Skip to content

Instantly share code, notes, and snippets.

View jgamblin's full-sized avatar

Jerry Gamblin jgamblin

1.7k followers · 11 following
View GitHub Profile
@jgamblin
jgamblin / NVD.py
Last active November 2, 2021 09:30
NVD CVEs to Indivual JSON files
import requests
import json
import gzip
import os
import codecs
import time
from datetime import timedelta
start = time.time()
count = 0
@jgamblin
jgamblin / vc-local.py
Created June 28, 2019 18:55
A Local Version of VulnerableContainers.org
import csv
import os
import re
import requests
import subprocess
import time
from datetime import timedelta
from more_itertools import unique_everseen
start = time.time()
@jgamblin
jgamblin / popular_containers.py
Created June 27, 2019 19:02
Find The Most Pulled Containers From Docker Hub
@jgamblin
jgamblin / sort.txt
Created June 18, 2019 12:51
Container Vulns Sort
Owner/Container1
Total: 23 (UNKNOWN: 0, LOW: 3, MEDIUM: 13, HIGH: 7, CRITICAL: 0)
Owner/Container2
Total: 16 (UNKNOWN: 0, LOW: 2, MEDIUM: 12, HIGH: 2, CRITICAL: 0)
Owner/Container3
Total: 85 (UNKNOWN: 0, LOW: 7, MEDIUM: 44, HIGH: 24, CRITICAL: 10)
Owner/Container4
@jgamblin
jgamblin / bash_profile
Created September 30, 2018 19:38
Bash Settings
# Add `~/bin` to the `$PATH`
export PATH="$HOME/bin:$PATH";
# Load the shell dotfiles, and then some:
# * ~/.path can be used to extend `$PATH`.
# * ~/.extra can be used for other settings you don’t want to commit.
for file in ~/.{path,bash_prompt,exports,aliases,functions,extra}; do
[ -r "$file" ] && [ -f "$file" ] && source "$file";
done;
unset file;
@jgamblin
jgamblin / nmapburp.sh
Created September 6, 2018 19:49
NMap a network and send all open web servers to Burp.
#!/bin/bash
#Script to Scan All Sites Found With A Simple NMAP Scan With Burp.
sites=$(nmap "$1" --open 443 --resolve-all --open -oG - | awk 'NR!=1 && /open/{print $2}')
for site in $sites
do
curl -vgw "\\n" 'http://127.0.0.1:1337/v0.1/scan' -d '{"urls":["'"$site"'"]}' > /dev/null 2>&1
printf "Scanning %s with burp.\\n" "$site"
done
@jgamblin
jgamblin / websiteup.sh
Created September 3, 2018 13:42
Simple Bash Script To Take A Long List Of Domains And Return Only Ones With Webpages.
#!/bin/bash
for url in $(cat domains.txt)
do
if curl --output /dev/null --silent --head --fail "$url"; then
printf "$url \\n"
else
:
fi
done
@jgamblin
jgamblin / bountyburp.sh
Created August 30, 2018 14:05
Bulk Bug Bounty Scanning With Burp 2.0
#!/bin/bash
#Simple Script To Scan All Public Bounty Sites With Burp 2.0
sites=$(curl https://raw.githubusercontent.com/arkadiyt/bounty-targets-data/master/data/domains.txt)
for site in $sites
do
curl -vgw "\\n" 'http://127.0.0.1:1337/v0.1/scan' -d '{"urls":["'"$site"'"]}'
done
@jgamblin
jgamblin / readme.md
Last active October 5, 2022 10:55
Bot that posts SSH logins to slack.

SSH Slackbot

This is a simple slackbot to post successful SSH logins to a slack channel to help you keep track of server access.

Step 1

Create an incoming webhook for your slack community.

Step 2

Create /etc/ssh/sshslack.sh

@jgamblin
jgamblin / instantkali.sh
Created March 5, 2018 00:39
Start an EC2 Kali Instance In Under 60 Seconds.
#!/bin/bash
set -e
set -u
clear
ami="ami-10e00b6d"
size="t2.medium"
today=$(date +"%m-%d-%y-%H%M")
localip=$(curl -s https://ipinfo.io/ip)