Skip to content

Instantly share code, notes, and snippets.

@roycewilliams
roycewilliams / troyhunt-320M-SHA1-PACK-analysis.txt
Last active Nov 29, 2020
troyhunt-320M-SHA1-PACK-analysis.txt
View troyhunt-320M-SHA1-PACK-analysis.txt
# PACK statsgen analysis of Troy Hunt's 320 million pwned password list
# (As announced in https://www.troyhunt.com/introducing-306-million-freely-downloadable-pwned-passwords/)
#
# Major components of this corpus are the antipublic and exploit.in leaks.
# Also very likely to contain rockyou and linkedin, at a minimum.
#
# This analysis includes founds from the hashes included in Hunt's Update 1 from 2017-08-04
# (as downloaded from https://haveibeenpwned.com/Passwords)
# This analysis does NOT yet include Update 2 from 2017-08-05
#
@aescalana
aescalana / manageFlaskSession.py
Last active Jun 10, 2021
Decode and Encode Flask's session cookie. Great for testing purposes; only the secret key is needed
View manageFlaskSession.py
#!/usr/bin/env python
from flask.sessions import SecureCookieSessionInterface
from itsdangerous import URLSafeTimedSerializer
class SimpleSecureCookieSessionInterface(SecureCookieSessionInterface):
# Override method
# Take secret_key instead of an instance of a Flask app
def get_signing_serializer(self, secret_key):
if not secret_key:
return None
@oaass
oaass / filedec.py
Last active Aug 9, 2021
Helper script to try many different openssl cipher algorithms against a file
View filedec.py
#!/usr/bin/env python
import subprocess
import argparse
import os
import sys
def yesno(message_type, default = 'y'):
if message_type == 'DELETE_FILES_IN_FOLDER':
question = 'The folder is not empty. Do you want to delete the files in it?'