Skip to content

Instantly share code, notes, and snippets.

Avatar

Gonçalo Ribeiro goncalor

View GitHub Profile
@goncalor
goncalor / collapse-nets.py
Created May 16, 2022
Collapses subnets and/or IPs into the smallest possible set of subnets
View collapse-nets.py
#!/usr/bin/env python3
# Collapses subnets and/or IPs into the smallest possible set of subnets
import sys
import ipaddress
if len(sys.argv) != 2:
print("Usage: {} <file>".format(sys.argv[0]))
sys.exit(-1)
with open(sys.argv[1]) as f:
View test.txt
just a test
wivykwfs6@nullmbx.net
don't send mail
View go-aquatone.Dockerfile
FROM alpine
RUN apk --no-cache add go chromium
RUN go get github.com/shelld3v/aquatone
#RUN useradd -m -d /app user
WORKDIR /app
#USER user
View hydra.Dockerfile
FROM kalilinux/kali-rolling
RUN apt update
RUN apt -y install git build-essential libssh-dev #libsmbclient-dev #freerdp2-dev
WORKDIR /app
RUN git clone --depth=1 https://github.com/vanhauser-thc/thc-hydra .
RUN ./configure
RUN make
@goncalor
goncalor / convert.awk
Created Dec 19, 2021
Scripts to resolve domains to IPs
View convert.awk
/NXDOMAIN/ {print $2, "?"; next}
/SERVFAIL/ {print $2, "?"; next}
/mail is handled by/ {next}
/is an alias for/ {doms[$6]=$1; next}
{
if ($1"." in doms)
print doms[$1"."], $4
else if (match($0, "has IPv6 address"))
View testssl.Dockerfile
FROM alpine:3.13
RUN apk add --no-cache bash procps drill git coreutils curl
RUN addgroup testssl
RUN adduser -G testssl -g "testssl user" -s /bin/bash -D testssl
RUN ln -s /home/testssl/testssl.sh /usr/local/bin/
USER testssl
@goncalor
goncalor / masscan.markdown
Last active Nov 30, 2021
Notes on masscan
View masscan.markdown

Masscan notes

NTP

For NTP, masscan (1.3.1) sends by default "monlist" packets. We only get responses from IPs that have this feature enabled (which is great for NTP amplification DDoS attacks). Since we get no response we miss open NTPs that don't have this feature.

$ masscan -pU:123 <ip>
View masscan-to-subnets.py
#!/usr/bin/env python3
import sys
import ipaddress
if len(sys.argv) != 2:
print("Usage: {} <file>".format(sys.argv[0]))
sys.exit(-1)
with open(sys.argv[1]) as f:
for line in f.readlines():
View pyspf.Dockerfile
FROM alpine
RUN apk --no-cache add python3 py3-pip git
WORKDIR /app
RUN adduser -h /app -D user
RUN git clone --depth=1 https://github.com/sdgathman/pyspf/ .
RUN python3 setup.py install
View masscan-json2json
#!/bin/sh
#
# Converts `masscan`'s JSON output to JSON lines that can be
# parsed by `jq` or `python -m json.tool --json-lines`.
# masscan (1.0.4) outputs an array with a trailing comma, which is invalid.
# This basically breaks the array into its elements, one per line.
#
# Example:
# [
# {...},