sht

Keybase proof

I hereby claim:

• I am imtaji on github.
• I am tajinder (https://keybase.io/tajinder) on keybase.
• I have a public key ASCYf3XSZZmiRrPNEOxjopYuUXLG66KRAHkvJ8oMEDj4fgo

To claim this, I am signing this object:

sht

How to find a Public key of any github user?

https://github.com/username.keys

Example:

https://github.com/imtaji.keys

curl https://github.com/imtaji.keys

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDVBQ6Jx5+l/oF8S4l2PaDehQk0YIStUhXnLH2VC7LNvM8KntU1zf2kpptvwDlfgAbrzw1O/ny+QSfBMaFsovPLSwHK2QMoKj131TLbQCJX0/Lu/m0y7ouwrMS0uR3S1S+F2PSe1KGZ1mInJY8NauB1gDwis+B4GaNWGEnEBNcsI00fs+ok/5tl4EAjWXMTq/VIypslqEeQ8SKAmV4n9X/+dIbtXpCOgsNfcRSJvu9QihuNKnD+SjI78VB0z0ShfqKsNxQv7EWjwk0B0ot4DRIXg38oK/yylJDJWylB/HPM6eHxUV36/op4ATtlLYpNp3NA/PoEG1cA3Sw3W6BTtGbTViRQ+ERw/X65kaasXH8B+Cf/WQdj53z0NsdEZKlgV9VfJoy6tPzuoVKhO0kr+gYRB4PP8FFGSakBTOeyFtFI9DfLoUS2S2dR6NWgzTaSE9Ns9mpGUjfAoePlsRIzsllZENc2XeDDI5rbIa1omor0Rv+gzQ0oGnS6Lilq+PpiSmpVYNm1ynfhmg621k18Xuz9gLF/KsdH8HLHXCksU5q/aUmdMea+XFL62rik+oqxJesAdfSo7v7ZGjnzhfBOr3aQAYGlEmyJcD5d256Dt4nUnytpBi4U6gIVP9oL8s0jRlFUb7MFCUxNzPvdn1nxJChPr7tSEke3HyhGw2K8PFhYJw==

sht

package main

import (
	"context"
	"fmt"
	"net"
	"os/exec"
	"strconv"
	"strings"
	"sync"

sht

import socket, threading, time, subprocess, sys
from queue import Queue
subprocess.call('clear', shell=True)

print_lock = threading.Lock()

#target = input ('Enter host: ')
target = sys.argv[1]
start_time = time.time()

sht

# How to get a github user info from token?
# How to get github username from token?
# Scenario: you have found a github personal access token of someone, how will you to which user/account this token belongs to?
# Below mention script is the quick way

import requests
token = "xyz"
headers = {'Authorization': 'token ' + token}

login = requests.get('https://api.github.com/user', headers=headers)

sht

import string, random, requests, json

def generateUser(size=3, chars=string.ascii_lowercase + string.digits):
	return ''.join(random.choice(chars) for _ in range(size))

for x in range(200):
	user = generateUser()
	try:
		jsonData = json.loads(
			requests.get(f"https://api.github.com/users/{user}").text

sht

# I don't trust nmap all the time. Alternatively, we can either use telnet for single IP or below mentioned script for multiple IPs

import socket

def checkIpPort(ip,port):
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    s.settimeout(2)
    status = s.connect_ex((ip, port))

    if status == 0:

sht

sudo apt-get update -y;
sudo apt-get upgrade -y;
sudo useradd taji;
sudo adduser --disabled-password --gecos "" taji;
sudo mkdir /home/taji;
sudo mkdir /home/taji/.ssh;
wget https://github.com/imtaji.keys
sudo mv imtaji.keys /home/taji/.ssh/authorized_keys;
sudo addgroup sec;
sudo chown -R taji:taji /home/taji/.ssh/;

sht

"Slack Token": "(xox[p|b|o|a]-[0-9]{12}-[0-9]{12}-[0-9]{12}-[a-z0-9]{32})",
"RSA private key": "-----BEGIN RSA PRIVATE KEY-----",
"SSH (OPENSSH) private key": "-----BEGIN OPENSSH PRIVATE KEY-----",
"SSH (DSA) private key": "-----BEGIN DSA PRIVATE KEY-----",
"SSH (EC) private key": "-----BEGIN EC PRIVATE KEY-----",
"PGP private key block": "-----BEGIN PGP PRIVATE KEY BLOCK-----",
"Facebook Oauth": "[f|F][a|A][c|C][e|E][b|B][o|O][o|O][k|K].{0,30}['\"\\s][0-9a-f]{32}['\"\\s]",
"Twitter Oauth": "[t|T][w|W][i|I][t|T][t|T][e|E][r|R].{0,30}['\"\\s][0-9a-zA-Z]{35,44}['\"\\s]",
"Google Oauth": '("client_secret":"[a-zA-Z0-9-_]{24}")',

sht

import json

data = {Data}

d1 = json.dumps(data)
parsed = json.loads(d1)
print(json.dumps(parsed, indent=4, sort_keys=True))