Skip to content

Instantly share code, notes, and snippets.

Avatar
🏃‍♂️

Jason Gerfen jas-

🏃‍♂️
View GitHub Profile
@jas-
jas- / wifi_map
Created Jan 8, 2019
20190107 - WiFi connected devices
View wifi_map
WhosHouse:
a0:a3:e2:f9:a6:45:
bssid: a0:a3:e2:f9:a6:45
bytes: 611376
channels:
- 1
- 2
- 140
devices:
01:00:5e:00:00:fb:
@jas-
jas- / tcpdump.sh
Created Dec 21, 2018
tcpdump en masse (solaris)
View tcpdump.sh
#!/bin/bash
# How long should we capture?
how_long="2h"
# We could use some interface names
declare -a ifaces
ifaces+=("net2")
ifaces+=("aggreth0")
@jas-
jas- / stig.sh
Last active Oct 8, 2020
Find potential privilege escalation with defined services. STIG VID's; V-906, V-907, V-910, V-4089, V-4090, V-4091, V-22354, V-22355, V-59827, V-59831, V-59833, V-59835, V-59837, V-59839, V-59841, V-59843
View stig.sh
#!/bin/bash
# Handle the following STIG Vulnerability ID's
# Requires bash > v4
# HP-UX: V-906, V-907, V-910, V-4089, V-4090, V-4091, V-22354, V-22355
# OEL: V-906, V-907, V-910, V-4089, V-4090, V-4091, V-22354, V-22355
# RHEL: V-906, V-907, V-910, V-4089, V-4090, V-4091, V-22354, V-22355
# Solaris: V-906, V-907, V-910, V-4089, V-4090, V-4091, V-22354, V-22355, V-59827, V-59831, V-59833, V-59835, V-59837, V-59839, V-59841, V-59843
# Author: Jason Gerfen <jason.gerfen@gmail.com>
@jas-
jas- / stigadm.json
Last active Dec 5, 2018
stigadm reporting
View stigadm.json
{
"date": "20181205-231751",
"system": {
"hostname": "solaris11",
"kernel": "SunOS solaris11 5.11 11.3 i86pc i386 i86pc",
"OS": "Solaris",
"version": "11"
},
"stigs": [
{
View rekall-inspect-with-yara.sh
#!/bin/bash
# Create a timestamp
ts="$(date +%Y%m%d)"
# Determine running directory
cwd="$(pwd $(dirname $0))"
# Define build_file
build_file=
@jas-
jas- / .bashrc
Last active Jul 8, 2017
Parse UFW log
View .bashrc
# Default path of UFW parser
parse_ufw=/path/to/parse-ufw.awk
# Default path of UFW log
log_ufw=/var/log/ufw.log
# Function for filtering outbound comms
function ufw_out
{
@jas-
jas- / .bashrc
Last active Nov 27, 2016
.bashrc alias functions to handle GPG encrypt/decrypt operations per file/folder
View .bashrc
# Define the encryption algo for gpg
algo="aes256"
# Define the gpg binary name (Solaris is gpg2)
gpg_name="gpg"
# Use ${gpg_name} to get full path of GPG
gpg=$(which ${gpg_name} 2>/dev/null)
# Validate GPG is installed
@jas-
jas- / json-output.json
Last active Nov 1, 2015
libnmap output examples (both make use of the examples/accuracy.js example script)
View json-output.json
{
"172.17.190.241-255": {
"$": {
"scanner": "nmap",
"args": "nmap --host-timeout=900s -T0 --max-retries 10 --ttl 200ms --scan-delay 10s --max-rate 30 -oX - -p1-1024 172.17.190.241-255",
"start": "1445783304",
"startstr": "Sun Oct 25 14:28:24 2015",
"version": "6.40",
"xmloutputversion": "1.04"
},
@jas-
jas- / accuracy.js
Last active Dec 23, 2017
node.js libnmap example usage
View accuracy.js
/*!
* libnmap
* Copyright(c) 2013-2015 Jason Gerfen <jason.gerfen@gmail.com>
* License: MIT
*/
var nmap = require('libnmap')
, opts = {
timeout: 900, // 900s = 10m and increases the reliability of scan results
flags: [
@jas-
jas- / ufw-intel.sh
Created Dec 9, 2014
Intel gathering for UFW logs
View ufw-intel.sh
dmesg | awk '{split($7, arr, "="); if (match(arr[2], /[0-9.]/)){print "\nHOST: " arr[2] " ================\n";system("host " arr[2]);system("whois " arr[2]);system("dig " arr[2]);}}' > log