diyinfosec
diyinfosec
/ 01-aes-bruteforce.py
Created
January 25, 2022 19:36
Brute-force AES-256 keys from memory dump.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from timeit import default_timer as timer | |
| from binascii import b2a_hex | |
| #- Config variables | |
| filename="memory.dmp" | |
| aes_key_size=32 | |
| #- Variables related to file processing | |
| file_offset=0; | |
| total_keys_found = 0; |
diyinfosec
/ MS Crypto API - CAPI
Created
November 26, 2020 19:24
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://docs.microsoft.com/en-us/previous-versions/ms867086(v=msdn.10)?redirectedfrom=MSDN | |
| The Cryptography API, or How to Keep a Secret | |
| 01/12/2010 | |
| 22 minutes to read | |
| Robert Coleridge | |
| Microsoft Developer Network Technology Group |
diyinfosec
/ vim_tips.txt
Last active
July 28, 2020 07:56
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Simple macro with vim: | |
| Usecase: Join evey other line in a file to the previous one. | |
| We can do this easily using macros: | |
| 1. start recording a macro 'q': qqJjq | |
| 2. replay the macro 'q' 500 times: 500@q | |
| (Actually it is not a macro called 'q', it is a named register called 'q'. instead of interactively fill that register as in (1), you could also do :let @q = "Jj" and then do 2.) | |
| Source: https://superuser.com/questions/168942/how-to-join-every-second-line-in-vim | |
diyinfosec
/ csv_dictreader_json.py
Created
June 5, 2020 16:10
Simple csv to json conversion in python. Useful for csv log files that have a header.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import csv | |
| import json | |
| with open('splunk.csv', mode='r') as infile: | |
| reader = csv.DictReader(infile) | |
| for rows in reader: | |
| print(json.dumps(rows)) |
diyinfosec
/ Useful sed
Created
January 28, 2020 17:06
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://unix.stackexchange.com/questions/236920/1-what-does-this-sed-action-mean | |
| \([^"]*\) defines a group of characters, the group is actually the found contents between the two braces (), the braces need to be escaped hence \( and \) | |
| \1 is the contents of the first group | |
| There could be several groups defined using multiple sets of brace pairs, they are numbered incrementally and each one can be referenced as \n (e.g. \1, \2, \3 etc) hence the name: backreference. |
NewerOlder