Slides and code examples from my "Pythons Sinister Secrets" presentation.
The slide deck can be downloaded here.
MarkBaggett MarkBaggett
MarkBaggett
/ pe_scan_difficult_finished.py
Last active
July 4, 2019 19:52
Python Windows DLLs finding and calling
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import pefile | |
| import sys | |
| import ctypes | |
| import glob | |
| import argparse | |
| import itertools | |
| def search_tables(thefile, pename, search = []): | |
| if hasattr(thefile, "DIRECTORY_ENTRY_IMPORT"): | |
| if args.verbose or args.dump: |
MarkBaggett
/ 1 - pythons_sinister_secrets.md
Last active
April 16, 2023 21:37
Come To The Darkside - Pythons Sinister Secrets
MarkBaggett
/ Decorators_demystified.md
Last active
February 7, 2021 09:42
Decorators Demystified Presentation
This is the material for SANS Webcast where we deep dive into the internals of how Python Decorators work. To understand this material you will want to watch the associated presentation.
The registration link is here: https://www.sans.org/webcasts/python-decorators-demystified-108900
(update) The talk has been archived here : https://www.youtube.com/watch?v=M4FrdJKGwX4&t=1981s
MarkBaggett
/ escape_room
Last active
May 27, 2024 19:21
Notes on an escape room using home assistant.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| As requested here is a walk through for the "Escape room" challenge I threw together for a party at my house. This was developeed in about 5 hours. It took guests about 45 minutes to complete. I have several things I would like to do to improve it over the next could iterations. | |
| Notes to the reader: | |
| - Requires Home Assistant https://www.home-assistant.io | |
| - Requires App Daemon https://www.home-assistant.io/docs/ecosystem/appdaemon/ | |
| - My home includes Philips Hue lights, Ecobee thermostat, arlo cameras, some smart TV's and other devices used in the challenges. | |
| - It is not shown in the code below but I also have printed puzzles and ammo boxes with combination locks throughout the house. Generally a printed puzzle leads players to physical activity that triggers a "smart home puzzle" which leads them to a combination to unlock the next ammo box containing the next printed puzzle. Lather, rince, repeat. | |
| - Not all puzzles are published here but this is enough to get your creative juices flowing. | |
| - Th |
MarkBaggett
/ gist:29995da8bd4e22681ad8cf2bdb139fb2
Created
March 26, 2018 20:06
Rainbow Tables Challenge
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import argparse | |
| import math | |
| import random | |
| import hashlib | |
| import codecs | |
| """ | |
| Given the following MD5 Rainbow table that was generate using this program, determine | |
| the password for this hash bcccb2598de87da2952522eae448b356. You must use this program |
MarkBaggett
/ pxpowershell.py
Created
November 29, 2017 19:32
pxpowershell - A super simple interface to Powershell from Python
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| #Quick and Dirty Python Interface to Powershell from Python | |
| #Requires pexpect module. Try "pip install pexpect" | |
| import pexpect | |
| from pexpect.popen_spawn import PopenSpawn | |
| import re | |
| import time | |
| class pxpowershell(object): | |
| def __init__(self, *args, **kwargs): |
MarkBaggett
/ custom_caesar.py
Last active
July 16, 2023 14:57
Python - SQLMAP - Tamper Script for Custom Caesar Cypher
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| from lib.core.data import kb | |
| from lib.core.enums import PRIORITY | |
| import string | |
| __priority__ = PRIORITY.NORMAL | |
| def dependencies(): | |
| pass |
MarkBaggett
/ scapy_helper.py
Last active
March 25, 2024 21:59
Python - SCAPY - Full Packet Session Reassembly
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #From here https://pen-testing.sans.org/blog/2017/10/13/scapy-full-duplex-stream-reassembly | |
| def full_duplex(p): | |
| sess = "Other" | |
| if 'Ether' in p: | |
| if 'IP' in p: | |
| if 'TCP' in p: | |
| sess = str(sorted(["TCP", p[IP].src, p[TCP].sport, p[IP].dst, p[TCP].dport],key=str)) | |
| elif 'UDP' in p: | |
| sess = str(sorted(["UDP", p[IP].src, p[UDP].sport, p[IP].dst, p[UDP].dport] ,key=str)) |
NewerOlder