moved - https://github.com/paralax/awesome-cybersecurity-internships
jose nazario paralax
paralax
/ extractors.json
Created
August 23, 2017 16:49
snippet of WAF log extractor for anomaly score
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "title": "Fastly WAF anomaly score", | |
| "extractor_type": "split_and_index", | |
| "converters": [], | |
| "order": 0, | |
| "cursor_strategy": "copy", | |
| "source_field": "message", | |
| "target_field": "anomaly_score", | |
| "extractor_config": { | |
| "index": 19, |
paralax
/ extractor.cpp
Created
October 20, 2017 16:30
working on a manalyze plugin to extract IPs, paths, etc
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| This file is part of Manalyze. | |
| Manalyze is free software: you can redistribute it and/or modify | |
| it under the terms of the GNU General Public License as published by | |
| the Free Software Foundation, either version 3 of the License, or | |
| (at your option) any later version. | |
| Manalyze is distributed in the hope that it will be useful, | |
| but WITHOUT ANY WARRANTY; without even the implied warranty of |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /bin/sh | |
| ### BEGIN INIT INFO | |
| # Provides: opencanaryd | |
| # Required-Start: $remote_fs $syslog | |
| # Required-Stop: $remote_fs $syslog | |
| # Default-Start: 2 3 4 5 | |
| # Default-Stop: 0 1 6 | |
| # Short-Description: OpenCanaryd launcher | |
| # Description: OpenCanaryd is an alerting honeypot | |
| ### END INIT INFO |
paralax
/ cisco_asa_vpn_crash.rb
Created
February 19, 2018 15:11
Cisco ASA CVE-2018-0101 Crash PoC (msf)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://pastebin.com/YrBcG2Ln | |
| class MetasploitModule < Msf::Exploit::Remote | |
| Rank = NormalRanking | |
| include Msf::Exploit::Remote::HttpClient | |
| include Msf::Auxiliary::Dos | |
| def initialize(info = {}) | |
| super( |
paralax
/ cybersec_internships.md
Last active
March 6, 2018 15:33
Cybersecurity Summer Internships - 2018
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # routersploit/modules/payloads/php/bind_tcp.py | |
| from base64 import b64encode | |
| from routersploit.core.exploit import * | |
| from routersploit.core.exploit.payloads import BindTCPPayloadMixin, GenericPayload | |
| class Exploit(BindTCPPayloadMixin, GenericPayload): | |
| __info__ = { | |
| "name": "PHP Bind TCP", |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Vagrant.configure("2") do |config| | |
| config.vm.box = "ubuntu/xenial64" | |
| # progressbar via https://askubuntu.com/questions/445245/how-do-i-enable-fancy-apt-colours-and-progress-bars | |
| # from https://dev.gravwell.io/docs/#!quickstart/quickstart.md | |
| $script = <<SCRIPT | |
| mkdir -p /etc/apt/apt.conf.d | |
| echo 'Dpkg::Progress-Fancy "1";' > /etc/apt/apt.conf.d/99progressbar | |
paralax
/ aicloud_xxe.py
Created
August 14, 2018 18:22
ASUS Router AiCloud XXE - Routersploit module
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import random | |
| import string | |
| from routersploit.core.exploit import * | |
| from routersploit.core.http.http_client import HTTPClient | |
| class Exploit(HTTPClient): | |
| __info__ = { | |
| "name": "ASUS Router AiCloud XXE", | |
| "description": "Module exploits remote XXE flaw in ASUS device AiCloud service. " |
paralax
/ dsl_ac_password_reset.py
Created
August 14, 2018 18:22
ASUS Router Password Reset - Routersploit module
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import random | |
| import string | |
| from routersploit.core.exploit import * | |
| from routersploit.core.http.http_client import HTTPClient | |
| class Exploit(HTTPClient): | |
| __info__ = { | |
| "name": "ASUS Router Password Reset", | |
| "description": "Module exploits remote flaw in ASUS devices to reset the " |
paralax
/ 3g_4g_cellular_ethernet_serial_gateway_default_creds.py
Last active
August 12, 2019 23:26
routersploit module - Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Default Creds
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from routersploit.core.exploit import * | |
| from routersploit.modules.creds.generic.http_basic_digest_default import Exploit as HTTPBasicDigestDefault | |
| class Exploit(HTTPBasicDigestDefault): | |
| __info__ = { | |
| "name": "Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Default Creds - HTTP Auth", | |
| "description": "Module performs dictionary attack against Microhard Systems " | |
| "3G/4G Cellular Ethernet and Serial Gateway web interface. " | |
| "If valid credentials are found, they are displayed to the user.", |