This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
""" | |
CLI tool and library for fetching content via Chrome driven by Selenium. Has some tricks up its sleeve to evade | |
mechanized browser detection. | |
Pedram Amini | |
https://pedramamini.com | |
Requirements: | |
pip install selenium | |
pip install webdriver_manager |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Pedram Amini | |
# https://pedramamini.com | |
run_command() { | |
local cmd="$1" | |
local input_file="$2" | |
local output_file="$3" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import "hash" | |
private rule Macho | |
{ | |
meta: | |
description = "private rule to match Mach-O binaries" | |
condition: | |
uint32(0) == 0xfeedface or uint32(0) == 0xcefaedfe or uint32(0) == 0xfeedfacf or uint32(0) == 0xcffaedfe or uint32(0) == 0xcafebabe or uint32(0) == 0xbebafeca | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/Users/pedram/venv3/bin/python | |
# | |
# The Amazon thermal sticky note printer is pretty useless as the interface is purely verbal. But... | |
# it does expose an IP Printing port (TCP 613). Took some finagling but I'm proud to present... | |
# | |
# Cowsay Sticky Note Edition! | |
# | |
# Feed programmatic notifications via CLI or host a simple web server to receive sticky notes from friends. | |
# |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Joe Sandbox API wrapper. | |
# REQUIRES: python-requests http://docs.python-requests.org/en/latest/ | |
import sys | |
import time | |
import random | |
import getpass | |
import requests | |
try: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
""" | |
blaze through tinder | |
Setup: | |
- proxy / sniff out your auth token and edit constant under imports. | |
- API may have changed. | |
- it's hard coded to search for girls looking for guys. | |
- this was a quick hack, i'm not maintaining it or answering questions about it. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/env python | |
""" | |
Leverage the open API from labs.inquest.net to query the Trystero project data and compare which vendor, between | |
Google and Microsoft "won" the most days from the given YYYY-MM-DD to now. Example: | |
❯ python google_vs_microsoft.py 2021-06-01 | |
since=2021-06-01 day=2021-08-16 (64) google=21 🏆microsoft=39 | |
google 🏆 days: 21 | |
microsoft 🏆 days: 39 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
""" | |
Read the following in an interesting article today: | |
" Psychologists have known for some years that it is almost impossible to speak when your words are replayed to you | |
with a delay of a fraction of a second. " | |
Source: http://www.technologyreview.com/blog/arxiv/27620/ | |
I found it interesting and wanted to hack together a proof-of-concept for myself. Two children are spawned, one for | |
listening and the other for repeating what was heard. Data is shared between processes via shared memory queue. The |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/opt/research/venv/bin/python | |
""" | |
IQ Auto DIFF leverages InQuest Labs API to collate a list of post DFI string features from both malicious (bad) and | |
seemingly benign (non) files. While ignoring gibberish, we'll next identify the string features exclusive to each set. | |
The idea is that the top 25 strings found from the malicious (mal) corpus can be inclusive for a YARA rule where the | |
top 25 strings from the seemingly benign (non) corpus can be exclusive for a YARA rule. | |
This script will take upwards of 20 minutes to run. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/env python | |
""" | |
This script is intended to be run via a daily cron job and will retrieve up to MAX_DAILY interesting samples with | |
relevant JSON metadata containing extruded layers, IOCs, etc. | |
This script requires the installation of: | |
https://github.com/inquest/python-inquestlabs |
NewerOlder