John Carroll yosignals
yosignals
/ exclusions_catalog.csv SentinelOne
Created
April 6, 2023 18:26
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # os_type application description value | |
| 1 windows AutoCAD Interoperability Limitations with AutoCAD \Device\HarddiskVolume*\Program Files\Autodesk\ | |
| 2 windows AutoCAD Interoperability Limitations with AutoCAD \Device\HarddiskVolume*\Program Files\common Files\Autodesk\ | |
| 3 windows AutoCAD Interoperability Limitations with AutoCAD \Device\HarddiskVolume*\Program Files (x86)\Autodesk\ | |
| 4 windows AutoCAD Interoperability Limitations with AutoCAD \Device\HarddiskVolume*\Program Files (x86)\common Files\Autodesk\ | |
| 5 windows AutoCAD Interoperability Limitations with AutoCAD \Device\HarddiskVolume*\Program File*\Common Files\Autodesk Shared\ | |
| 6 windows AutoCAD Interoperability Limitations with AutoCAD \Device\HarddiskVolume*\Program File*\AutoCAD*\ | |
| 7 windows AutoCAD Interoperability Limitations with AutoCAD \Device\HarddiskVolume*\ProgramData\Autodesk\ | |
| 8 windows AutoCAD Interoperability Limitations with AutoCAD \Device\HarddiskVolume*\ProgramData\Flexnet\ | |
| 9 windows AutoCAD Interoperability Limitations with AutoCAD \Device |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "flag" | |
| "fmt" | |
| "math/rand" | |
| "strings" | |
| "time" | |
| ) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "bufio" | |
| "encoding/hex" | |
| "fmt" | |
| "os" | |
| "regexp" | |
| "strings" | |
| ) |
yosignals
/ HashCounter.go
Created
March 22, 2023 21:50
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "bufio" | |
| "flag" | |
| "fmt" | |
| "os" | |
| "sort" | |
| ) |
yosignals
/ gist:c426aeabbf3727140b9d88f567b38eb4
Created
February 20, 2023 10:25
Subslplit.py | some (excellent) pen testing tools have a hard time outside of /24 and smaller networks, this little script tries to address that by fragmenting large networks into palatable lists
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import ipaddress | |
| import os | |
| # Get the IP address range from the user | |
| ip_range = input("Enter IP address range (CIDR notation): ") | |
| # Convert the IP address range to an object of type ipaddress.IPv4Network | |
| ip_net = ipaddress.IPv4Network(ip_range) | |
| # Get the number of target files from the user |
yosignals
/ gist:db1c2667fe072d125f840f18dc8ab181
Created
February 19, 2023 22:49
CS TS Prop Builder
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "bufio" | |
| "fmt" | |
| "os" | |
| "fyne.io/fyne/v2" | |
| "fyne.io/fyne/v2/app" | |
| "fyne.io/fyne/v2/container" |
yosignals
/ Dynamic Subdomain C2 and or Exfil
Created
January 3, 2023 21:49
Dynamic Subdomain C2 Exfil detection - Splunk Query
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Select events from all indexes | |
| index=* | |
| # Extract the subdomain from the domain field and add a new field called "subdomain" | |
| | eval subdomain=split(domain, ".")[0] | |
| # Format the time field into a more human-readable format and add a new field called "time" | |
| | eval time=strftime(_time, "%Y-%m-%d %H:%M:%S") | |
| # Bin the time field into 2 minute intervals and add a new field called "bin_time" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "bufio" | |
| "fmt" | |
| "os" | |
| "os/exec" | |
| "regexp" | |
| "sort" | |
| ) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Get the current date and time | |
| $date = Get-Date | |
| # Get a list of all open TCP connections | |
| $tcpConnections = Get-NetTCPConnection | |
| # Create a table to display the results | |
| $table = New-Object System.Data.DataTable | |
| $table.Columns.Add("Local Address") | |
| $table.Columns.Add("Local Port") |
yosignals
/ gist:80db7d8d06f8060abd0eecde933c9c68
Created
December 22, 2022 18:59
Useful for separating a mix of hashes, my use case was historical breach data where uncracked passwords where varying in Hash type, this aims to try and sort through them into files you can throw at hashcat or JtR
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import hashlib | |
| def sort_hashes(filename): | |
| # Create a list of hash types | |
| hash_types = [ | |
| 'md5', | |
| 'sha1', | |
| 'sha224', | |
| 'sha256', | |
| 'sha384', |