Skip to content

Instantly share code, notes, and snippets.

View ACK-J's full-sized avatar

Hacks and Hops ACK-J

83 followers · 7 following
View GitHub Profile
@ACK-J
ACK-J / Syscall.py
Created October 2, 2020 16:08
A function which can make a syscall in python and return stdout, stderr and the return-code
import subprocess
def runcommand(cmd):
proc = subprocess.Popen(cmd,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
shell=True,
universal_newlines=True)
std_out, std_err = proc.communicate()
return proc.returncode, std_out, std_err
@ACK-J
ACK-J / auto_cname.sh
Created March 27, 2021 03:36
One-liner to find all CNAME's for each subddomain of a given domain
while read line; do dig @1.1.1.1 +short "$line" cname >> out.txt; done < <(assetfinder -subs-only domain.com)
@ACK-J
ACK-J / metrix_block.py
Last active July 17, 2023 20:03
Find all the domains ThreatMetrix is using to exfil user tracking data
from shodan import Shodan
api = Shodan('API-KEY')
results = api.search('isp:"ThreatMetrix Inc." port:443 Bad Request')
for banner in results['matches']:
# Only care about services that use SSL
if 'ssl' in banner:
print(banner['ssl']['cert']['subject']['CN'])
@ACK-J
ACK-J / ThreatMetrixData.txt
Created April 4, 2021 21:28
All the data the ThreatMetrix script collects after running and sends back to Lexis Nexis.
agent_publickey = 3059301306072a8648ce3d020106082a8648ce3d03010703420004f2b81b1902a771c8c24f09c6bd8be647d33bd139269856418a42c5a78343d943a03ac2173529a816f797a803563de6ecdd25572ce09af8c081c02303bac0c4d3
agent_publickey_hash = 525f76180e55012341ffe12bcfb5587adad1b920
agent_publickey_hash_result = not found
agent_publickey_hash_type = web:ecdsa
agent_type = browser_computer
alert_id = 9598
api_call_datetime = 2019-12-16 15:24:42.595
api_key = fioxxxxxxxxxx370
api_site_id = api101.qa2.sac.
api_type = session-query
@ACK-J
ACK-J / ThreatMetrixEndpoints.txt
Last active November 10, 2023 09:16
All endpoints currently known which are used to run ThreatMetrix's invasive data collection scripts
*.caesarscasino.com
*.credit24.com
*.credit24.com.au
*.creditea.com
*.fashionette.de
*.hapipozyczki.pl
*.ideafinancial.com
*.mohegansuncasino.com
*.online-metrix.net
*.qa.threatmetrix.com
@ACK-J
ACK-J / parrot_kali_install.sh
Last active March 5, 2025 15:50
OffSec Tools Install
#!/bin/bash
# System Updates
sudo apt-get update -y
sudo apt-get full-upgrade --fix-missing -y
sudo apt-get autoremove -y
#sudo parrot-upgrade
# Alias to Fix Virtual Box issues
# alias FixVM="killall /usr/bin/VBoxClient 2> /dev/null; /usr/bin/VBoxClient --clipboard && /usr/bin/VBoxClient --seamless && /usr/bin/VBoxClient --vmsvga && /usr/bin/VBoxClient --draganddrop && /usr/bin/VBoxClient --checkhostversion"
@ACK-J
ACK-J / Churn.exp
Created June 8, 2024 18:18
churn large outputs
#!/usr/bin/expect -f
if {[llength $argv] != 5} {
puts stderr "Usage: Pass an amount and a priority as arguments!"
exit 1
}
set walletName [lindex $argv 0];
set network [lindex $argv 1];
set REMOTE_NODE [lindex $argv 2];
set PORT [lindex $argv 3];
set address [lindex $argv 4];
@ACK-J
ACK-J / Send_DKIM_Email.py
Last active June 30, 2024 07:41
Sign and send an email using a DKIM private key from disk
import dkim # pip3 install dkimpy
import smtplib
import time
from email.mime.multipart import MIMEMultipart
from email.mime.text import MIMEText
from email.utils import formatdate
# Set params
destination = "TODO" # Victim SMTP server
smtp = "TODO" # Victim email
@ACK-J
ACK-J / Reconstruct_Private_RSA_Key.py
Created June 25, 2024 13:10
#!/usr/bin/python3
# The following code was written by Wulf on #crypto (Libera)
from math import gcd
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives.asymmetric.rsa import (
RSAPublicNumbers,
RSAPrivateNumbers,
rsa_crt_iqmp,
@ACK-J
ACK-J / DMARC_and_SPF_Check.py
Last active February 4, 2025 16:34
import dns.resolver
import sys
from tld import get_fld
def get_root_domain(domain):
return get_fld(domain, fix_protocol=True)
def check_dmarc(domain):
try:
answers = dns.resolver.resolve(f'_dmarc.{domain}', 'TXT')