Skip to content

Instantly share code, notes, and snippets.

@lopes
lopes / ghss-fetcher.py
Created May 24, 2025 14:27
Reads all secret-scanning findings from GitHub and outputs them in a JSON file.
'''
Reads all secret-scanning findings from GitHub and outputs them in a JSON file.
Author: Joe Lopes <lopes.id>
Date: 2025-05-24
License: MIT
Usage:
- A GitHub Fine Grained Personal Access Token (FGPAT) with sufficient permissions to read
secret scanning findings
@lopes
lopes / chronicle-list-cleaner.py
Last active August 7, 2024 13:58
Cleans up lines in the reference lists in Chronicle SIEM with expired dates. #chronicle #gcp #functions #python #siem #list #management
'''
Cleans up lines in the reference lists in Chronicle SIEM with expired dates.
This script can be used to clean up some or all Reference Lists in Chronicle SIEM.
It scans each list and removes expired lines with the same pattern it is set to
monitor. Lines outside this pattern are just ignored. The pattern is:
<value> // expires:YYYY-MM-DD
@lopes
lopes / moth.py
Last active October 29, 2024 12:49
Convert Kindle or O'Reilly annotations to JSON or Markdown format. #python #file #manager #kindle #oreilly #annotation
#!/usr/bin/env python3
#moth.py
'''
Convert Kindle or O'Reilly annotations to JSON or Markdown format.
Usage:
moth.py -i <input> -o <output> [-s <source>] [-f <format>]
Example:
@lopes
lopes / misp-parser.rb
Last active August 7, 2024 13:57
MISP parser for Chronicle SIEM using Logstash format. #misp #chronicle #parser #logstash
# Product: MISP Threat Intelligence
# Category: Information Security
# Supported Format: JSON
# Reference: https://medium.com/@thatsiemguy/how-to-integrate-misp-and-chronicle-siem-9e5fe5fde97c
# Last Updated: 2024-06-01
filter {
##
# BASIC VARIABLES ASSERTION AND FIELDS EXTRACTION
#
@lopes
lopes / teslacoil.py
Last active August 7, 2024 13:54
Monitors some log files and send new entries to syslog. #python #syslog #log #forwarder #diff #siem
#!/usr/local/bin/python3
'''
Monitors some log files and send new entries to syslog.
This script requires a config file to import paths to the files.
The main concept is that there are a repository with log files
(which I call 'source files') and an auxiliary repository of
files ('working files').
The idea here is to create a copy of source files in the work
directory, then calculating the diff between the source files
@lopes
lopes / aes-modes.py
Last active August 7, 2024 13:52
Simple examples on using different block cipher modes of operation (NIST SP 800-38A) with AES. #python #cryptography #aes #nist #cipher
#!/usr/bin/env python3
#
# Simple examples on using different block cipher modes
# of operation (NIST SP 800-38A) with AES.
#
# Warning: this script is just an example! You must be
# very confident on your work (or insane) to implement
# this kind of code in production, because it's safer
# to use wide tested frameworks like PyNaCl.
#
@lopes
lopes / abused.py
Last active August 7, 2024 13:51
Connects to a mailbox using IMAP4 and parses all messages in a given box. #python #email #imap #parser #spam #phishing #abuse
#!/usr/bin/env python3
import re
import logging
from imaplib import IMAP4_SSL
from email import message_from_bytes
from email.parser import HeaderParser
from email.header import decode_header, make_header
from email.utils import parsedate_to_datetime, localtime
@lopes
lopes / winproxy.py
Last active September 15, 2024 20:31
Sets Windows' proxy configurations easily. #python #windows #proxy #management
'''Sets Windows' proxy configurations easily.
This script allows user to update Windows proxy settings easily,
by using predefined values assigned to proxies identified by
keywords.
Note that it'll also refresh your system to guarantee that all
settings take effect. Although in the tests it seemed unnecessary
(Windows 8.1), it's considered just a guarantee.
@lopes
lopes / pilsner.sh
Last active August 7, 2024 13:44
A backup script to be used with my external HDD. #shell #shellscript #backup #files #external #hdd
#!/usr/bin/env bash
#
# The MIT License (MIT)
# Copyright (c) 2016 José Lopes de Oliveira Jr.
#
# Permission is hereby granted, free of charge, to any person obtaining a
# copy of this software and associated documentation files (the "Software"),
# to deal in the Software without restriction, including without limitation
# the rights to use, copy, modify, merge, publish, distribute, sublicense,
# and/or sell copies of the Software, and to permit persons to whom the
@lopes
lopes / aes-ecb.py
Last active August 7, 2024 13:42
Simple Python example of AES in ECB mode. #python #cryptography #aes #ecb #poc
from hashlib import md5
from base64 import b64decode
from base64 import b64encode
from Crypto.Cipher import AES
# Padding for the input string --not
# related to encryption itself.
BLOCK_SIZE = 16 # Bytes
pad = lambda s: s + (BLOCK_SIZE - len(s) % BLOCK_SIZE) * \