Skip to content

Instantly share code, notes, and snippets.

David Cook divergentdave

  • Minneapolis, MN
Block or report user

Report or block divergentdave

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@divergentdave
divergentdave / recover_pubkey.py
Last active Oct 22, 2019
Recover an RSA public key from its signatures
View recover_pubkey.py
#!/usr/bin/env python3
"""
This script recovers the RSA public key that was used to make signatures, given
any two such signatures in X.509 certificates. Python 3 is required, along with
recent versions of pyasn1, pyasn1-modules, and pyprimes. Runtime is nearly
instantaneous when the public key uses e=3, and 3+ hours when the public key
uses e=65537. (This could be vastly improved by using a more efficient GCD
library function) To recover a public key, run this script with the file names
of two certificates as command line arguments. Certificates can be in PEM or
DER format.
@divergentdave
divergentdave / Example.java
Last active Jul 29, 2019
Ignoring Expired TLS Certificates in Java
View Example.java
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
@divergentdave
divergentdave / .gitignore
Last active May 9, 2019
Inheritance with PLY (Python Lex-Yacc)
@divergentdave
divergentdave / Code.gs
Last active Nov 23, 2018
Calendar time zone check - Google Apps Script
View Code.gs
// This script checks for Google Calendar events with non-default
// time zones, and sends an email whenever it finds one.
// Usage:
// 1. Create a new Google Docs spreadsheet
// 2. Click on Tools -> Script editor...
// 3. In the script editor, click on Resources -> Advanced Google services...
// 4. Click on the enable toggle for "Calendar API", and use the default name "Calendar"
// 5. Click on the "Google API Console" link in the Advanced Google Services dialog box
// 6. In the Google API Console, click on the link to "View All" APIs
View Deduplicated Cisco Umbrella 1 Million.ipynb
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@divergentdave
divergentdave / poker.py
Last active Jun 23, 2018
Solving logic puzzles with Z3
View poker.py
#!/usr/bin/env python3
from z3 import (
Solver,
Function,
EnumSort,
IntSort,
Const,
Distinct,
And,
Or,
@divergentdave
divergentdave / verify_self_signed_key.py
Created Mar 19, 2018
Verify a self signed certificate's signature
View verify_self_signed_key.py
#!/usr/bin/env python3
"""
This script verifies whether a given X.509 certificate is self-signed, while
ignorng the subject and issuer distinguished names. Python 3 is required,
along with recent versions of pyasn1 and pyasn1-modules. To check a
certificate, run this script with the file name of that certificate as a
command line argument. Certificates can be in PEM or DER format. Only RSA
signatures are supported.
To verify whether a certificate is self-signed, this script parses the
View ig_charsets.sh
#!/bin/sh
set -e
jq -r '.[] | .homepage_url | select(. != null)' ~/oversight.garden/config/inspectors.json | while IFS= read -r line
do
echo $line
curl -ikL $line | (grep -i charset= || true)
echo
done
@divergentdave
divergentdave / arctest.py
Last active Sep 9, 2016
ARC TLS cipher suite list test
View arctest.py
#!/usr/bin/env python3
import socket
import ssl
original = 'ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:SRP-DSS-AES-256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:SRP-AES-256-CBC-SHA:DH-DSS-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:DH-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DH-RSA-AES256-SHA256:DH-DSS-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DH-RSA-AES256-SHA:DH-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:DH-RSA-CAMELLIA256-SHA:DH-DSS-CAMELLIA256-SHA:ECDH-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-SHA384:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA:PSK-AES256-CBC-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:SRP-DSS-AE
@divergentdave
divergentdave / .gitignore
Last active Jun 14, 2016
GitHub Pages List
View .gitignore
/node_modules
/token.txt
You can’t perform that action at this time.