taco-shellcode
taco-shellcode
/ ExportPEM_Ghidra.py
Created
July 31, 2021 23:33
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Privacy Enhanced Mail (PEM) Extraction Script for Ghidra | |
| #PEM is a common format for storing cryptographic material as ASCII | |
| #@category BeginnerGhidraClass | |
| from re import findall | |
| counter = 0 | |
| filename = currentProgram.getExecutablePath(); |
taco-shellcode
/ jamf_session_manager.py
Created
February 12, 2021 15:35
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import base64 | |
| import datetime | |
| import requests | |
| import urllib | |
| class Session(object): | |
| __instance = None |
taco-shellcode
/ pcap_without_tcpdump.py
Created
December 15, 2020 02:21
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from socket import * | |
| from struct import unpack | |
| import sys | |
| INTERFACE = "eth0" | |
| TARGET = "8.8.8.8" | |
| if __name__ == "__main__": | |
| sock = socket(AF_PACKET, SOCK_DGRAM, 0x0800) | |
| sock.bind((INTERFACE, 0x0800)) |
taco-shellcode
/ shadowrun_5e_item_generator.py
Last active
May 20, 2020 18:36
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Imports necessary python libraries for working with XML | |
| from xml.etree.ElementTree import XML, fromstring | |
| from xml.etree import ElementTree | |
| #This is the base string text of your XML files. """ """ in python denotes a multiline literal string | |
| item_text = """<id-02227> | |
| <avail type="string">9R</avail> | |
| <cost type="string">15,000¥</cost> | |
| <description type="formattedtext"> |
taco-shellcode
/ csv_combine.py
Created
November 21, 2019 17:48
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os | |
| import csv | |
| directory = "/path/to/csv_folder/" | |
| headers = [] | |
| merged_file_data = [] | |
| for file_name in os.listdir(directory): | |
| index = 0 | |
| file_path = os.path.join(directory, file_name) |
taco-shellcode
/ excel formulas
Last active
January 30, 2024 20:03
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Converts millisecond epoch format to datetime - https://www.epochconverter.com/ | |
| 1351108441165 = 10/24/2012 19:54:01 | |
| =(A1/ 86400000) + DATE(1970,1,1) | |
| Google Sheets combine date and time into timestamp | |
| =B2+C2 | |
| Format as datetime | |
| Time Diff between events |
taco-shellcode
/ hashtable_to_csv.ps1
Last active
November 17, 2023 20:27
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function Export-Events ($events, $outputPath) { | |
| $formattedEvents = $events | ForEach-Object { | |
| $_ | ForEach-Object { | |
| New-Object PSObject -Property ([ordered]@{Action = $_.Action; AttachmentName = $_.AttachmentName; Date = $_.Date; Division = $_.Division; Recipient = $_.Recipient; SamAccountName = $_.SamAccountName; Sender = $_.Sender; Subject = $_.Subject;}) | |
| } | |
| } | |
| $formattedEvents | Export-Csv $outputPath -NoTypeInformation | |
| $gui.LogTextBox.Dispatcher.Invoke('Normal', [action]{$gui.LogTextBox.AppendText("$(Get-Date) - Data has been exported to $outputPath`r`n")}) | |
| } |
taco-shellcode
/ url_regex
Last active
October 15, 2018 16:51
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| \b(http:\/\/www\.|https:\/\/www\.|http:\/\/|https:\/\/)?[a-z0-9:@]+([\-\.]{1}[a-z0-9:@]+)*\.(aaa|aarp|abarth|abb|abbott|abbvie|abc|able|abogado|abudhabi|ac|academy|accenture|accountant|accountants|aco|active|actor|ad|adac|ads|adult|ae|aeg|aero|aetna|af|afamilycompany|afl|africa|ag|agakhan|agency|ai|aig|aigo|airbus|airforce|airtel|akdn|al|alfaromeo|alibaba|alipay|allfinanz|allstate|ally|alsace|alstom|am|americanexpress|americanfamily|amex|amfam|amica|amsterdam|analytics|android|anquan|anz|ao|aol|apartments|app|apple|aq|aquarelle|ar|arab|aramco|archi|army|arpa|art|arte|as|asda|asia|associates|at|athleta|attorney|au|auction|audi|audible|audio|auspost|author|auto|autos|avianca|aw|aws|ax|axa|az|azure|ba|baby|baidu|banamex|bananarepublic|band|bank|bar|barcelona|barclaycard|barclays|barefoot|bargains|baseball|basketball|bauhaus|bayern|bb|bbc|bbt|bbva|bcg|bcn|bd|be|beats|beauty|beer|bentley|berlin|best|bestbuy|bet|bf|bg|bh|bharti|bi|bible|bid|bike|bing|bingo|bio|biz|bj|black|blackfriday|blanco|blockbuster|blog|bloomb |
taco-shellcode
/ remote_windows_triage.ps1
Created
October 2, 2018 19:21
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #PowerShell Triage Script | |
| $suspicious_ip = '' | |
| $ip_address = '' | |
| $hostname = '' | |
| $endpoint_information = @{ | |
| remote_powershell_version = '' | |
| os_version = '' | |
| network_connections = '' | |
| running_processes = '' |
taco-shellcode
/ osint.py
Last active
March 21, 2020 19:26
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3.6 | |
| ''' | |
| Requirements: | |
| sudo apt-get install python3 | |
| sudo apt-get install pip3 | |
| pip3 install python-twitter | |
| pip3 install beautifulsoup4 | |
| Compile script into binary: | |
| pyinstaller --onefile osint-collector.py |
NewerOlder