Tested on Ubuntu 18.04.
You will want to allow non-root users to capture packets. These users must be part of the wireshark group.
$ sudo apt update
dustyfresh
/ tshark.md
Last active
June 1, 2022 16:22
Systemd service to capture all traffic on ports 53/80/443. tshark will store up to 10MB of data per pcap file, and keep store up to 2GB of captures on disk. Once 2GB disk limit is reached, tshark will rotate older pcaps. Change the filecount in the capture script if you want to store more traffic on disk.
dustyfresh
/ gzip_remote_file.py
Created
March 30, 2020 22:48
read gzipped data from a remote file as a string
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import io | |
| import gzip | |
| import requests | |
| data = requests.get('https://url/file.txt.gz', stream=True) | |
| in_ = io.BytesIO() | |
| in_.write(data.content) | |
| in_.seek(0) | |
| gunzipped_bytes_obj = gzip.GzipFile(fileobj=in_, mode='rb').read() | |
| data = gunzipped_bytes_obj.decode() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ssh root@host "dd if=/dev/sda1" | dd of=host.img |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import json | |
| import dns.resolver | |
| import multiprocessing as mp | |
| def worker(hostname, results): | |
| resolv = dns.resolver.Resolver() | |
| resolv.nameservers = [ | |
| '8.8.8.8', # Google | |
| '8.8.4.4', # Google |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Security enhancements and custom Nginx server header | |
| # | |
| # Requirements: | |
| # $ apt install nginx vim | |
| # $ apt install libnginx-mod-http-headers-more-filter | |
| # $ vim /etc/nginx/sites-enabled/default | |
| # | |
| # Further reading http://docs.hardentheworld.org/Applications/Nginx/ | |
| # | |
| server { |
dustyfresh
/ secrets.yara
Last active
October 11, 2022 21:26
yara signatures converted from trufflehog regexes for identifying secrets in text files
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| Yara signatures for identifying secrets in text files. Requires libmagic! | |
| Mostly all stolen from Trufflehog regexes: | |
| - https://github.com/dxa4481/truffleHogRegexes/blob/master/truffleHogRegexes/regexes.json | |
| */ | |
| import "magic" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 27 April 2016 | |
| On the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) | |
| (Text with EEA relevance) | |
| THE EUROPEAN PARLIAMENT AND THE COUNCIL OF THE EUROPEAN UNION, | |
| Having regard to the Treaty on the Functioning of the European Union, and in particular Article 16 thereof, |
dustyfresh
/ SSRF-cloud-cheatsheet.md
Last active
November 25, 2019 16:28
stolen from https://medium.com/@nicklaus_park/levelup-0x02-bug-bounter-hunter-methodology-v3-8f5b802af2ad
dustyfresh
/ pwnagotchi_ids.py
Last active
October 20, 2019 00:10
script to grab each pwnagotchi unit's fingerprint. You can redirect this output to a list and loop through each fingerprint to broadcast messages to ALL pwnagotchi units OwO
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| ''' | |
| $ ./pwnagotchi_ids.py | while read fingerprint; do pwngrid -send $fingerprint -message "( ͡° ͜ʖ ͡°)"; done | |
| ''' | |
| import json | |
| import requests | |
| def main(): | |
| blacklist = open('./blacklist.txt', 'r').read().splitlines() | |
| page = 0 |
dustyfresh
/ jupyter-brute.py
Last active
October 8, 2019 01:20
multiprocessing bruteforce jupyter notebooks
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import re | |
| import requests | |
| import argparse | |
| import multiprocessing as mp | |
| from bs4 import BeautifulSoup | |
| from urllib.parse import urlparse | |
| __author__ = '@dustyfresh' | |
| __license__ = 'https://www.gnu.org/licenses/gpl-3.0.en.html' |