Skip to content

Instantly share code, notes, and snippets.

💭
New Repo, Who Dis?

Jerry Gamblin jgamblin

View GitHub Profile
View bash_profile
# Add `~/bin` to the `$PATH`
export PATH="$HOME/bin:$PATH";
# Load the shell dotfiles, and then some:
# * ~/.path can be used to extend `$PATH`.
# * ~/.extra can be used for other settings you don’t want to commit.
for file in ~/.{path,bash_prompt,exports,aliases,functions,extra}; do
[ -r "$file" ] && [ -f "$file" ] && source "$file";
done;
unset file;
@jgamblin
jgamblin / nmapburp.sh
Created Sep 6, 2018
NMap a network and send all open web servers to Burp.
View nmapburp.sh
#!/bin/bash
#Script to Scan All Sites Found With A Simple NMAP Scan With Burp.
sites=$(nmap "$1" --open 443 --resolve-all --open -oG - | awk 'NR!=1 && /open/{print $2}')
for site in $sites
do
curl -vgw "\\n" 'http://127.0.0.1:1337/v0.1/scan' -d '{"urls":["'"$site"'"]}' > /dev/null 2>&1
printf "Scanning %s with burp.\\n" "$site"
done
@jgamblin
jgamblin / websiteup.sh
Created Sep 3, 2018
Simple Bash Script To Take A Long List Of Domains And Return Only Ones With Webpages.
View websiteup.sh
#!/bin/bash
for url in $(cat domains.txt)
do
if curl --output /dev/null --silent --head --fail "$url"; then
printf "$url \\n"
else
:
fi
done
@jgamblin
jgamblin / bountyburp.sh
Created Aug 30, 2018
Bulk Bug Bounty Scanning With Burp 2.0
View bountyburp.sh
#!/bin/bash
#Simple Script To Scan All Public Bounty Sites With Burp 2.0
sites=$(curl https://raw.githubusercontent.com/arkadiyt/bounty-targets-data/master/data/domains.txt)
for site in $sites
do
curl -vgw "\\n" 'http://127.0.0.1:1337/v0.1/scan' -d '{"urls":["'"$site"'"]}'
done
@jgamblin
jgamblin / readme.md
Last active Oct 18, 2018
Bot that posts SSH logins to slack.
View readme.md

SSH Slackbot

This is a simple slackbot to post successful SSH logins to a slack channel to help you keep track of server access.

Step 1

Create an incoming webhook for your slack community.

Step 2

Create /etc/ssh/sshslack.sh

@jgamblin
jgamblin / instantkali.sh
Created Mar 5, 2018
Start an EC2 Kali Instance In Under 60 Seconds.
View instantkali.sh
#!/bin/bash
set -e
set -u
clear
ami="ami-10e00b6d"
size="t2.medium"
today=$(date +"%m-%d-%y-%H%M")
localip=$(curl -s https://ipinfo.io/ip)
@jgamblin
jgamblin / certstream-slack.py
Created Feb 26, 2018
A script to search CTLogs for keywords and post new certs to a slack channel.
View certstream-slack.py
# coding=utf-8
import certstream
import json
import requests
# Get the webhook_url here:
# https://my.slack.com/services/new/incoming-webhook/
@jgamblin
jgamblin / antiautosploit.py
Last active Mar 22, 2019
Blocks Shodan IPs From Scanning Your Servers.
View antiautosploit.py
#!/usr/bin/python3
import os
shodan = ["104.131.0.69", "104.236.198.48", "155.94.222.12","155.94.254.133", "155.94.254.143", "162.159.244.38", "185.181.102.18", "188.138.9.50", "198.20.69.74", "198.20.69.98", "198.20.70.114", "198.20.87.98", "198.20.99.130", "208.180.20.97", "209.126.110.38", "216.117.2.180", "66.240.192.138", "66.240.219.146", "66.240.236.119", "71.6.135.131", "71.6.146.185", "71.6.158.166", "71.6.165.200", "71.6.167.142", "82.221.105.6", "82.221.105.7", "85.25.103.50", "85.25.43.94", "93.120.27.62", "98.143.148.107", "98.143.148.135"]
for ip in shodan:
os.system("iptables -A INPUT -s {} -j DROP".format(ip))
@jgamblin
jgamblin / domains.sh
Created Dec 20, 2017
Open Websites In Firefox from List.
View domains.sh
#!/bin/bash
filename="domains.txt"
while read -r line
do
name="$line"
open -a "Firefox" https://$name
done < "$filename"
@jgamblin
jgamblin / brew.sh
Last active Feb 17, 2019
Configure Brew on MacOS and install utilities.
View brew.sh
#!/bin/bash
#Check If Brew Is Installed
if ! [ -x "$(command -v brew)" ]; then
/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
else
brew update
brew upgrade
fi
You can’t perform that action at this time.