Skip to content

Instantly share code, notes, and snippets.

Avatar

Nate Warfield n0x08

View GitHub Profile
@n0x08
n0x08 / gnMonthlyInfected.py
Last active Feb 25, 2021
Report infected hosts by count from Greynoise.io data
View gnMonthlyInfected.py
# !/usr/bin/env python
# gnMonthlyInfected.py
#
# Report statistics on monthly infections
# in a specified Autonomous System as seen
# by Greynoise.io
#
# Requires: Greynoise API key
#
# Example: python3 gnMonthlyInfected.py AS12345
@n0x08
n0x08 / shoGrey_ip.py
Last active Feb 25, 2021
Lookup IP address against greynoise.io and shodan
View shoGrey_ip.py
# !/usr/bin/env python
# shoGrey_ip.py
#
# Stupid simple IP lookup against Greynoise.io
# Also looks up against Shodan and returns ports, tags, vulns
# requires json, requests, shodan
#
# Also requires Shodan API key
#
# Example: python3 shoGrey_ip.py 1.2.3.4
@n0x08
n0x08 / sslChainDeetz.py
Created Mar 5, 2018
Shodan SSL Chain cert details
View sslChainDeetz.py
# !/usr/bin/env python
# sslChainDeetz.py
#
# Dependencies:
# - shodan
# - pyOpenSSL
#
# Installation:
# sudo easy_install shodan
#
@n0x08
n0x08 / findPwnedDB.py
Last active Feb 25, 2021
Find compromised NoSQL & Docker systems from Shodan JSON export
View findPwnedDB.py
#!/usr/bin/env python
# findPwnedDB.py
#
# Last update: 1/13/2020
#
# Added:
# CassandraDB support
# Additional DBs
# Docker XMR mining flags (Thanks Unit42!)
# https://unit42.paloaltonetworks.com/graboid-first-ever-cryptojacking-worm-found-in-images-on-docker-hub/