theMiddlePro:~ root# curl -k -v --resolve corriere.it:80:104.24.99.193 'http://corriere.it/'
* Added corriere.it:80:104.24.99.193 to DNS cache
* Hostname corriere.it was found in DNS cache
* Trying 104.24.99.193...
* TCP_NODELAY set
* Connected to corriere.it (104.24.99.193) port 80 (#0)
> GET / HTTP/1.1
> Host: corriere.it
> User-Agent: curl/7.54.0
theMiddle theMiddleBlue
theMiddleBlue
/ freshnikto.sh
Created
October 13, 2016 07:52
Download latest nikto from github, change user agent on configuration file and test it
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| git clone https://github.com/sullo/nikto.git; | |
| cat nikto/program/nikto.conf | grep -v 'USERAGENT\=' > nikto/program/nikto.conf.new; | |
| echo -en '\nUSERAGENT=Mozilla/5.0 (Linux; Android 6.0; ALE-L21 Build/HuaweiALE-L21) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.124 Mobile Safari/537.36' >> nikto/program/nikto.conf.new; | |
| mv -f nikto/program/nikto.conf.new nikto/program/nikto.conf; | |
| perl nikto/program/nikto.pl -Help | |
| exit 0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| if(!preg_match('/^149\.154\.167\.(19[7-9]|20[0-9]|21[0-9]|22[0-9]|23[0-3])$/', $_SERVER['REMOTE_ADDR'])) { | |
| die('IP Address not allowed.'); | |
| } | |
| if($_SERVER['REQUEST_METHOD'] != 'POST') { | |
| die('Request method not allowed.'); | |
| } | |
| $token = '<bot token here>'; |
theMiddleBlue
/ italian_phishing_domain
Last active
July 19, 2017 10:21
Italian phishing domain name
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| http://www.adsilazio.it | |
| http://www.al-parco.it | |
| http://www.aneurysm.it | |
| http://www.anonimoitaliano.it | |
| http://www.ardaland.it | |
| http://www.ascdiromagna.it | |
| http://www.battagliamontecassino.it | |
| http://www.biellaintraprendere.it | |
| http://www.cabarun.it | |
| http://www.calzaturificiorenata.it |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| http://www.123gouter.fr | |
| http://www.50ansdecine.fr | |
| http://www.abigaely-voyance.fr | |
| http://www.accueil-funeraire.fr | |
| http://www.ace-renov.fr | |
| http://www.achterhoek.nu | |
| http://www.active-health.nl | |
| http://www.addam-31.fr | |
| http://www.adevesoiree.fr | |
| http://www.adhi.es |
theMiddleBlue
/ botnet_list.json
Created
August 4, 2017 11:16
Botnet 898 IP Address (elasticsearch result) - https://goo.gl/tJv56C
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "took": 103, | |
| "timed_out": false, | |
| "_shards": { | |
| "total": 304, | |
| "successful": 304, | |
| "failed": 0 | |
| }, | |
| "hits": { | |
| "total": 898, |
theMiddlePro:~ root# curl -v --resolve corriere.it:80:104.27.143.145 'http://corriere.it/'
* Added corriere.it:80:104.27.143.145 to DNS cache
* Hostname corriere.it was found in DNS cache
* Trying 104.27.143.145...
* TCP_NODELAY set
* Connected to corriere.it (104.27.143.145) port 80 (#0)
> GET / HTTP/1.1
> Host: corriere.it
> User-Agent: curl/7.54.0
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import httplib, urllib, re, sys, json, socket, struct | |
| # python shodan.py 0 | |
| # ^ this is the page number | |
| shodan = { | |
| 'apikey': '<your shodan API key>', | |
| 'query': r'"root%40"+"android"+port%3A23', | |
| } |
theMiddleBlue
/ secthemall-tor.py
Last active
January 29, 2021 13:39
Script for download the SECTHEMALL Tor Reputation IPs list
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # ---------------- CONFIG ------------------ | |
| username = "your@secthemall username here" | |
| apikey = "your API Key here" | |
| size = "1000" | |
| sleep_sec = 60 | |
| nginx_reload_cmd = "service nginx reload" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| server { | |
| listen 80; | |
| server_name example.com; | |
| encrypted_session_key 'v1-clG~!~v7B_Z0yu.:iw*Rj#l-Nc8E^'; | |
| encrypted_session_iv "themiddlerfvbgt5"; | |
| encrypted_session_expires 20; | |
| location ~ /botbuster.js { | |
| default_type 'text/javascript'; |
OlderNewer