lopes

from sys import argv
from datetime import datetime, timezone
from secrets import choice
from string import ascii_letters, digits
from hashlib import sha256
from json import dumps
from http.client import HTTPSConnection


'''

lopes

#!/bin/sh

# Retrieves alerts from Cortex XDR.
# PARAMETERS:
#   - $1: First item (start)
#   - $2: Number of items at each round (must be <= 100)
#   - $3: Number of pages desired (number of rounds)
# REQUIRES:
#   - API key and its ID from Cortex XDR
#   - Standard Authentication for the API key

lopes

#!/usr/bin/env bash

# In SOC, when an external IP address is involved in an incident,
# we check it to try to identify the owner and if there is any
# incident related to that address. A few sites in internet
# offer this service, such as AbuseIPDB (https://www.abuseipdb.com/),
# Greynoise (https://www.greynoise.io/), and
# VirusTotal (https://www.virustotal.com/).
#
# Author.: José Lopes <lopes.id>

lopes

#!/bin/env python3

'''
Finds Indicators of Compromise (IoCs) in text files.
Usage:
    $ iocfinder.py file.txt
Based on:
    1. https://github.com/stephenbrannon/IOCextractor
    2. https://github.com/PaloAltoNetworks/ioc-parser
Todo:

lopes

#/bin/sh
#bookepr.sh
#
# Packs and unpacks sensitive data in a more secure fashion.
# Read $HELP for usage tips.
#
# Author: José Lopes <lopes.id>
# License: MIT
# Date: 2021-09-28
##

lopes

#!/usr/local/bin/python3

'''
Monitors some log files and send new entries to syslog.
This script requires a config file to import paths to the files.
The main concept is that there are a repository with log files
(which I call 'source files') and an auxiliary repository of
files ('working files').
The idea here is to create a copy of source files in the work
directory, then calculating the diff between the source files

lopes

#!/bin/sh
#
# Reads a Brazilian "Nota Fiscal Eletrônica" in PDF format,
# figures out what is it competence (the reference in time
# for that document), and then renames the file using this
# data, like: %Y%m[-COUNT].pdf.
#
# Note: the regex may differ according the format used in
# the PDF file (data disposition), so it should be
# adjusted accordingly.

lopes

#!/usr/bin/env python3
#
# Simple examples on using different block cipher modes 
# of operation (NIST SP 800-38A) with AES.
#
# Warning: this script is just an example!  You must be
# very confident on your work (or insane) to implement
# this kind of code in production, because it's safer
# to use wide tested frameworks like PyNaCl.
#

lopes

#!/usr/bin/env python3
import re
import logging


from imaplib import IMAP4_SSL
from email import message_from_bytes
from email.parser import HeaderParser
from email.header import decode_header, make_header
from email.utils import parsedate_to_datetime, localtime

lopes

#!/usr/bin/env python3

'''Squid Cleaner

This script takes a file with a list of domains in Squid format
separated by "comma-space" and outputs a new list without 
duplicates, shadows (.domain.com and domain.com <-removes this),
and overlaps (.domain.com, sub.domain.com <-removes this).

It can also check is domains are responsive, but of course this