usr/bin/env python
"""
A few functions that serve to download files in a threaded manner.
Essentially a map() which is threadded, with a URL fetching function

Copyleft 2010 Ian Gallagher <crash@neg9.org>
"""

import os, sys, urllib
import socket

## har_response_urls.py
#!/usr/bin/env python
"""
Parse a HAR (HTTP Archive) and return URLs which resulted in a given HTTP response code
HAR Spec: http://groups.google.com/group/http-archive-specification/web/har-1-2-spec
Copyleft 2010 Ian Gallagher <crash@neg9.org>

Example usage: ./har_response_urls.py foo.har 404
"""

import json

## gpg_bruteforce.py
#!/usr/bin/env python
"""
Determine password for a PGP private key based on a wordlist.
Also performs permutations on passwords in the case of l33tsp3ak, etc.

Requires python-gnupg (easy_install/pip install python-gnupg)

To quiet down some of the exceptions during signing attempts, the following
"patch" is needed within gnupg.py:

## pbkdf2.java
public String hashPassword(String password, String salt) throws Exception
/*
 * Wrap pbkdf2 method to return password hash as a hex string
*/
{
	// Bail if password or salt are null/0 length
	if ((null == password || 0 == password.length()) || (null == salt || 0 == salt.length()))
		throw new Exception("Failed to create PBKDF2 Hash for password, password or salt can not be empty");

	// Result string

## aes_ctr-chosen_plaintext.py
#!/usr/bin/env python
"""
Simple chosen-plaintext attack on AES-CTR given NONCE and IV re-use for
multiple ciphertexts

Copyleft 2011 Ian Gallagher <crash@neg9.org>
"""
import sys

def decrypt(keystream, ciphertext):
	#!/bin/bash
	#
	# Very simple script that updates your brew formula repo and
	# then upgrades all installed and outdated formulae
	# Run with -y to upgrade formulae automatically
	#

	# Update the repo
	brew update
	#!/bin/bash
	#
	# Check a given host/port for supported SSL/TLS cipher suites.
	# If nmap is available, do a service fingerprint on it as well
	#
	# This requires that you have "sslciphercheck", available here:
	# http://www.pvv.ntnu.no/~josteitv/papers/ssl_vuln_code.tar.gz
	#
	# Usage: ssl_info <host> <port>
	#
	#!/usr/bin/env python
	## Attempts to get a domain transfer from the nameservers for the given domain
	## Requires dnspython http://www.dnspython.org/

	import sys, socket
	from dns import resolver, rdatatype, query
	import dns.exception

	def do_axfr(nameserver, domain):
	print "Querying %s" % (nameserver,)
	# .gitignore for .NET projects
	# Thanks to Derick Bailey
	# http://www.lostechies.com/blogs/derickbailey/archive/2009/05/18/a-net-c-developer-s-gitignore-file.aspx
	# Additional Thanks to
	# - Alexey Abramov

	# Standard VS.NET and ReSharper Foo
	obj
	bin
	*.csproj.user
	personal-digest-preferences SHA512 SHA384 SHA256 SHA224 SHA1 RIPEMD160 MD5
	personal-cipher-preferences AES256 TWOFISH BLOWFISH AES192 AES CAMELLIA256 CAMELLIA192 CAMELLIA128 3DES CAST5
	keyserver hkp://subkeys.pgp.net
	keyserver hkp://pgp.mit.edu
	keyserver-options auto-key-retrieve
	use-agent
	#!/usr/bin/env python
	"""
	A few functions that serve to download files in a threaded manner.
	Essentially a map() which is threadded, with a URL fetching function

	Copyleft 2010 Ian Gallagher <crash@neg9.org>
	"""

	import os, sys, urllib
	import socket
	#!/usr/bin/env python
	"""
	Parse a HAR (HTTP Archive) and return URLs which resulted in a given HTTP response code
	HAR Spec: http://groups.google.com/group/http-archive-specification/web/har-1-2-spec
	Copyleft 2010 Ian Gallagher <crash@neg9.org>

	Example usage: ./har_response_urls.py foo.har 404
	"""

	import json
	#!/usr/bin/env python
	"""
	Determine password for a PGP private key based on a wordlist.
	Also performs permutations on passwords in the case of l33tsp3ak, etc.

	Requires python-gnupg (easy_install/pip install python-gnupg)

	To quiet down some of the exceptions during signing attempts, the following
	"patch" is needed within gnupg.py:
	public String hashPassword(String password, String salt) throws Exception
	/*
	* Wrap pbkdf2 method to return password hash as a hex string
	*/
	{
	// Bail if password or salt are null/0 length
	if ((null == password \|\| 0 == password.length()) \|\| (null == salt \|\| 0 == salt.length()))
	throw new Exception("Failed to create PBKDF2 Hash for password, password or salt can not be empty");

	// Result string
	#!/usr/bin/env python
	"""
	Simple chosen-plaintext attack on AES-CTR given NONCE and IV re-use for
	multiple ciphertexts

	Copyleft 2011 Ian Gallagher <crash@neg9.org>
	"""
	import sys

	def decrypt(keystream, ciphertext):