== Configuration Updates ==
- Towards a Quieter Firefox: https://www.blackhillsinfosec.com/towards-quieter-firefox/
== Plugins ==
- FoxyProxy Standard
- Flagfox
- Cookie Manager
- Hackbar
== Configuration Updates ==
== Plugins ==
import os,sys | |
from ipwhois import IPWhois | |
import socket | |
import warnings | |
# Supress warnings | |
warnings.filterwarnings('ignore') | |
# Set field names | |
f = ['asn','asn_cidr','nets','query','asn_description'] |
sort -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4
cat | sort | uniq -c
#!/usr/bin/env python | |
import sys | |
from pyparsing import Word, alphas, Suppress, Combine, nums, string, Optional, Regex | |
#from time import strftime | |
import time | |
from datetime import datetime | |
# Script: ssh_accepted_xlog_parser.py | |
# Author: Don C. Weber (cutaway) |
When doing forensics, the challenge usually is how can we access data when there are restrictions to the ways we can access the data. For instance, we have recently acquired a Linux disk formatted using EXT3. The acquired disk is a raw image file that is easily mountable in Linux for review (yes, I'm not talking forensic analysis tools).
mount -o ro,loop /media/USB/<image.dd> /mnt
This command will mount the image read-only and we can do our analysis of the contents. Remember when you are doing a "stat" or "ls" on the file you'll want to use the "-n" option so that it doesn't use the local systems UID mappings and just displays the number associated with that file.
But, what if you have to give that drive to someone so THEY can review the contents? And, what if that person is a Windows-only person? Windows does not have a build in method for mounting raw images let alone understanding EXT3 filesystems. Thus, you have to think "outside-the-box".
#!/usr/bin/env python | |
""" | |
Name: extract_java_server_faces_viewstate | |
Purpose: Extract and parse the Java Server Faces viewstate | |
Date: 20150620 | |
Author: Don C. Weber (@cutaway) of InGuardians, Inc. | |
Resources: | |
http://wiki.apache.org/myfaces/Secure_Your_Application |
#!/bin/bash | |
########################################################################### | |
# ics_startup.sh - This shell script is designed to help setup Internet | |
# sharing between to interfaces. It will generate | |
# the appropriate iptable rules, implement them, | |
# and start the DHCP server. It will also reset | |
# the system. | |
# | |
# Copyright (c) 2012, InGuardians, Inc. <consulting@inguardians.com> | |
# |
# | |
# hostapd-wpe.conf | |
# Brad Antoniewicz (@brad_anton) - Foundstone | |
# ------------------------------------------------ | |
# Updated to provide additional WPA2 configuration control | |
# Don C. Weber (@cutaway) - InGuardians, Inc. | |
# ------------------------------------------------ | |
# | |
# Configuration file for hostapd-wpe | |
# |