Skip to content

Instantly share code, notes, and snippets.

Avatar

David Cook divergentdave

  • Minneapolis, MN
View GitHub Profile
@divergentdave
divergentdave / poker.py
Last active Dec 31, 2019
Solving logic puzzles with Z3
View poker.py
#!/usr/bin/env python3
from z3 import (
Solver,
Function,
EnumSort,
IntSort,
Const,
Distinct,
And,
Or,
@divergentdave
divergentdave / recover_pubkey.py
Last active Oct 22, 2019
Recover an RSA public key from its signatures
View recover_pubkey.py
#!/usr/bin/env python3
"""
This script recovers the RSA public key that was used to make signatures, given
any two such signatures in X.509 certificates. Python 3 is required, along with
recent versions of pyasn1, pyasn1-modules, and pyprimes. Runtime is nearly
instantaneous when the public key uses e=3, and 3+ hours when the public key
uses e=65537. (This could be vastly improved by using a more efficient GCD
library function) To recover a public key, run this script with the file names
of two certificates as command line arguments. Certificates can be in PEM or
DER format.
@divergentdave
divergentdave / verify_self_signed_key.py
Created Mar 19, 2018
Verify a self signed certificate's signature
View verify_self_signed_key.py
#!/usr/bin/env python3
"""
This script verifies whether a given X.509 certificate is self-signed, while
ignorng the subject and issuer distinguished names. Python 3 is required,
along with recent versions of pyasn1 and pyasn1-modules. To check a
certificate, run this script with the file name of that certificate as a
command line argument. Certificates can be in PEM or DER format. Only RSA
signatures are supported.
To verify whether a certificate is self-signed, this script parses the
@divergentdave
divergentdave / Code.gs
Last active Nov 23, 2018
Calendar time zone check - Google Apps Script
View Code.gs
// This script checks for Google Calendar events with non-default
// time zones, and sends an email whenever it finds one.
// Usage:
// 1. Create a new Google Docs spreadsheet
// 2. Click on Tools -> Script editor...
// 3. In the script editor, click on Resources -> Advanced Google services...
// 4. Click on the enable toggle for "Calendar API", and use the default name "Calendar"
// 5. Click on the "Google API Console" link in the Advanced Google Services dialog box
// 6. In the Google API Console, click on the link to "View All" APIs
@divergentdave
divergentdave / .gitignore
Last active May 26, 2020
Inheritance with PLY (Python Lex-Yacc)
View Deduplicated Cisco Umbrella 1 Million.ipynb
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
View ig_charsets.sh
#!/bin/sh
set -e
jq -r '.[] | .homepage_url | select(. != null)' ~/oversight.garden/config/inspectors.json | while IFS= read -r line
do
echo $line
curl -ikL $line | (grep -i charset= || true)
echo
done
@divergentdave
divergentdave / arctest.py
Last active Sep 9, 2016
ARC TLS cipher suite list test
View arctest.py
#!/usr/bin/env python3
import socket
import ssl
original = 'ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:SRP-DSS-AES-256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:SRP-AES-256-CBC-SHA:DH-DSS-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:DH-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DH-RSA-AES256-SHA256:DH-DSS-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DH-RSA-AES256-SHA:DH-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:DH-RSA-CAMELLIA256-SHA:DH-DSS-CAMELLIA256-SHA:ECDH-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-SHA384:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA:PSK-AES256-CBC-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:SRP-DSS-AE
@divergentdave
divergentdave / Example.java
Last active Jun 12, 2020
Ignoring Expired TLS Certificates in Java
View Example.java
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
@divergentdave
divergentdave / .gitignore
Last active Jun 14, 2016
GitHub Pages List
View .gitignore
/node_modules
/token.txt
You can’t perform that action at this time.