Skip to content

Instantly share code, notes, and snippets.

View dhondta's full-sized avatar

Alex dhondta

View GitHub Profile

WordPress Debug Log File Parser

This is a small tool using Tinyscript for parsing and searching into a debug log from WordPress and displaying errors and URLs seen.

$ pip install tinyscript
$ tsm install wp-log-parser
@dhondta
dhondta / README.md
Last active August 4, 2023 13:43
OUI/MAC Organization Finder

OUI/MAC Organization Finder

This is a small tool using Tinyscript for finding the organization associated with a given OUI or MAC address.

$ pip install tinyscript
$ tsm install oui
@dhondta
dhondta / latex-clean.sh
Created April 15, 2022 16:36 — forked from djsutherland/latex-clean.sh
A bash script to clean latex temp files
#!/bin/bash
# Note: you might prefer latexmk -c since latexmk is great. It doesn't clean all of these, but see
# https://tex.stackexchange.com/questions/83341/clean-bbl-files-with-latexmk-c/83386#83386
exts="-blx.aux -blx.bib -blx.bib .acn .acr .alg .algorithms .aux .bbl .bcf .blg .brf .dvi .fdb_latexmk .fls .glg"\
" .glo .gls .glsdefs .idx .ilg .ind .ist .keys .listing .loa .lof .log .lol .lot .maf .mtc .mtc0 .mw .nav .nlo"\
" .out .pdfsync .ptc .pyg .run.xml .snm .synctex.gz .syntex.gz(busy) .tdo .thm .toc .vrb .xdy"
for x in "${@:-.}"; do
@dhondta
dhondta / README.md
Last active February 10, 2024 10:26
Tinyscript tool for downloading the .git folder from a disclosed Web-hosted repository

Git Web Recovery

This is a small tool using Tinyscript and PyBots for downloading a .git folder left on a Web server. Note that this tool does NOT rely on Directory Indexing.

$ pip install pybots tinyscript
$ tsm install git-web-recovery

@dhondta
dhondta / README.md
Last active February 10, 2024 10:27
Tinyscript tools for downloading resources from Pentester Academy

Pentester Academy Download Tools

This is a set of tools using Tinyscript in order to download resources from pentesteracademy.com and compress videos.

  • pta-downloader: allows to download resources given some course identifiers while compressing downloaded videos if needed.
  • video-compressor: allows to compress videos a posteriori.
$ pip install tinyscript
$ tsm install pta-downloader
@dhondta
dhondta / README.md
Last active February 10, 2024 10:27
Tinyscript tool to bruteforce the password of a PDF

PDF password bruteforcer

This is a small tool using Tinyscript and pypdf or pikepdf to bruteforce the password of a PDF given an alphabet (defaults to printables) and a length (default is 8).

$ pip install pypdf tinyscript
$ tsm pdf-password-bruteforcer
@dhondta
dhondta / README.md
Last active February 10, 2024 10:27
Tinyscript tool for making an evil Pickle

Evil Pickle creation tool

This is a Tinyscript wrapper for this Gist, working with Python 2 and 3.

$ pip install tinyscript
$ tsm install evil-pickle-maker
@dhondta
dhondta / README.md
Last active July 31, 2023 22:22
Tinyscript Proof-of-Concept tool using PyBots for exploiting an SSTI vulnerability in Craft CMS (CVE-2018-14716)

Craft CMS SEOmatic 3.1.4 SSTI Exploit (CVE-2018-14716)

This is an automation of this exploit using Tinyscript and Pybots for getting config settings or user properties.

$ pip install tinyscript
$ tsm install craftcms-seomatic-ssti
@dhondta
dhondta / README.md
Last active July 31, 2023 22:21
Modification of Firefox-Decrypt to support dictionary attack

Firefox-Decrypt modified for dictionary attack on master password

This script is the modification of this excellent project, a tool to extract passwords from Mozilla (Firefox™, Waterfox™, Thunderbird®, SeaMonkey®) profiles, to make it support dictionary attack. This is published as a Gist as the related PR was refused (for a reason I completely understand) and with the consent of the author.

$ pip install tinyscript
$ tsm install firefox_decrypt_modified

For the main options, please refer to the original project. You can provide a wordlist of master passwords for a dictionary attack as follows:

@dhondta
dhondta / README.md
Last active February 10, 2024 10:28
Tinyscript Proof-of-Concept tool using PyBots for exploiting a Code Execution vulnerability in ClipperCMS

ClipperCMS 1.3.0 Code Execution Exploit

This is a variation of this exploit using Tinyscript and Pybots for uploading a shell.

$ pip install tinyscript
$ tsm install clippercms-shell-uploader