Tony36 Tony3-sec
Tony3-sec
/ (PK) ZIP header
Created
June 1, 2016 14:48
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| PK 0x03 0x04 (50 4b 03 04) | |
| PK 0x05 0x06 (50 4b 05 06) (empty archive) | |
| PK 0x07 0x08 (50 4b 07 08) (spanned archive) |
Tony3-sec
/ hexToIP.py
Created
July 20, 2016 16:25
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| ## Convert hexadecimal to IP address | |
| if len(sys.argv) < 2: | |
| print('Please type hexadecimal') | |
| else: | |
| i = 0 | |
| j = 2 | |
| ipaddr = '' |
Tony3-sec
/ custom_base64.py
Last active
August 29, 2016 13:58
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # This is a simple script to decode / encode custom base64 | |
| # Fill the "CUSTOM_ALPHABET" with custom base64 table | |
| ''' | |
| # Standard table | |
| ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/ | |
| ''' |
Tony3-sec
/ gzip header
Last active
October 14, 2016 15:47
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ xxd a.js.gz | head -1 | |
| 0000000: 1f8b 0808 58e3 0058 0003 612e 6a73 002d ....X..X..a.js.- | |
| 0x1f, 0x8b : magic number (2byte) | |
| 0x08 : Compression Method, 0x08 is flag for deflate |
Tony3-sec
/ ascii_to_bit.py
Created
November 10, 2016 16:14
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| message = 'No thank you!' | |
| for i in message: | |
| print bin(ord(i)).replace('b', ''), |
Tony3-sec
/ bit_to_ascii.py
Created
November 10, 2016 16:16
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| data = '01010011 01001001 01000101 01001101 00101100 00100000 01001001 01101110 01100011 01101001 01100100 01100101 01101110 01110100 00100000 01010010 01100101 01110011 01110000 01101111 01101110 01110011 01100101 00100000 01010000 01110010 01101111 01100110 01100101 01110011 01110011 01101001 01101111 01101110 01100001 01101100 01110011 00100000 00101101 00100000 01000011 01101111 01101110 01110100 01100001 01100011 01110100 00100000 01101101 0110010' | |
| binary_list = data.split(' ') | |
| decoded_string = '' | |
| for binary in binary_list: | |
| decoded_string += chr(int(binary, 2)) |
Tony3-sec
/ tshark and wireshark tips
Last active
March 23, 2021 02:47
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| tshark -r input_file.pcap -2R "< Wireshark Filter >" -T fields -e < Wireshark Field > -e <Wireshark Field> | |
| ## By using combination of "-T fields" and "-e" options, tshark will only print the fields you're interested in. | |
| ip.src | |
| ip.dst | |
| tcp.srcport (udp.srcport) | |
| tcp.dstport (udp.dstport) | |
| ## I want to check the number of TCP streams in the packet. |
Tony3-sec
/ Steps for hex encoding
Created
January 9, 2017 16:57
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Hex encode for 'Hello' is 48656c6c6f. How does this work? | |
| >>> binascii.hexlify(b'Hello') | |
| b'48656c6c6f' (48 65 6c 6c 6f) | |
| ## Let's encode the letter 'H' | |
| ## First, convert 'H' to ascii code | |
| >>> ord('H') | |
| 72 |
Tony3-sec
/ swap values between two variables without using temporary variable
Last active
January 16, 2017 10:52
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| >>> a = 10 | |
| >>> b = 100 | |
| >>> a = a + b | |
| >>> b = a - b | |
| >>> a = a - b | |
| >>> a | |
| 100 | |
| >>> b | |
| 10 |
Tony3-sec
/ change_ext.py
Created
January 18, 2017 14:42
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import os | |
| import glob | |
| org_ext = '.flow' | |
| new_ext = '.pcap' | |
| print('changing file extension ' + str(org_ext) + ' to ' + str(new_ext) + '...') | |
| ## list the file with certain extension in current directory |