== Configuration Updates ==
- Towards a Quieter Firefox: https://www.blackhillsinfosec.com/towards-quieter-firefox/
== Plugins ==
- FoxyProxy Standard
- Flagfox
- Cookie Manager
- Hackbar
Don C. Weber cutaway
cutaway
/ Firefox_Testing_Updates.md
Last active
November 27, 2018 17:26
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os,sys | |
| from ipwhois import IPWhois | |
| import socket | |
| import warnings | |
| # Supress warnings | |
| warnings.filterwarnings('ignore') | |
| # Set field names | |
| f = ['asn','asn_cidr','nets','query','asn_description'] |
cutaway
/ simple_commands_and_reminders.md
Last active
August 27, 2017 19:14
Simple Commands And Other Things To Remember
- Sorting by month and day:
- Sorting IP Addresses
sort -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4- https://www.madboa.com/geek/sort-addr/
- Uniq only counts the instances that are close to each other, so sort first:
cat | sort | uniq -c
cutaway
/ ssh_accepted_xlog_parser.py
Last active
December 15, 2015 06:24
Parsing SSH Accepted Syslog files with Python and PyParsing - based on Lendro Silva's code
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import sys | |
| from pyparsing import Word, alphas, Suppress, Combine, nums, string, Optional, Regex | |
| #from time import strftime | |
| import time | |
| from datetime import datetime | |
| # Script: ssh_accepted_xlog_parser.py | |
| # Author: Don C. Weber (cutaway) |
cutaway
/ Forensic_Tips.md
Last active
March 9, 2022 13:05
Tips and tricks to remember for forensic analysis.
When doing forensics, the challenge usually is how can we access data when there are restrictions to the ways we can access the data. For instance, we have recently acquired a Linux disk formatted using EXT3. The acquired disk is a raw image file that is easily mountable in Linux for review (yes, I'm not talking forensic analysis tools).
mount -o ro,loop /media/USB/<image.dd> /mnt
This command will mount the image read-only and we can do our analysis of the contents. Remember when you are doing a "stat" or "ls" on the file you'll want to use the "-n" option so that it doesn't use the local systems UID mappings and just displays the number associated with that file.
But, what if you have to give that drive to someone so THEY can review the contents? And, what if that person is a Windows-only person? Windows does not have a build in method for mounting raw images let alone understanding EXT3 filesystems. Thus, you have to think "outside-the-box".
cutaway
/ bigip_decode_cookie.py
Created
July 2, 2015 18:33
Deocde BigIP cookies to internal IP address and port number
cutaway
/ extract_java_server_faces_viewstate.py
Last active
June 25, 2021 08:39
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| """ | |
| Name: extract_java_server_faces_viewstate | |
| Purpose: Extract and parse the Java Server Faces viewstate | |
| Date: 20150620 | |
| Author: Don C. Weber (@cutaway) of InGuardians, Inc. | |
| Resources: | |
| http://wiki.apache.org/myfaces/Secure_Your_Application |
cutaway
/ cookie_parameters.py
Created
June 12, 2015 22:19
cookie_parameters.py: an SQLMAP tamper script to handle Cookie GLOBS
cutaway
/ ics_startup.sh
Created
April 13, 2015 22:29
ics_startup.sh - This shell script is designed to help setup Internet sharing between to interfaces.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ########################################################################### | |
| # ics_startup.sh - This shell script is designed to help setup Internet | |
| # sharing between to interfaces. It will generate | |
| # the appropriate iptable rules, implement them, | |
| # and start the DHCP server. It will also reset | |
| # the system. | |
| # | |
| # Copyright (c) 2012, InGuardians, Inc. <consulting@inguardians.com> | |
| # |
cutaway
/ hostapd-wpe_ing.conf
Created
March 11, 2015 19:47
Hostapd-wpe.conf is a configuration script for hostapd-wpe. This script has been updated to provide more configuration options associated with WPA2.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # hostapd-wpe.conf | |
| # Brad Antoniewicz (@brad_anton) - Foundstone | |
| # ------------------------------------------------ | |
| # Updated to provide additional WPA2 configuration control | |
| # Don C. Weber (@cutaway) - InGuardians, Inc. | |
| # ------------------------------------------------ | |
| # | |
| # Configuration file for hostapd-wpe | |
| # |