Skip to content

Instantly share code, notes, and snippets.

@gingeleski

gingeleski/bad_sessions.py

Created June 9, 2019 20:24
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save gingeleski/24309ed97b54b079a380d6654d2f263f to your computer and use it in GitHub Desktop.
Save gingeleski/24309ed97b54b079a380d6654d2f263f to your computer and use it in GitHub Desktop.
Download ZIP
Creates thousands of weak session token/cookie values. Used to demo Burp Suite Sequencer (you can "Manual Load" these in there) for security training.
Raw
bad_sessions.py
import random
import string
bad_random_chars1 = 'ABCFG123' # length = 8
bad_random_chars2 = 'HIKLN589'
bad_random_chars3 = 'OQRTUVYZ'
number_of_tokens = 5000
for _ in range(number_of_tokens):
first = random.choice(string.ascii_uppercase + string.digits)
a = ''.join(random.choices(bad_random_chars1, k=3))
b = ''.join(random.choices(bad_random_chars2, k=3))
c = ''.join(random.choices(bad_random_chars3, k=3))
print(first + a + b + c)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment