Skip to content

Instantly share code, notes, and snippets.

jose nazario paralax

Block or report user

Report or block paralax

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@paralax
paralax / vulmap_osx.py
Last active May 29, 2019
check for software vulnerabilities on OSX
View vulmap_osx.py
import glob
import plistlib
import sys
import xml
import requests
class VulnScanner(object):
def __init__(self):
self.url = 'https://vulmon.com/scannerapi?product={0}&version={1}&dev=1'
@paralax
paralax / README.md
Last active May 29, 2019
Using Terraform and Docker, demoed with CyberChef
View README.md

Using Terraform and Docker on OSX

Recently I had to learn myself some Terraform for real, and it hit me - Docker (which I have come to use extensively) would be a perfect environment in which to do this.

Before you begin, make sure you have Terraform installed:

$ brew install terraform

Start the Docker TCP listener

@paralax
paralax / magecart.yar
Created Mar 20, 2019
yara rule to scan for magecart signals in HTML bodies
View magecart.yar
rule magecart
{
meta:
description = "This rule screens web pages to look for Magecart in script tag sources"
thread_level = 3
in_the_wild = true
strings:
$scriptopen = "<script "
$scriptclose = "</script>"
@paralax
paralax / censys.go
Last active May 29, 2019
search censys from the CLI
View censys.go
package main
import (
"encoding/json"
"fmt"
"github.com/abadojack/gocensys"
"log"
"os"
"strings"
)
@paralax
paralax / to_cpes.py
Created Nov 2, 2018
prototype code to convert a web client user-agent to a sequence of MITRE CPE strings
View to_cpes.py
import re
import shlex
# application-specific
def tocpe(prodstring):
if prodstring.startswith('Mozilla') or prodstring.startswith('Gecko'):
return None
templ = 'cpe:/a:{0}:{1}:{2}'
vendor = '*'
application = '*'
@paralax
paralax / avtech_rce.py
Last active Oct 25, 2018
Routersploit module for AVTECH Device Command Execution
View avtech_rce.py
from routersploit.core.exploit import *
from routersploit.core.http.http_client import HTTPClient
class Exploit(HTTPClient):
__info__ = {
"name": "AVTECH Device Command Execution",
"description": """This module exploits a vulnerability in AVTECH device httpd server. The cgi_query action in Search.cgi performs HTML requests with the wget system command, which uses the received parameters without sanitization or verification. By exploiting this issue, an attacker can execute any system command with root privileges without authentication.""",
"authors": (
"@jnazario", # routersploit module
'Gergely Eberhardt' # discovery and PoC
@paralax
paralax / dlink_dwr_cred.py
Last active Oct 21, 2018
D-Link Router Credential Retrieval
View dlink_dwr_cred.py
@paralax
paralax / dlink_dwr_dir_traversal.py
Created Oct 18, 2018
D-Link router Directory Traversal
View dlink_dwr_dir_traversal.py
@paralax
paralax / dlink_dwr_rce.py
Created Oct 18, 2018
D-Link router Command Execution
View dlink_dwr_rce.py
View spelling-bee-generator.fsx
open System
open System.IO
(*
how it works
- computes the Zipfs law letter distribution
- finds all words with 7 distinct letters
- from those it can then generate puzzles by placing the least likely letter in the center
*)
You can’t perform that action at this time.