Skip to content

Instantly share code, notes, and snippets.

View bandrel's full-sized avatar

Justin Bollinger bandrel

116 followers · 15 following
View GitHub Profile
@bandrel
bandrel / check_hashes.py
Last active November 5, 2024 06:12
To check for and reveal AD user accounts that share passwords using a hashdump from a Domain Controller
#!/usr/bin/env python3
#Purpose: To check for and reveal AD user accounts that share passwords using a hashdump from a Domain Controller
#Script requires a command line argument of a file containing usernames/hashes in the format of user:sid:LMHASH:NTLMHASH:::
# ./check_hashes.py <hash_dump>
import argparse
import re
parser = argparse.ArgumentParser(description="Check user hashes against each other to find users that share passwords")
@bandrel
bandrel / get_hostnames.py
Created August 24, 2017 21:46
#!/usr/bin/env python3
from __future__ import print_function
import socket
import argparse
import requests
import re
parser = argparse.ArgumentParser(description='Enumerate subdomains via certificate transparency logs')
parser.add_argument('domain', type=str, help='Target domain name')
@bandrel
bandrel / get_hostnames.py
Last active August 24, 2017 21:47
#!/usr/bin/env python3
from __future__ import print_function
import socket
import argparse
import requests
import re
parser = argparse.ArgumentParser(description='Enumerate subdomains via certificate transparency logs')
parser.add_argument('domain', type=str, help='Target domain name')
@bandrel
bandrel / get_hostnames.py
Created August 24, 2017 21:02
#!/usr/bin/env python
import requests
import sys
import re
domain = sys.argv[1]
r = requests.get('https://crt.sh/?q=%.'+domain)
hostnames = re.findall(r'<TD>(\S+\.'+domain+r')',r.text)
@bandrel
bandrel / explode_subnet.py
Created August 1, 2017 21:05
#!/usr/bin/env python3
import ipaddress
import sys
subnets = str(sys.argv[1]).split(',')
for network in subnets:
for host in ipaddress.IPv4Network(network).hosts():
print(host)
@bandrel
bandrel / gist:b9dcc64628fc9dff8fd1c9d476bf0506
Created January 27, 2017 20:50
eem script for updating port description using CDP
event manager applet update-port-description
event neighbor-discovery interface regexp GigabitEthernet0/.* cdp add
action 1.0 cli command "enable"
action 2.0 cli command "config t"
action 3.0 cli command "interface $_nd_local_intf_name"
action 4.0 cli command "description $_nd_cdp_entry_name:$_nd_port_id"
@bandrel
bandrel / def query(self, hostname, query_type = 'ANY', name_server = False, use_tcp = True): ret = [] response = None if name_server == False: name_server = self.get_ns() else: self.wildcards = {}
Created October 2, 2015 16:52
dns lookup
def query(self, hostname, query_type = 'ANY', name_server = False, use_tcp = True):
ret = []
response = None
if name_server == False:
name_server = self.get_ns()
else:
self.wildcards = {}
self.failed_code = None
self.last_resolver = name_server
query = dnslib.DNSRecord.question(hostname, query_type.upper().strip())
@bandrel
bandrel / keybase.md
Created September 14, 2015 20:10

Keybase proof

I hereby claim:

  • I am bandrel on github.
  • I am bandrel (https://keybase.io/bandrel) on keybase.
  • I have a public key whose fingerprint is F5CD 374B 6632 61A4 BAA5 A07E A7D4 3760 5956 EAC0

To claim this, I am signing this object: