Pedram Amini pedramamini
👋
pedramamini
/ chrome_fetch.py
Last active
March 27, 2024 21:41
CLI tool and library for fetching content via Chrome driven by Selenium. Has some tricks up its sleeve to evade mechanized browser detection.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| CLI tool and library for fetching content via Chrome driven by Selenium. Has some tricks up its sleeve to evade | |
| mechanized browser detection. | |
| Pedram Amini | |
| https://pedramamini.com | |
| Requirements: | |
| pip install selenium | |
| pip install webdriver_manager |
pedramamini
/ fabric-multiplex.sh
Last active
March 27, 2024 21:39
Multiplex the stdout from a command as the stdin to numerous commands, collect the outputs under command headings in markdown format.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Pedram Amini | |
| # https://pedramamini.com | |
| run_command() { | |
| local cmd="$1" | |
| local input_file="$2" | |
| local output_file="$3" |
pedramamini
/ XProtect.yara
Created
October 19, 2017 20:18
Apple OSX built in file defense is powered by YARA: /System/Library/CoreServices/XProtect.bundle/Contents/Resources
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import "hash" | |
| private rule Macho | |
| { | |
| meta: | |
| description = "private rule to match Mach-O binaries" | |
| condition: | |
| uint32(0) == 0xfeedface or uint32(0) == 0xcefaedfe or uint32(0) == 0xfeedfacf or uint32(0) == 0xcffaedfe or uint32(0) == 0xcafebabe or uint32(0) == 0xbebafeca | |
| } |
pedramamini
/ cowsay-sticky.py
Last active
June 20, 2023 17:28
Cowsay, but via Amazon's sticky note printer. See it in action: https://stickynote.pedramamini.com
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/Users/pedram/venv3/bin/python | |
| # | |
| # The Amazon thermal sticky note printer is pretty useless as the interface is purely verbal. But... | |
| # it does expose an IP Printing port (TCP 613). Took some finagling but I'm proud to present... | |
| # | |
| # Cowsay Sticky Note Edition! | |
| # | |
| # Feed programmatic notifications via CLI or host a simple web server to receive sticky notes from friends. | |
| # |
pedramamini
/ joe_sandbox_api.py
Last active
July 11, 2022 21:10
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Joe Sandbox API wrapper. | |
| # REQUIRES: python-requests http://docs.python-requests.org/en/latest/ | |
| import sys | |
| import time | |
| import random | |
| import getpass | |
| import requests | |
| try: |
pedramamini
/ blaze.py
Last active
June 12, 2022 15:22
Blaze your way through Tinder (the dating app).
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| """ | |
| blaze through tinder | |
| Setup: | |
| - proxy / sniff out your auth token and edit constant under imports. | |
| - API may have changed. | |
| - it's hard coded to search for girls looking for guys. | |
| - this was a quick hack, i'm not maintaining it or answering questions about it. |
pedramamini
/ google_vs_microsoft.py
Last active
August 23, 2021 21:32
InQuest Labs: Trystero Project - Google vs Microsoft
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/env python | |
| """ | |
| Leverage the open API from labs.inquest.net to query the Trystero project data and compare which vendor, between | |
| Google and Microsoft "won" the most days from the given YYYY-MM-DD to now. Example: | |
| ❯ python google_vs_microsoft.py 2021-06-01 | |
| since=2021-06-01 day=2021-08-16 (64) google=21 🏆microsoft=39 | |
| google 🏆 days: 21 | |
| microsoft 🏆 days: 39 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ | |
| Read the following in an interesting article today: | |
| " Psychologists have known for some years that it is almost impossible to speak when your words are replayed to you | |
| with a delay of a fraction of a second. " | |
| Source: http://www.technologyreview.com/blog/arxiv/27620/ | |
| I found it interesting and wanted to hack together a proof-of-concept for myself. Two children are spawned, one for | |
| listening and the other for repeating what was heard. Data is shared between processes via shared memory queue. The |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/opt/research/venv/bin/python | |
| """ | |
| IQ Auto DIFF leverages InQuest Labs API to collate a list of post DFI string features from both malicious (bad) and | |
| seemingly benign (non) files. While ignoring gibberish, we'll next identify the string features exclusive to each set. | |
| The idea is that the top 25 strings found from the malicious (mal) corpus can be inclusive for a YARA rule where the | |
| top 25 strings from the seemingly benign (non) corpus can be exclusive for a YARA rule. | |
| This script will take upwards of 20 minutes to run. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/env python | |
| """ | |
| This script is intended to be run via a daily cron job and will retrieve up to MAX_DAILY interesting samples with | |
| relevant JSON metadata containing extruded layers, IOCs, etc. | |
| This script requires the installation of: | |
| https://github.com/inquest/python-inquestlabs |
NewerOlder