Skip to content

Instantly share code, notes, and snippets.

Avatar

Alex dhondta

View GitHub Profile
@dhondta
dhondta / README.md
Last active Jun 7, 2020
Tinyscript tool to bruteforce the password of a PDF
View README.md

PFD password bruteforcer

This is a small tool using Tinyscript and PyPDF2 to bruteforce the password of a PDF given an alphabet (defaults to printables) and a length (default is 8).

@dhondta
dhondta / README.md
Last active Aug 25, 2020
Tinyscript tool for making an evil Pickle
View README.md

Evil Pickle creation tool

This is a Tinyscript wrapper for this Gist, working with Python 2 and 3.

@dhondta
dhondta / README.md
Last active Jul 27, 2020
Tinyscript Proof-of-Concept tool using PyBots for exploiting an SSTI vulnerability in Craft CMS (CVE-2018-14716)
View README.md

Craft CMS SEOmatic 3.1.4 SSTI Exploit (CVE-2018-14716)

This is an automation of this exploit using Tinyscript and Pybots for getting config settings or user properties.

@dhondta
dhondta / README.md
Last active Apr 18, 2020
Modification of Firefox-Decrypt to support dictionary attack
View README.md

Firefox-Decrypt modified for dictionary attack on master password

This script is the modification of this excellent project, a tool to extract passwords from Mozilla (Firefox™, Waterfox™, Thunderbird®, SeaMonkey®) profiles, to make it support dictionary attack. This is published as a Gist as the related PR was refused (for a reason I completely understand) and with the consent of the author.

For the main options, please refer to the original project. You can provide a wordlist of master passwords for a dictionary attack as follows:

$ python firefox_decrypt_modified.py -w passwords.lst l1u1xh65.default
@dhondta
dhondta / README.md
Last active Jul 27, 2020
Tinyscript Proof-of-Concept tool using PyBots for exploiting a Code Execution vulnerability in ClipperCMS
View README.md
@dhondta
dhondta / README.md
Last active Apr 27, 2020
Simple lexer module for parsing a line of arguments and keyword-arguments, useful for CLI tools
View README.md

Arguments Lexer

Simple arguments lexer for parsing a line of arguments and keyword-arguments.

The ValueLexer evaluates strings (delimited by single or double quotes), booleans, floats, integers and also binary, octal or hexadecimal (to an integer).

The ArgumentsLexer ensures that the input line of arguments has the form:

arg1 arg2 ... argN kw1=val1 kw2=val2 ... kwM=valM
@dhondta
dhondta / README.md
Created Jan 25, 2020
Tinyscript cryptography tool implementing the Solitaire Cipher algorithm
View README.md

Solitaire-Cipher

This can be installed using:

$ pip install tinyscript
$ wget https://gist.githubusercontent.com/dhondta/1858f406fc55e5e5d440ff26432ad0a4/raw/solitaire-cipher.py && chmod +x solitaire-cipher.py && sudo mv solitaire-cipher.py /usr/bin/solitaire-cipher

This tool is especially useful in the use cases hereafter.

@dhondta
dhondta / README.md
Last active Aug 6, 2020
Tinyscript steganography tool implementing the Pixel Value Differencing algorithm
View README.md

StegoPVD

This can be installed using:

$ pip install tinyscript
$ wget https://gist.githubusercontent.com/dhondta/feaf4f5fb3ed8d1eb7515abe8cde4880/raw/stegopvd.py && chmod +x stegopvd.py && sudo mv stegopvd.py /usr/bin/stegopvd

This tool is especially useful in the use cases hereafter.

@dhondta
dhondta / README.md
Last active Aug 6, 2020
Tinyscript steganography tool implementing the Least Significant Bit algorithm
View README.md

StegoLSB

This can be installed using:

$ pip install tinyscript
$ wget https://gist.githubusercontent.com/dhondta/d2151c82dcd9a610a7380df1c6a0272c/raw/stegolsb.py && chmod +x stegolsb.py && sudo mv stegolsb.py /usr/bin/stegolsb

This tool is especially useful in the use cases hereafter.

@dhondta
dhondta / README.md
Last active Jan 23, 2020
Tinyscript tool for filtering a wordlist from STDIN based on Fcrackzip-like criteria to STDOUT or a file
View README.md

WLF

This can be installed using:

$ pip install tinyscript
$ wget https://gist.githubusercontent.com/dhondta/82a7919f8aafc1393c37c2d0f06b77e8/raw/word-list-filer.py && chmod +x word-list-filer.py && sudo mv word-list-filer.py /usr/bin/wlf

This tool is especially useful in the use cases hereafter.

You can’t perform that action at this time.