divergentdave

#!/usr/bin/env python3
"""
This script recovers the RSA public key that was used to make signatures, given
any two such signatures in X.509 certificates. Python 3 is required, along with
recent versions of pyasn1, pyasn1-modules, and pyprimes. Runtime is nearly
instantaneous when the public key uses e=3, and 3+ hours when the public key
uses e=65537. (This could be vastly improved by using a more efficient GCD
library function) To recover a public key, run this script with the file names
of two certificates as command line arguments. Certificates can be in PEM or
DER format.

divergentdave

import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;

import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;

divergentdave

*.pyc

divergentdave

// This script checks for Google Calendar events with non-default
// time zones, and sends an email whenever it finds one.

// Usage:
// 1. Create a new Google Docs spreadsheet
// 2. Click on Tools -> Script editor...
// 3. In the script editor, click on Resources -> Advanced Google services...
// 4. Click on the enable toggle for "Calendar API", and use the default name "Calendar"
// 5. Click on the "Google API Console" link in the Advanced Google Services dialog box
// 6. In the Google API Console, click on the link to "View All" APIs

divergentdave

divergentdave

#!/usr/bin/env python3
from z3 import (
    Solver,
    Function,
    EnumSort,
    IntSort,
    Const,
    Distinct,
    And,
    Or,

divergentdave

#!/usr/bin/env python3
"""
This script verifies whether a given X.509 certificate is self-signed, while
ignorng the subject and issuer distinguished names. Python 3 is required,
along with recent versions of pyasn1 and pyasn1-modules. To check a
certificate, run this script with the file name of that certificate as a
command line argument. Certificates can be in PEM or DER format. Only RSA
signatures are supported.

To verify whether a certificate is self-signed, this script parses the

divergentdave

#!/bin/sh
set -e
jq -r '.[] | .homepage_url | select(. != null)' ~/oversight.garden/config/inspectors.json | while IFS= read -r line
do
  echo $line
  curl -ikL $line | (grep -i charset= || true)
  echo
done

divergentdave

#!/usr/bin/env python3

import socket
import ssl

original = 'ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:SRP-DSS-AES-256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:SRP-AES-256-CBC-SHA:DH-DSS-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:DH-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DH-RSA-AES256-SHA256:DH-DSS-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DH-RSA-AES256-SHA:DH-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:DH-RSA-CAMELLIA256-SHA:DH-DSS-CAMELLIA256-SHA:ECDH-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-SHA384:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA:PSK-AES256-CBC-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:SRP-DSS-AE

divergentdave

/node_modules
/token.txt