This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
# Uses Shadowserver's `ASN and Network Queries` API | |
# See https://www.shadowserver.org/what-we-do/network-reporting/api-asn-and-network-queries/ | |
# Preferred over similar free services as it offers better normalisation of ASN Names | |
# Beware of rate limiting, 10 queries/second | |
import json | |
import requests |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
import json | |
import requests | |
username = "" | |
key = "" | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
#Simple script for VirtuaBox memory extraction | |
# Usage: vboxmemdump.sh <VM name> | |
# See https://www.andreafortuna.org/2017/06/23/how-to-extract-a-ram-dump-from-a-running-virtualbox-machine/ | |
VBoxManage debugvm $1 dumpvmcore --filename=$1.elf | |
size=0x$(objdump -h $1.elf|egrep -w "(Idx|load1)" | tr -s " " | cut -d " " -f 4) | |
off=0x$(echo "obase=16;ibase=16;`objdump -h $1.elf|egrep -w "(Idx|load1)" | tr -s " " | cut -d " " -f 7 | tr /a-z/ /A-Z/`" | bc) | |
head -c $(($size+$off)) $1.elf|tail -c +$(($off+1)) > $1.raw |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
''' | |
Description: Fetches and parses TryHackMe profile stats | |
Author: Sajid Nawaz Khan, @snkhan | |
Date: 1 January 2021 | |
''' | |
import requests | |
import base64 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Lzm is needed to calculate the hash of encrypted 7z archives | |
# Use in combination with 7z2hashcat available at https://github.com/philsmd/7z2hashcat | |
brew install hashcat | |
sudo cpan IO::Compress::Lzm |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Data Source | Potential Techniques Detected | |
---|---|---|
Access Tokens | 1 | |
Anti-Virus | 6 | |
API Monitoring | 36 | |
Application Logs | 5 | |
Asset Management | 1 | |
Authentication Logs | 28 | |
Binary File Metadata | 17 | |
BIOS | 2 | |
Browser Extensions | 1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### Keybase proof | |
I hereby claim: | |
* I am ssnkhan on github. | |
* I am snkhan (https://keybase.io/snkhan) on keybase. | |
* I have a public key ASC8uSYs9BNWLHymA64GoSpOhCAwfbVjPH4Qgn2l2qzlJgo | |
To claim this, I am signing this object: |