cutaway

#!/bin/bash
ipt4='/sbin/iptables'
ipt6='/sbin/ip6tables'

for i in $ipt4 $ipt6; do
    # Flush Rules
    echo 'Flushing IPTables: ' $i
    $i -F
    $i -X

cutaway

# PowerView's last major overhaul is detailed here: http://www.harmj0y.net/blog/powershell/make-powerview-great-again/
#   tricks for the 'old' PowerView are at https://gist.github.com/HarmJ0y/3328d954607d71362e3c

# the most up-to-date version of PowerView will always be in the dev branch of PowerSploit:
#   https://github.com/PowerShellMafia/PowerSploit/blob/dev/Recon/PowerView.ps1

# New function naming schema:
#   Verbs:
#       Get : retrieve full raw data sets
#       Find : ‘find’ specific data entries in a data set

cutaway

Last Update: 20201015

Useful Articles

Added AWS credentials to AWS config and credentials files using profiles:

• https://docs.aws.amazon.com/sdk-for-php/v3/developer-guide/guide_credentials_profiles.html
• https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html  

Installed AWS Client

• Actually determined that it is easier to run these tools from a Linux VM by downloading from Github and installing requirements following their installation Instructions.

cutaway

###########################
# References:
# https://pen-testing.sans.org/blog/2017/03/08/pen-test-poster-white-board-powershell-built-in-port-scanner/
# https://mcpmag.com/articles/2018/12/10/test-sql-connection-with-powershell.aspx
# https://support.solarwinds.com/SuccessCenter/s/article/Use-PowerShell-to-test-that-a-port-is-open-on-a-server
###########################

function Test-SqlConnection {
    #param(
        #[Parameter(Mandatory)]

cutaway

#!/usr/bin/env python3
import os, sys

# Debug if you want to stop early in large files
DEBUG = False
COLUMNS = 4

def main():
    # Preload a dictionary with all characters
    table = {}

cutaway

== Configuration Updates ==

• Towards a Quieter Firefox: https://www.blackhillsinfosec.com/towards-quieter-firefox/

== Plugins ==

• FoxyProxy Standard
• Flagfox
• Cookie Manager
• Hackbar

cutaway

import os,sys
from ipwhois import IPWhois
import socket
import warnings

# Supress warnings
warnings.filterwarnings('ignore')

# Set field names
f = ['asn','asn_cidr','nets','query','asn_description']

cutaway

'''
Name:    bigip_decode_cookie.py
Purpose: Convert BigIP cookies to internal IP address and port number
Date:    20150702
Author:  Don C. Weber (@cutaway) of InGuardians, Inc.

Resources:
    Initial python project I found for doing this: https://penturalabs.wordpress.com/2011/03/29/how-to-decode-big-ip-f5-persistence-cookie-values/
    F5 LTM Encrypted Cookie Insert Persistence: http://packetpushers.net/encrypted-cookie-persistence/
    Encrypting Big-IP Cookies (10.x - 11.x): https://support.f5.com/kb/en-us/solutions/public/14000/700/sol14784.html

cutaway

Unix

Sorting

• Sorting by month and day:
  • sort -k1,1M -k2,2n
  • http://stackoverflow.com/questions/12162210/sort-by-just-month-name-and-day-bash
• Sorting IP Addresses
  • sort -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4
  • https://www.madboa.com/geek/sort-addr/
• Uniq only counts the instances that are close to each other, so sort first:
• cat | sort | uniq -c

cutaway

#!/usr/bin/env python

import sys
from pyparsing import Word, alphas, Suppress, Combine, nums, string, Optional, Regex
#from time import strftime
import time
from datetime import datetime

# Script: ssh_accepted_xlog_parser.py
# Author: Don C. Weber (cutaway)