lopes

#!/usr/bin/env bash

# In SOC, when an external IP address is involved in an incident,
# we check it to try to identify the owner and if there is any
# incident related to that address. A few sites in internet
# offer this service, such as AbuseIPDB (https://www.abuseipdb.com/),
# Greynoise (https://www.greynoise.io/), and
# VirusTotal (https://www.virustotal.com/).
#
# Author.: José Lopes <lopes.id>

lopes

#/bin/sh
#bookepr.sh
#
# Packs and unpacks sensitive data in a more secure fashion.
# Read $HELP for usage tips.
#
# Author: José Lopes <lopes.id>
# License: MIT
# Date: 2021-09-28
##

lopes

#!/usr/local/bin/python3

'''
Monitors some log files and send new entries to syslog.
This script requires a config file to import paths to the files.
The main concept is that there are a repository with log files
(which I call 'source files') and an auxiliary repository of
files ('working files').
The idea here is to create a copy of source files in the work
directory, then calculating the diff between the source files

lopes

#!/bin/sh
#
# Reads a Brazilian "Nota Fiscal Eletrônica" in PDF format,
# figures out what is it competence (the reference in time
# for that document), and then renames the file using this
# data, like: %Y%m[-COUNT].pdf.
#
# Note: the regex may differ according the format used in
# the PDF file (data disposition), so it should be
# adjusted accordingly.

lopes

#!/usr/bin/env python3
#
# Simple examples on using different block cipher modes 
# of operation (NIST SP 800-38A) with AES.
#
# Warning: this script is just an example!  You must be
# very confident on your work (or insane) to implement
# this kind of code in production, because it's safer
# to use wide tested frameworks like PyNaCl.
#

lopes

#!/usr/bin/env python3
import re
import logging


from imaplib import IMAP4_SSL
from email import message_from_bytes
from email.parser import HeaderParser
from email.header import decode_header, make_header
from email.utils import parsedate_to_datetime, localtime

lopes

#!/usr/bin/env python3

'''Squid Cleaner

This script takes a file with a list of domains in Squid format
separated by "comma-space" and outputs a new list without 
duplicates, shadows (.domain.com and domain.com <-removes this),
and overlaps (.domain.com, sub.domain.com <-removes this).

It can also check is domains are responsive, but of course this

lopes

#!/bin/ksh
#honeyd-syslogger.sh
#
# Parses honeyd logfiles to syslog and sends them to a SIEM.
# This script is compatible with OpenBSD 6.4 and ksh.  If
# you're running in Linux/Bash, the commands below should help:
#
# YESTERDAY="$(date -u +"%Y-%m-%d" -d "yesterday")"
#
# Deploy: simply edit global variables according to your

lopes

#!/usr/bin/env python3

from sys import argv
from urllib.parse import quote
from urllib.request import Request, urlopen
from urllib.error import HTTPError
from json import loads
from time import sleep

lopes

'''Sets Windows' proxy configurations easily.

This script allows user to update Windows proxy settings easily,
by using predefined values assigned to proxies identified by
keywords.

Note that it'll also refresh your system to guarantee that all
settings take effect.  Although in the tests it seemed unnecessary
(Windows 8.1), it's considered just a guarantee.