Te-k
/ gist:4215e539b93418b4f2fcd9102c569747
Created
November 28, 2018 13:22
— forked from peterclemenko/gist:97f92f61845af3844733
Hacking team client renewal
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Originally posted at: http://pastebin.com/MP8zpQ26 | |
| HACKING TEAM CLIENT RENEWAL DATES | |
| From: Client List_Renewal date.xlsx | |
| Name Country Name Maintenance Status | |
| AFP Australia Australian Federal Police - Expired | |
| AZNS Azerbaijan Ministry of National Defence 6/30/2015 Active | |
| BHR Bahrain Bahrain 5/5/2015 Not Active | |
| PHANTOM Chile Policia de Investigation 12/10/2018 Delivery scheduled (end of november) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import re | |
| from urllib.parse import parse_qs | |
| regex = re.compile('^(?P<ip>\S+)\s+-\s*(?P<userid>\S+)\s+\[(?P<datetime>[^\]]+)\]\s+"(?P<method>[A-Z]+)\s*(?P<request>[^ "]+)?\s*(HTTP/(?P<http_version>[0-9.]+))?"\s+(?P<status>[0-9]{3})\s+(?P<size>[0-9]+|-)\s+"(?P<referer>[^"]*)"\s+"(?P<user_agent>[^"]*)"') | |
| def parse_log(log): | |
| res = regex.match(line) | |
| if not res: | |
| raise(ValueError('Invalid log format')) | |
| res = res.groupdict() |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| from bs4 import BeautifulSoup | |
| def get_info(key): | |
| # Returns the date and raw data | |
| if key.startswith('http'): | |
| r = requests.get(key) | |
| else: | |
| r = requests.get('https://pastebin.com/' + key) | |
| soup = BeautifulSoup(r.text, 'html.parser') |
Te-k
/ shoGrey_ip.py
Created
August 30, 2018 14:28
— forked from n0x08/shoGrey_ip.py
Lookup IP address against greynoise.io and shodan
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # !/usr/bin/env python | |
| # shoGrey_ip.py | |
| # | |
| # Stupid simple IP lookup against Greynoise.io | |
| # Also looks up against Shodan and returns ports, tags, vulns | |
| # requires json, requests, shodan | |
| # | |
| # Also requires Shodan API key | |
| # | |
| # Example: python3 shoGrey_ip.py 1.2.3.4 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from Crypto.Cipher import AES | |
| import hashlib | |
| def get_key_and_iv(password, salt, klen=32, ilen=16, msgdgst='md5'): | |
| mdf = getattr(__import__('hashlib', fromlist=[msgdgst]), msgdgst) | |
| password = password.encode('ascii','ignore') # convert to ASCII | |
| try: | |
| maxlen = klen + ilen | |
| keyiv = mdf(password + salt).digest() |
Te-k
/ ait_ips.txt
Created
April 23, 2018 16:53
Ampere Innovation technologies scan IPs https://ampereinnotech.com/scanning.html
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 45.79.187.249 | |
| 172.104.129.213 | |
| 138.197.135.147 | |
| 138.197.144.85 | |
| 138.197.145.152 | |
| 138.197.145.162 | |
| 45.79.168.40 | |
| 45.79.217.96 | |
| 142.167.57.203 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 208.100.26.233 | |
| 208.100.26.230 | |
| 208.100.26.237 | |
| 208.100.26.232 | |
| 208.100.26.231 | |
| 208.100.26.235 | |
| 208.100.26.228 | |
| 208.100.26.236 |
Te-k
/ internet-census.csv
Created
December 20, 2017 14:19
List of IPs scanning IPv4 addresses with zmap and belonging to an unknown internet census project
We can make this file beautiful and searchable if this error is corrected: No commas found in this CSV file in line 0.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 198.143.133.154;AS32475;SingleHop;Linux 3.11+;server1.phx.internet-census.org | |
| 107.6.171.130;AS32475;SingleHop;Linux 3.11+;server2.ams.internet-census.org | |
| 45.33.66.232;AS63949;Linode;Linux 3.11+;li-new-us-gp1-wk101.internet-census.org | |
| 69.175.97.170;AS32475;SingleHop;Linux 3.11+;server1.chi3.internet-census.org | |
| 173.255.213.43;AS63949;Linode;Linux 3.11+;li-cal-us-gp1-wk102.internet-census.org | |
| 198.20.103.242;AS32475;SingleHop;Linux 3.11+;server1.ams.internet-census.org | |
| 45.33.2.193;AS63949;Linode;Linux 3.11+;li-dal-us-gp2-wk101.internet-census.org | |
| 107.6.169.250;AS32475;SingleHop;Linux 3.11+;server3.ams.internet-census.org | |
| 184.154.189.90;AS32475;SingleHop;Linux 3.11+;server4.chi3.internet-census.org | |
| 184.154.47.2;AS32475;SingleHop;Linux 3.11+;server2.chi3.internet-census.org |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import argparse | |
| import OpenSSL | |
| from dateutil.parser import parse | |
| if __name__ == '__main__': | |
| parser = argparse.ArgumentParser(description='Process some certs') | |
| parser.add_argument('CERT', help="Cert file to parse") | |
| args = parser.parse_args() | |
| with open(args.CERT, 'r') as f: |
Te-k
/ sslyze_cert_info.py
Created
June 26, 2017 20:11
How to use sslyze as a library to get certificate information (python 3)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from sslyze.server_connectivity import ServerConnectivityInfo, ServerConnectivityError | |
| from sslyze.ssl_settings import HttpConnectTunnelingSettings, TlsWrappedProtocolEnum | |
| from sslyze.plugins.certificate_info_plugin import CertificateInfoScanCommand | |
| from sslyze.synchronous_scanner import SynchronousScanner | |
| from cryptography.hazmat.backends.openssl import x509 | |
| from cryptography.hazmat.primitives.serialization import Encoding | |
| from cryptography.x509 import DNSName, ExtensionNotFound, ExtensionOID, NameOID | |
| from enum import Enum | |
| import os | |
| import json |