by Proofpoint
by Austin Hudson
Chase Jensen ruevaughn
ruevaughn
/ URL Parsing
Created
August 9, 2023 19:54
— forked from joshisa/URL Parsing
Parsing of URLs using bash sh scripting
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Referenced and tweaked from http://stackoverflow.com/questions/6174220/parse-url-in-shell-script#6174447 | |
| proto="$(echo $1 | grep :// | sed -e's,^\(.*://\).*,\1,g')" | |
| # remove the protocol | |
| url="$(echo ${1/$proto/})" | |
| # extract the user (if any) | |
| userpass="$(echo $url | grep @ | cut -d@ -f1)" | |
| pass="$(echo $userpass | grep : | cut -d: -f2)" | |
| if [ -n "$pass" ]; then |
ruevaughn
/ nmap-http-url.py
Created
August 9, 2023 18:49
— forked from tothi/nmap-http-url.py
Generate HTTP URLs from Nmap XML (and optionally use VirtualHosts)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # | |
| # inputs: nmap.xml (nmap scan xml output), subdomains.csv (optional virtualhost info, hostname + ip address csv file) | |
| # output: url listing (useful for tools like EyeWitness) | |
| # | |
| # sample usage: ./nmap-http-url.py nmap.xml subdomains.csv | sort -u | gowitness file -f - | |
| # | |
| description = ''' | |
| Generate HTTP URLs from Nmap XML (and optionally additional VirtualHost listing, taken from e.g. subdomain enumeration). |
ruevaughn
/ gist:361ad41f42152c13379fd253c515e1d2
Created
July 31, 2023 22:07
— forked from 0xtavian/gist:2ab3a3c48b64d1fff22ba23721e49ae1
nmap-recon-scan.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| nmap -p- -v -T4 --open -sV -O --script=banner --script=http-headers --script=hostmap-crtsh --script http-cross-domain-policy --script http-cors --script=asn-query --script http-vhosts --script fingerprint-strings --script http-open-proxy.nse --script http-ls --script=http-git --script=http-php-version --script=http-apache-server-status --script=http-webdav-scan --script=http-aspnet-debug --script="couchdb-databases.nse" --script=mongodb-info --script=hadoop-datanode-info.nse --script=membase-http-info --script=dns-srv-enum --script ftp-anon --script http-bigip-cookie --script http-svn-info -PE -PS80,53,22,21,8000,8080,8443,445,22,80,139,389,443,445,623,636,999,1080,1880,1098,1099,2379,2443,3128,3389-3398,3443,3632,4001,4443,4848,5001,5002,5443,5800,5836,5900-5910,5985,5986,6002,6379,6782-6784,6739,6443,7001,7002,7071,7443,8000-8010,8080,8081,8118,8443,8444,8500,8888,9001,9060,9090,9093,9099,9100,9901,9999,10000,10250,10255,10256,11211,38801,53281 | |
| PA80,53,22,21,8000,8080,8443,445,22,80,139,389,443,445,623,636, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Agent Commands | |
| chmod +x /usr/bin/agent | |
| nmap --stats-every=1m --mtu=24 -A -T4 -Pn -p- -v --open --min-rate=5000 --min-hostgroup=256 --max-retries=0 --min-parallelism=256 --script-timeout=4m --script=vuln,ssl-cert,ssl-enum-ciphers,ssl-heartbleed,sip-enum-users,sip-brute,sip-methods,rtsp-screenshot,rtsp-url-brute,rpcinfo,vnc-screenshot,x11-access,x11-screenshot,nfs-showmount,nfs-ls,smb-vuln-ms08-067,smb-vuln-ms17-010,smb-ls,smb-enum-shares,http-robots.txt.nse,http-webdav-scan,http-screenshot,http-auth,http-form-brute,http-sql-injection --script-args=http.useragent=Mozilla,http-ntlm-info,http-git,http-open-redirect,http-open-proxy,socks-open-proxy,smtp-open-relay,ftp-anon,ftp-bounce,ms-sql-config,ms-sql-info,ms-sql-empty-password,mysql-info,mysql-empty-password,vnc-brute,vnc-screenshot,vmware-version,http-shellshock,http-default-accounts,http-passwd,smb-vuln-ms17-010,rdp-vuln-ms12-020,grab_beacon_config,dns-srv-enum -iL ips.txt -oA 20210130_nmapscan | |
| nmap --stats-every=1m --mtu=24 -A -T4 -Pn -p- -vvvv --open -- |
ruevaughn
/ nighthawk-blog-posts.md
Created
July 30, 2023 12:29
— forked from Neo23x0/nighthawk-blog-posts.md
Collection of Deleted Articles on MDSec's Nighthawk
ruevaughn
/ help.md
Created
July 30, 2023 12:19
— forked from Neo23x0/help.md
Offensive Research Guide to Help Defense Improve Detection
I've transformed this gist into a git repository.
Whenever you research a certain vulnerability ask yourself these questions and please answer them for us
Does the exploited service write a log?
(check ls -lrt /var/log or lsof +D /var/log/ or lsof | grep servicename)
ruevaughn
/ ivre-docker.sh
Created
July 30, 2023 12:14
— forked from natesubra/ivre-docker.sh
ivre docker quick run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://github.com/cea-sec/ivre/blob/master/doc/DOCKER.md | |
| docker pull ivre/db | |
| docker pull ivre/web | |
| docker run -d --name ivredb --hostname ivredb \ | |
| --volume "`pwd`/var_lib_mongodb":/var/lib/mongodb \ | |
| --volume "`pwd`/var_log_mongodb":/var/log/mongodb \ | |
| -v /ivredbvol \ | |
| ivre/db |
ruevaughn
/ models.py
Created
July 30, 2023 12:11
— forked from hakib/models.py
building-interactive-voice-response-ivr-system-python-django-twilio
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from django.db import models | |
| class Theater(models.Model): | |
| class Meta: | |
| verbose_name = 'Theater' | |
| verbose_name_plural = 'Theaters' | |
| name = models.CharField(max_length=50) |
ruevaughn
/ miyagi.py
Created
July 30, 2023 12:11
— forked from grizmio/miyagi.py
a function for python2.7 agi using pyst2, it dials an extension with pjsip and get the result status. Useful in a simple ivr
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/python2.7 | |
| # python2.7 agi using pyst2 | |
| # A function to dial an extension with pjsip and get the result status | |
| from asterisk.agi import * # pyst2 | |
| def dial_pjsip(anexo=''): | |
| """ |
ruevaughn
/ playerror.lua
Created
July 30, 2023 12:09
— forked from avimar/playerror.lua
Avi's Freeswitch play error lua script
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| calling_card = session:getVariable("calling_card_ivr") | |
| cause = session:getVariable("originate_disposition") | |
| cause2=session:getVariable("bridge_hangup_cause") | |
| if cause == nil then cause="none" end | |
| session:execute("log", "DEBUG Hangup cause: "..cause); | |
| if cause2 == nil then cause2="none" end | |
| session:execute("log", "DEBUG bridge hangup cause: "..cause2); |