Skip to content

Instantly share code, notes, and snippets.

💭
New Repo, Who Dis?

Jerry Gamblin jgamblin

💭
New Repo, Who Dis?
Block or report user

Report or block jgamblin

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@jgamblin
jgamblin / sort.txt
Created Jun 18, 2019
Container Vulns Sort
View sort.txt
Owner/Container1
Total: 23 (UNKNOWN: 0, LOW: 3, MEDIUM: 13, HIGH: 7, CRITICAL: 0)
Owner/Container2
Total: 16 (UNKNOWN: 0, LOW: 2, MEDIUM: 12, HIGH: 2, CRITICAL: 0)
Owner/Container3
Total: 85 (UNKNOWN: 0, LOW: 7, MEDIUM: 44, HIGH: 24, CRITICAL: 10)
Owner/Container4
View bash_profile
# Add `~/bin` to the `$PATH`
export PATH="$HOME/bin:$PATH";
# Load the shell dotfiles, and then some:
# * ~/.path can be used to extend `$PATH`.
# * ~/.extra can be used for other settings you don’t want to commit.
for file in ~/.{path,bash_prompt,exports,aliases,functions,extra}; do
[ -r "$file" ] && [ -f "$file" ] && source "$file";
done;
unset file;
@jgamblin
jgamblin / nmapburp.sh
Created Sep 6, 2018
NMap a network and send all open web servers to Burp.
View nmapburp.sh
#!/bin/bash
#Script to Scan All Sites Found With A Simple NMAP Scan With Burp.
sites=$(nmap "$1" --open 443 --resolve-all --open -oG - | awk 'NR!=1 && /open/{print $2}')
for site in $sites
do
curl -vgw "\\n" 'http://127.0.0.1:1337/v0.1/scan' -d '{"urls":["'"$site"'"]}' > /dev/null 2>&1
printf "Scanning %s with burp.\\n" "$site"
done
@jgamblin
jgamblin / websiteup.sh
Created Sep 3, 2018
Simple Bash Script To Take A Long List Of Domains And Return Only Ones With Webpages.
View websiteup.sh
#!/bin/bash
for url in $(cat domains.txt)
do
if curl --output /dev/null --silent --head --fail "$url"; then
printf "$url \\n"
else
:
fi
done
@jgamblin
jgamblin / bountyburp.sh
Created Aug 30, 2018
Bulk Bug Bounty Scanning With Burp 2.0
View bountyburp.sh
#!/bin/bash
#Simple Script To Scan All Public Bounty Sites With Burp 2.0
sites=$(curl https://raw.githubusercontent.com/arkadiyt/bounty-targets-data/master/data/domains.txt)
for site in $sites
do
curl -vgw "\\n" 'http://127.0.0.1:1337/v0.1/scan' -d '{"urls":["'"$site"'"]}'
done
@jgamblin
jgamblin / readme.md
Last active Jun 3, 2019
Bot that posts SSH logins to slack.
View readme.md

SSH Slackbot

This is a simple slackbot to post successful SSH logins to a slack channel to help you keep track of server access.

Step 1

Create an incoming webhook for your slack community.

Step 2

Create /etc/ssh/sshslack.sh

@jgamblin
jgamblin / instantkali.sh
Created Mar 5, 2018
Start an EC2 Kali Instance In Under 60 Seconds.
View instantkali.sh
#!/bin/bash
set -e
set -u
clear
ami="ami-10e00b6d"
size="t2.medium"
today=$(date +"%m-%d-%y-%H%M")
localip=$(curl -s https://ipinfo.io/ip)
@jgamblin
jgamblin / certstream-slack.py
Created Feb 26, 2018
A script to search CTLogs for keywords and post new certs to a slack channel.
View certstream-slack.py
# coding=utf-8
import certstream
import json
import requests
# Get the webhook_url here:
# https://my.slack.com/services/new/incoming-webhook/
@jgamblin
jgamblin / antiautosploit.py
Last active May 31, 2019
Blocks Shodan IPs From Scanning Your Servers.
View antiautosploit.py
#!/usr/bin/python3
import os
shodan = ["104.131.0.69", "104.236.198.48", "155.94.222.12","155.94.254.133", "155.94.254.143", "162.159.244.38", "185.181.102.18", "188.138.9.50", "198.20.69.74", "198.20.69.98", "198.20.70.114", "198.20.87.98", "198.20.99.130", "208.180.20.97", "209.126.110.38", "216.117.2.180", "66.240.192.138", "66.240.219.146", "66.240.236.119", "71.6.135.131", "71.6.146.185", "71.6.158.166", "71.6.165.200", "71.6.167.142", "82.221.105.6", "82.221.105.7", "85.25.103.50", "85.25.43.94", "93.120.27.62", "98.143.148.107", "98.143.148.135"]
for ip in shodan:
os.system("iptables -A INPUT -s {} -j DROP".format(ip))
@jgamblin
jgamblin / domains.sh
Created Dec 20, 2017
Open Websites In Firefox from List.
View domains.sh
#!/bin/bash
filename="domains.txt"
while read -r line
do
name="$line"
open -a "Firefox" https://$name
done < "$filename"
You can’t perform that action at this time.