PaulSec
/ findsubdomains.py
Last active
March 9, 2019 11:44
Python utility for https://findsubdomains.com/
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import sys | |
| from bs4 import BeautifulSoup | |
| import json | |
| import re | |
| def sanitize_data(data): | |
| return data.replace('\r\n', '').replace('\n', '').replace(' ', '').replace(' ', '') | |
| if len(sys.argv) < 2: |
NotMedic
/ markvulnerable.py
Last active
July 11, 2019 02:11
Script to mark hosts as vulnerable in Bloodhound.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| import sys, json, urllib, urllib2 | |
| #Define the Bloodhound Database | |
| url = 'http://bloodhound-server:7474/db/data/cypher/' | |
| #Define the Bloodhound Credentials | |
| #echo neo4j:bloodhound | base64 | |
| base64auth = 'bmVvNGo6Ymxvb2Rob3VuZA==' | |
| request = urllib2.Request(url) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ''' | |
| Title: SSHtranger Things | |
| Author: Mark E. Haase <[email protected]> | |
| Homepage: https://www.hyperiongray.com | |
| Date: 2019-01-17 | |
| CVE: CVE-2019-6111, CVE-2019-6110 | |
| Advisory: https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt | |
| Tested on: Ubuntu 18.04.1 LTS, OpenSSH client 7.6p1 | |
| We have nicknamed this "SSHtranger Things" because the bug is so old it could be |
marcan
/ rpi_cam_auth.py
Created
January 25, 2019 07:48
Raspberry Pi Camera V2 DRM authentication example
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import hmac, hashlib | |
| # Data from I²C trace at https://hackaday.io/project/19480-raspberry-pi-camera-v21-reversed/log/52547-i2c-logic-analyzer-trace | |
| # Secret key from VideoCore blob | |
| # serial[8], serial[7:4], serial[3:0] | |
| serial = bytes.fromhex("EE8C196D8301230B59") | |
| # rPi -> camera random number | |
| numIn = bytes.fromhex("5805F3C898C3133154498E082F2E703516F2DBD1") |
hax0kartik
/ export_symbol.idc
Last active
July 22, 2025 23:24
Export symbols from IDA to a ghidra importable symbol file
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <idc.idc> | |
| static FuncDump(f, start) | |
| { | |
| auto ea, str, count, ref; | |
| auto end; | |
| auto teststr; | |
| ea = start; |
OlderNewer