CTF http://vulnerable.shieldsurge.com/
$ nmap -sV vulnerable.shieldsurge.com
PORT STATE SERVICE VERSION
22/tcp filtered ssh
25/tcp filtered smtp
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| from scapy.all import * | |
| import logging | |
| import datetime | |
| interface = 'enp3s0' # changeme! | |
| logging.basicConfig( | |
| level=logging.DEBUG, |
dustyfresh
/ shieldsurge_recruiting_CTF1_writeup.md
Last active
June 18, 2018 15:58
writeup of the shieldsurge CTF challenge by dustyfresh
dustyfresh
/ workerWAF.js
Last active
August 24, 2021 14:24
Simple & experimental Web Application Firewall using Cloudflare's edge workers
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * | |
| * Web Application Firewall built with Cloudflare workers | |
| * | |
| * Author: < https://twitter.com/dustyfresh > | |
| * | |
| * License: GPLv3 < https://www.gnu.org/licenses/gpl-3.0.en.html > | |
| * | |
| * Cloudflare worker documentation: | |
| * < https://developers.cloudflare.com/workers/about/ > |
dustyfresh
/ rethinkdb_notes.md
Last active
May 30, 2018 03:35
notes on setting up, securing, and using a RethinkDB server
RethinkDB is the first open-source, scalable JSON database built from the ground up for the realtime web. It inverts the traditional database architecture by exposing an exciting new access model – instead of polling for changes, the developer can tell RethinkDB to continuously push updated query results to applications in realtime. RethinkDB’s realtime push architecture dramatically reduces the time and effort necessary to build scalable realtime apps.
The project I'm using RethinkDB for is storing data from various scrapers I'm working on.
dustyfresh
/ tor_ssh_tunnel.md
Last active
January 9, 2019 15:45
tunnel remote services to localhost with SSH & Tor
Sometimes you need to access a service that is behind a firewall that you do not have permissions to influence. You can get around your inability to modify the firewall policies by tunneling your service over a Tor hidden service with SSH.
- Tor must be installed on both the firewalled host, as well as the client server the tunnel will be initiated from.
- Ncat is used to proxy SSH over SOCKS to Tor. The ncat binary ships with the nmap package.
- client must have a public key in the authorized_keys SSH file for the hidden service
Setup hidden service
dustyfresh
/ kek_url_scraper.py
Created
July 28, 2018 23:53
guess valid short links from kek.gg for research & educational purposes
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import requests | |
| import random | |
| import string | |
| from time import sleep | |
| while True: | |
| sleep(random.choice(range(5))) | |
| lol = ''.join(random.choice(string.ascii_uppercase + string.digits + string.ascii_lowercase) for _ in range(4)) | |
| url = 'https://kek.gg/u/{}'.format(lol) |
dustyfresh
/ TAO_disclosed_projects.txt
Created
September 7, 2018 14:37
List of TAO projects scraped from: https://electrospaces.blogspot.com/p/nsas-tao-division-codewords.html
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ACRIDMINI - TAO computer hacking project | |
| ADJUTANT VENTURE - Intrusion set? | |
| ALOOFNESS - Cyber threat actor | |
| ALTEREDCARBON - An IRATEMONK implant for Seagate drives | |
| AMULETSTELLAR - Cyber threat actor sending malicious e-mails | |
| ANGRYNEIGHBOR - Family of radar retro-reflector tools used by NSA's TAO division | |
| APERTURESCIENCE - TAO computer hacking project | |
| ARGYLEALIEN - Method to cause a loss of data by exploiting zeroization of hard-drives | |
| ARKSTREAM - Implant used to reflash BIOS, installed by remote access or intercepted shipping | |
| ARROWECLIPSE - Counter CNE tool |
dustyfresh
/ keybase.md
Created
March 22, 2019 03:07
I hereby claim:
- I am dustyfresh on github.
- I am dustyfresh (https://keybase.io/dustyfresh) on keybase.
- I have a public key ASCCXpExvlJd32z0N3WdZ1Tw1ZoIi73S9_JuclQ0QQJEDgo
To claim this, I am signing this object:
dustyfresh
/ miniboa_telnet_honeypot.py
Last active
March 31, 2019 15:45
log brute force traffic on telnet easily with miniboa
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from miniboa import TelnetServer | |
| import logging as logz | |
| def on_connect(client): | |
| logz.info('New connection from {}'.format(client.address)) | |
| clients.append(client) | |
| # Fake login prompt | |
| client.send('Login: ') | |
| def on_disconnect(client): |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import sys | |
| from datetime import datetime | |
| import time | |
| from time import sleep | |
| from dnslib import DNSLabel, QTYPE, RD, RR, RCODE | |
| from dnslib import A, AAAA, CNAME, MX, NS, SOA, TXT | |
| from dnslib.server import DNSServer |