Skip to content

Instantly share code, notes, and snippets.

View singe's full-sized avatar

Dominic White singe

269 followers · 0 following
View GitHub Profile
@singe
singe / agenda_tracker.xlsx
Last active February 8, 2024 06:44
An agenda planner and time tracker
@singe
singe / mirror.sh
Created August 18, 2023 09:18
A quick 'n dirty website mirror script
#!/bin/sh
# A quick 'n dirty website mirror script
# by @singe
# Ideally, wget -r should mirror a site, but modern websites are complex, this
# tries to fix the gaps of what is typically mixed.
# It's been tested on 3 or 4 sites, and likely needs more tricks added.
sourcedomain="$1"
depth="$2"
@singe
singe / Readme.md
Last active August 12, 2023 15:32
Using OSC7 to trigger a canary token in text files

Using OSC7 to trigger a canary token in text files

macOS' Terminal.app supports the OSC7 escape code for notifying the terminal of the current working directory. It also supports the file:// URL scheme. This means you can embed a hostname in the instruction, and the host will perform a DNS lookup against it. It also won't visibly render in the terminal.

You can create the escape code like this: printf '\033]7;file://<hostname>\033\\'

I tested Terminal.app, Microsoft command shell, Windows Terminal and Alacritty and it only worked on Terminal.app. OSC7 support is contentious across other terminals according to various pull request discussions.

This was discussed in @stokfredrik's BlackHat/Defcon 2023 talk https://i.blackhat.com/BH-US-23/Presentations/US-23-stok-weponizing-plain-text-ansi-escape-sequences-as-a-forensic-nightmare-appendix.pdf

@singe
singe / date-since.py
Created July 11, 2023 17:12
A simple “date since” tracker with milestones for Pythonista
import datetime
import ui
v = ui.load_view()
width, height = ui.get_screen_size()
v.frame = (0, 0, width, height)
v.present('sheet')
first = datetime.datetime(2023, 1, 1, 0, 0, 0, 0)
@singe
singe / hashcat_maskgen.sh
Created April 17, 2023 11:16
Generate a list of hashcat masks from a wordlist
#!/bin/bash
# hashcat mask generator
# by @singe
infile="$1"
outfile="$1.freq.masks"
outfile2="$1.length.masks"
tmp=$(mktemp)
@singe
singe / inplace-maskgen.sh
Last active April 19, 2023 17:37
Convert clear passwords into slightly more generalised brute force masks for hashcat mode -a3
#!/bin/sh
file="$1"
tmp=$(mktemp)
# change specials & digits to hashcat format
sed -e "s/[[:punct:]]/?s/g" \
-e "s/[[:digit:]]/?d/g" \
$file \
> $tmp \
&& \
@singe
singe / hc-to-john-utf8.sh
Created February 11, 2022 13:25
Hashcat Wordlist Stuff
#!/bin/bash
# Convert hashcat.pot to john.pot and merge them
# Usage: hc-to-john.sh <hashcat pot> <john pot>
# NB: Make sure the hashcat pot only contains 16
# and 32 character hashes that are LM and NT hashes
tmp1=$(mktemp -t pot-port)
tmp2=$(mktemp -t pot-port)
hashpot=$1
LC_ALL=UTF-8 sed 's/^\([a-f0-9]\{32\}:[^:]*\)$/$NT$\1/' $hashpot | grep '^\$NT\$' > $tmp1
@singe
singe / macos_perf_notes.md
Last active January 16, 2022 16:05
macOS Perf Approaches

Remember to compile with debug.

Use DTrace - onCPU

  1. Clone https://github.com/brendangregg/FlameGraph

  2. Trace command sudo dtrace -c '<command>' -o out.stacks -n 'profile-997 /execname == "<command name>"/ { @[ustack(100)] = count(); }' > /dev/null

  3. Create Graph

@singe
singe / get-shift.sh
Created August 11, 2021 21:17
Display the commands required to merge to packet captures and align their time stamps
#!/bin/bash
one=$1
two=$2
if [[ $one == "" || $two == "" ]]; then
echo Display commands to merge two packet captures to the same time
echo $0 "<cap one> <cap two> <offset>"
exit 1
fi
offset=$3
if [[ ! $offset > 0 ]]; then
@singe
singe / README.md
Last active November 7, 2022 19:06
Canarytoken'ed Word .docx yara rule

Remember to unzip the .docx first, or use scan.sh.

Compile the yara rule for scan.sh to work yarac canarytoken.yar canarytoken