Skip to content

Instantly share code, notes, and snippets.

Dustin dustyfresh

Block or report user

Report or block dustyfresh

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
dustyfresh /
Last active Oct 20, 2019
script to grab each pwnagotchi unit's fingerprint. You can redirect this output to a list and loop through each fingerprint to broadcast messages to ALL pwnagotchi units OwO
#!/usr/bin/env python
$ ./ | while read fingerprint; do pwngrid -send $fingerprint -message "( ͡° ͜ʖ ͡°)"; done
import json
import requests
def main():
blacklist = open('./blacklist.txt', 'r').read().splitlines()
page = 0
dustyfresh /
Last active Oct 8, 2019
multiprocessing bruteforce jupyter notebooks
#!/usr/bin/env python
import re
import requests
import argparse
import multiprocessing as mp
from bs4 import BeautifulSoup
from urllib.parse import urlparse
__author__ = '@dustyfresh'
__license__ = ''
dustyfresh /
Created Jun 7, 2019
DNS nameserver implemented in python
#!/usr/bin/env python3
import sys
from datetime import datetime
import time
from time import sleep
from dnslib import DNSLabel, QTYPE, RD, RR, RCODE
from dnslib import A, AAAA, CNAME, MX, NS, SOA, TXT
from dnslib.server import DNSServer
dustyfresh /
Last active Mar 31, 2019
log brute force traffic on telnet easily with miniboa
from miniboa import TelnetServer
import logging as logz
def on_connect(client):'New connection from {}'.format(client.address))
# Fake login prompt
client.send('Login: ')
def on_disconnect(client):

Keybase proof

I hereby claim:

  • I am dustyfresh on github.
  • I am dustyfresh ( on keybase.
  • I have a public key ASCCXpExvlJd32z0N3WdZ1Tw1ZoIi73S9_JuclQ0QQJEDgo

To claim this, I am signing this object:

View TAO_disclosed_projects.txt
ACRIDMINI - TAO computer hacking project
ADJUTANT VENTURE - Intrusion set?
ALOOFNESS - Cyber threat actor
ALTEREDCARBON - An IRATEMONK implant for Seagate drives
AMULETSTELLAR - Cyber threat actor sending malicious e-mails
ANGRYNEIGHBOR - Family of radar retro-reflector tools used by NSA's TAO division
APERTURESCIENCE - TAO computer hacking project
ARGYLEALIEN - Method to cause a loss of data by exploiting zeroization of hard-drives
ARKSTREAM - Implant used to reflash BIOS, installed by remote access or intercepted shipping
dustyfresh /
Created Jul 28, 2018
guess valid short links from for research & educational purposes
#!/usr/bin/env python
import requests
import random
import string
from time import sleep
while True:
lol = ''.join(random.choice(string.ascii_uppercase + string.digits + string.ascii_lowercase) for _ in range(4))
url = '{}'.format(lol)
dustyfresh /
Last active Jan 9, 2019
tunnel remote services to localhost with SSH & Tor


Sometimes you need to access a service that is behind a firewall that you do not have permissions to influence. You can get around your inability to modify the firewall policies by tunneling your service over a Tor hidden service with SSH.


  • Tor must be installed on both the firewalled host, as well as the client server the tunnel will be initiated from.
  • Ncat is used to proxy SSH over SOCKS to Tor. The ncat binary ships with the nmap package.
  • client must have a public key in the authorized_keys SSH file for the hidden service

Setup hidden service

dustyfresh /
Last active May 30, 2018
notes on setting up, securing, and using a RethinkDB server

RethinkDB dev notes

Why use RethinkDB?

RethinkDB is the first open-source, scalable JSON database built from the ground up for the realtime web. It inverts the traditional database architecture by exposing an exciting new access model – instead of polling for changes, the developer can tell RethinkDB to continuously push updated query results to applications in realtime. RethinkDB’s realtime push architecture dramatically reduces the time and effort necessary to build scalable realtime apps.

The project I'm using RethinkDB for is storing data from various scrapers I'm working on.

rethinkdb installation

dustyfresh / workerWAF.js
Last active Aug 29, 2019
Simple & experimental Web Application Firewall using Cloudflare's edge workers
View workerWAF.js
* Web Application Firewall built with Cloudflare workers
* Author: < >
* License: GPLv3 < >
* Cloudflare worker documentation:
* < >
You can’t perform that action at this time.