Nate Warfield n0x08
n0x08
/ gnMonthlyInfected.py
Last active
February 25, 2021 11:09
Report infected hosts by count from Greynoise.io data
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # !/usr/bin/env python | |
| # gnMonthlyInfected.py | |
| # | |
| # Report statistics on monthly infections | |
| # in a specified Autonomous System as seen | |
| # by Greynoise.io | |
| # | |
| # Requires: Greynoise API key | |
| # | |
| # Example: python3 gnMonthlyInfected.py AS12345 |
n0x08
/ shoGrey_ip.py
Last active
February 25, 2021 11:19
Lookup IP address against greynoise.io and shodan
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # !/usr/bin/env python | |
| # shoGrey_ip.py | |
| # | |
| # Stupid simple IP lookup against Greynoise.io | |
| # Also looks up against Shodan and returns ports, tags, vulns | |
| # requires json, requests, shodan | |
| # | |
| # Also requires Shodan API key | |
| # | |
| # Example: python3 shoGrey_ip.py 1.2.3.4 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # !/usr/bin/env python | |
| # sslChainDeetz.py | |
| # | |
| # Dependencies: | |
| # - shodan | |
| # - pyOpenSSL | |
| # | |
| # Installation: | |
| # sudo easy_install shodan | |
| # |
n0x08
/ findPwnedDB.py
Last active
February 25, 2021 11:18
Find compromised NoSQL & Docker systems from Shodan JSON export
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # findPwnedDB.py | |
| # | |
| # Last update: 1/13/2020 | |
| # | |
| # Added: | |
| # CassandraDB support | |
| # Additional DBs | |
| # Docker XMR mining flags (Thanks Unit42!) | |
| # https://unit42.paloaltonetworks.com/graboid-first-ever-cryptojacking-worm-found-in-images-on-docker-hub/ |