Skip to content

Instantly share code, notes, and snippets.

View ACK-J's full-sized avatar
🍺

Hacks and Hops ACK-J

🍺
110 followers · 9 following
View GitHub Profile
@ACK-J
ACK-J / install_xss_canary_callback_server.sh
Last active July 28, 2025 19:48
#!/bin/bash
# Automated setup script for XSS Canary Callback server
# Define color variables
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m' # No Color
@ACK-J
ACK-J / csp_meta.py
Created December 6, 2024 22:37
Quick and Easy Python Server that Returns a Vulnerable CSP via Meta HTML Tag
import http.server
import socketserver
import ssl
# Run: openssl req -new -x509 -days 365 -nodes -out server.crt -keyout server.key
PORT = 8000
class MyRequestHandler(http.server.SimpleHTTPRequestHandler):
def do_GET(self):
# Set the response code and headers
self.send_response(200)
@ACK-J
ACK-J / csp.py
Created December 6, 2024 22:36
Quick and Easy Python Server that Returns a Vulnerable CSP via Headers
import http.server
import socketserver
PORT = 8000
class MyRequestHandler(http.server.SimpleHTTPRequestHandler):
def do_GET(self):
# Set the Content Security Policy header
self.send_response(200)
self.send_header("Content-Type", "text/html")
@ACK-J
ACK-J / DMARC_and_SPF_Check.py
Last active February 4, 2025 16:34
import dns.resolver
import sys
from tld import get_fld
def get_root_domain(domain):
return get_fld(domain, fix_protocol=True)
def check_dmarc(domain):
try:
answers = dns.resolver.resolve(f'_dmarc.{domain}', 'TXT')
@ACK-J
ACK-J / Reconstruct_Private_RSA_Key.py
Created June 25, 2024 13:10
#!/usr/bin/python3
# The following code was written by Wulf on #crypto (Libera)
from math import gcd
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives.asymmetric.rsa import (
RSAPublicNumbers,
RSAPrivateNumbers,
rsa_crt_iqmp,
@ACK-J
ACK-J / Send_DKIM_Email.py
Last active June 30, 2024 07:41
Sign and send an email using a DKIM private key from disk
import dkim # pip3 install dkimpy
import smtplib
import time
from email.mime.multipart import MIMEMultipart
from email.mime.text import MIMEText
from email.utils import formatdate
# Set params
destination = "TODO" # Victim SMTP server
smtp = "TODO" # Victim email
@ACK-J
ACK-J / Churn.exp
Created June 8, 2024 18:18
churn large outputs
#!/usr/bin/expect -f
if {[llength $argv] != 5} {
puts stderr "Usage: Pass an amount and a priority as arguments!"
exit 1
}
set walletName [lindex $argv 0];
set network [lindex $argv 1];
set REMOTE_NODE [lindex $argv 2];
set PORT [lindex $argv 3];
set address [lindex $argv 4];
@ACK-J
ACK-J / parrot_kali_install.sh
Last active September 26, 2025 16:12
OffSec Tools Install
#!/bin/bash
# System Updates
sudo apt-get update -y
sudo apt-get full-upgrade --fix-missing -y
sudo apt-get autoremove -y
sudo apt-get -y dist-upgrade
sudo apt-get -y install linux-headers-$(uname -r)
#sudo parrot-upgrade
# Alias to Fix Virtual Box issues
@ACK-J
ACK-J / ThreatMetrixEndpoints.txt
Last active September 22, 2025 09:05
All endpoints currently known which are used to run ThreatMetrix's invasive data collection scripts
*.caesarscasino.com
*.credit24.com
*.credit24.com.au
*.creditea.com
*.fashionette.de
*.hapipozyczki.pl
*.ideafinancial.com
*.mohegansuncasino.com
*.online-metrix.net
*.qa.threatmetrix.com
@ACK-J
ACK-J / ThreatMetrixData.txt
Created April 4, 2021 21:28
All the data the ThreatMetrix script collects after running and sends back to Lexis Nexis.
agent_publickey = 3059301306072a8648ce3d020106082a8648ce3d03010703420004f2b81b1902a771c8c24f09c6bd8be647d33bd139269856418a42c5a78343d943a03ac2173529a816f797a803563de6ecdd25572ce09af8c081c02303bac0c4d3
agent_publickey_hash = 525f76180e55012341ffe12bcfb5587adad1b920
agent_publickey_hash_result = not found
agent_publickey_hash_type = web:ecdsa
agent_type = browser_computer
alert_id = 9598
api_call_datetime = 2019-12-16 15:24:42.595
api_key = fioxxxxxxxxxx370
api_site_id = api101.qa2.sac.
api_type = session-query