├── LICENSE ├── README.md ├── cardmon.zsh ├── dnsdump.py ├── enum_forms.py ├── fileinfo.zsh ├── fileserver.py ├── gitdownload.zsh ├── img ├── cardmon_screen.png ├── citadel.png ├── dnsdump_screen.png ├── enum_forms_screen.png ├── fileinfo_screen.png ├── fileserver_screen.png ├── gitdownload_screen.png ├── msfscripts_screen.png ├── opcodes_screen.png ├── powershell_cmd_stager_screen.png ├── sf_parser_screen.png ├── shellstorm_screen.png ├── sslconvert_screen.png ├── stackpush_screen.png ├── vars_screen.png └── xml_to_json_screen.png ├── init_commit.sh ├── linker.sh ├── msf_resource_scripts ├── all_post.rc ├── main.rc └── show_all_info.rc ├── opcodes.zsh ├── powershell_cmd_stager.py ├── requirements.txt ├── sf_parser.py ├── shellstorm.py ├── ssl_convert.zsh ├── stackpush.zsh ├── vars.zsh └── xml_to_json.py /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2020 redcodelabs.io 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 |

2 | 3 |

4 | 5 | Netenum 6 | 7 |

43 | 44 | 45 | 46 |

47 | Exports useful networking variables that can be used directly in terminal. 48 | 49 | 50 | ## msf\_resource\_scripts 51 |

52 | 53 | 54 | 55 |

56 | This directory contains a few `.rc` files for Metasploit Framework Console that automate certain tasks in the CLI. In order for them to work properly, put all scripts from this directory into your default path containing resource scripts for the framework, then load the main file: `msf5> resource main.rc`. 57 | 58 | ## sf_parser.py 59 |

60 | 61 | 62 | 63 |

64 | Pretty-print results of a SpiderFoot scan 65 | 66 | ## dnsdump.py 67 |

68 | 69 | 70 | 71 |

72 | 73 | Downloads an image representation of DNS graph from [dnsdump.com](http://dnsdump.com). 74 | 75 | 76 | ## fileinfo.zsh 77 |

78 | 79 | 80 | 81 |

82 | 83 | Presents basic information about selected file. 84 | 85 | 86 | ## fileserver.py 87 |

88 | 89 | 90 | 91 |

92 | 93 | Simple file server that exposes a local directory. 94 | 95 | 96 | ## opcodes.zsh 97 |

98 | 99 | 100 | 101 |

102 | Extracts opcodes from a binary, and prints them to STDOUT. Useful in shellcode development. 103 | 104 | 105 | ## stackpush.zsh 106 |

107 | 108 | 109 | 110 |

111 | Generates assembly instructions that push desired string onto the stack. 112 | 113 | 114 | ## ssl_convert.zsh 115 |

116 | 117 | 118 | 119 |

120 | Performs common OpenSSL file conversions. 121 | 122 | 123 | ## gitdownload.zsh 124 |

125 | 126 | 127 | 128 |

129 | Downloads a single file from a Github repository. 130 | 131 | 132 | ## cardmon.zsh 133 |

134 | 135 | 136 | 137 |

138 | Quickly switch between modes of a network interface. 139 | 140 | ## powershell\_cmd_stager.py 141 |

142 | 143 | 144 | 145 |

146 | Creates a command stager that will execute provided Powershell script 147 | 148 | ## xml\_to_json.py 149 |

150 | 151 | 152 | 153 |

154 | Converts a .xml file to JSON 155 | 156 | ## enum_forms.py 157 |

158 | 159 | 160 | 161 |

162 | Scrapes forms from URL 163 | 164 | 165 | ## linker.sh 166 | Creates symbolic links under '.' for all executables found in given directory 167 | 168 | ## init_commit.sh 169 | Creates a .git repository and pushes all files to remote 170 | 171 | ## shellstorm.py 172 |

173 | 174 | 175 | 176 |

177 | Searches for shellcodes using Shellstorm API. You can extract raw bytes of the shellcode and write it to a file 178 | 179 | 180 | ## License 181 | This software is under [MIT License](https://en.wikipedia.org/wiki/MIT_License) 182 | 183 | 184 | -------------------------------------------------------------------------------- /cardmon.zsh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/zsh 2 | red=`tput setaf 1` 3 | green=`tput setaf 2` 4 | yellow=`tput setaf 3` 5 | blue=`tput setaf 4` 6 | magenta=`tput setaf 5` 7 | grey=`tput setaf 8` 8 | reset=`tput sgr0` 9 | bold=`tput bold` 10 | underline=`tput smul` 11 | 12 | 13 | print_good(){ 14 | echo "${green}[+]${reset}" $1 15 | } 16 | print_error(){ 17 | echo "${red}[x]${reset}" $1 18 | } 19 | print_info(){ 20 | echo "[*]" $1 21 | } 22 | print_usage(){ 23 | echo "Usage: cardmon.sh [-h] IFACE [on|off] [CHANNEL]" 24 | } 25 | 26 | while getopts "h" opt; do 27 | case "$opt" in 28 | h) 29 | print_usage 30 | exit 0 31 | ;; 32 | esac 33 | done 34 | 35 | iface=$1 36 | state=$2 37 | channel=$3 38 | 39 | if [ "$#" -eq 0 ]; then 40 | print_error "Specify interface" 41 | exit 0 42 | fi 43 | 44 | if [[ "`iwconfig`" =~ .*$iface.* ]]; then 45 | : 46 | else 47 | print_error "No such interface: $iface" 48 | exit 0 49 | fi 50 | 51 | if [ "$#" -eq "1" ]; then #Fix this length 52 | iwconfig_out=`iwconfig $iface` 53 | if [[ "$iwconfig_out" =~ .*Monitor.* ]]; then 54 | print_info "Monitor mode is ${green}ENABLED${reset} on $iface" 55 | else 56 | print_info "Monitor mode is ${red}DISABLED${reset} on $iface" 57 | fi 58 | elif [ "$#" -eq "2" ]; then 59 | ifconfig $iface down 60 | if [ "$state" == "on" ]; then 61 | iwconfig $iface mode monitor 62 | print_info "Started monitor mode on $iface" 63 | elif [ "$state" == "off" ]; then 64 | iwconfig wlp3s0 mode managed 65 | print_info "Started managed mode on $iface" 66 | else 67 | print_error "No such state (use [on|off])" 68 | fi 69 | ifconfig $iface up 70 | elif [ "$#" -eq "3" ]; then 71 | ifconfig $iface down 72 | iw dev $iface set channel $channel 73 | ifconfig $iface up 74 | print_info "Set channel of $iface to $channel" 75 | fi 76 | 77 | 78 | 79 | 80 | 81 | -------------------------------------------------------------------------------- /dnsdump.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3.7 2 | import argparse 3 | import requests 4 | import shutil 5 | 6 | def arguments(): 7 | parser = argparse.ArgumentParser(prog="dnsdump") 8 | parser.add_argument("DOMAIN", help="Domain to query") 9 | parser.add_argument("OUTFILE", nargs="?", help="Name of the image file to save (default: _dnsdump.jpg)") 10 | return parser.parse_args() 11 | 12 | def main(): 13 | res = arguments() 14 | url = f"https://dnsdumpster.com/static/map/{res.DOMAIN}.png" 15 | image_filename = res.DOMAIN.split(".")[0]+"_dnsdump.png" 16 | if res.OUTFILE: 17 | image_filename = res.OUTFILE 18 | r = requests.get(url, stream=True) 19 | if r.status_code == 200: 20 | with open(image_filename, "wb") as f: 21 | r.raw.decode_content = True 22 | shutil.copyfileobj(r.raw, f) 23 | f.close() 24 | print(f"[*] Saved {res.DOMAIN} DNS dump in {image_filename}") 25 | 26 | if __name__ == "__main__": 27 | main() 28 | -------------------------------------------------------------------------------- /enum_forms.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3.7 2 | from huepy import * 3 | import argparse 4 | from terminaltables import SingleTable as st 5 | import requests 6 | from zetanize import zetanize 7 | 8 | def arguments(): 9 | parser = argparse.ArgumentParser() 10 | parser.add_argument("URL", help="Url to search forms in") 11 | return parser.parse_args() 12 | 13 | def main(): 14 | res = arguments() 15 | resp_text = requests.get(res.URL).text 16 | json_forms = zetanize.zetanize(resp_text)[0] 17 | action = json_forms["action"] 18 | forms_num = len(json_forms["inputs"]) 19 | table_data = [["NAME", "VALUE", "TYPE"]] 20 | for form in json_forms["inputs"]: 21 | table_data.append([green(form["name"]), form["value"], form["type"]]) 22 | info("Action: {}".format(action)) 23 | info("Found {} forms".format(forms_num)) 24 | print("") 25 | table = st(table_data) 26 | print(table.table) 27 | 28 | if __name__ == "__main__": 29 | main() 30 | -------------------------------------------------------------------------------- /fileinfo.zsh: -------------------------------------------------------------------------------- 1 | #!/bin/zsh 2 | red=`tput setaf 1` 3 | green=`tput setaf 2` 4 | yellow=`tput setaf 3` 5 | blue=`tput setaf 4` 6 | magenta=`tput setaf 5` 7 | grey=`tput setaf 8` 8 | reset=`tput sgr0` 9 | bold=`tput bold` 10 | underline=`tput smul` 11 | 12 | print_good(){ 13 | echo "${green}[+]${reset}" $1 14 | } 15 | 16 | print_error(){ 17 | echo "${red}[x]${reset}" $1 18 | } 19 | 20 | print_info(){ 21 | echo "[*]" $1 22 | } 23 | 24 | print_warning(){ 25 | echo "${yellow}[!]${reset}" $1 26 | } 27 | 28 | if [[ "$@" =~ .*-h.* ]]; then 29 | echo "Usage:" 30 | echo "\tfileinfo file" 31 | echo "Description:" 32 | echo "\tShow general information about a file" 33 | echo "Arguments:" 34 | echo "\tfile - file to inspect" 35 | return 36 | fi 37 | file=$1 38 | if [ $# -eq 0 ]; then 39 | print_error "Specify file" 40 | return 41 | fi 42 | if [ $? -eq 1 ]; then 43 | return 44 | fi 45 | if [[ -x "$file" ]]; then 46 | executable="${green}yes${reset}" 47 | else 48 | executable="${red}no${reset}" 49 | fi 50 | echo " 51 | ${green}*${reset}NAME: $file 52 | ${green}*${reset}CREATION DATE: $(stat -c %y $file| sed 's/^$[0-9\-]*$.*/\1/') 53 | ${green}*${reset}PERMISSIONS: $(stat -c "%a" $file) 54 | ${green}*${reset}SIZE: $(numfmt --to=iec-i --suffix=B --format="%.3f" $(stat --printf="%s" $file)) 55 | ${green}*${reset}EXECUTABLE: ${executable} 56 | ${green}*${reset}ENCODING: $(file -bi $file) 57 | " 58 | -------------------------------------------------------------------------------- /fileserver.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3.7 2 | import argparse 3 | from bottle import static_file, route, run 4 | import os.path 5 | 6 | def arguments(): 7 | parser = argparse.ArgumentParser() 8 | parser.add_argument('DIR', help="Directory to host") 9 | parser.add_argument('-d', '--debug', dest='DEBUG', help="Print debug messages") 10 | parser.add_argument('-p', '--port', action="store", 11 | default=8080, 12 | type=int, metavar="", dest='PORT', 13 | help="Port to run server on (default: 8080)") 14 | parser.add_argument('-bp', '--base-path', action="store", 15 | metavar="", dest='BASEPATH', 16 | help="Base path of server's files (http:////) (default: DIR)") 17 | return parser.parse_args() 18 | 19 | def main(): 20 | res = arguments() 21 | if res.BASEPATH: 22 | basepath = res.BASEPATH 23 | else: 24 | basepath = res.DIR 25 | @route('') 26 | def serve(filename): 27 | return static_file(filename, root=res.DIR) 28 | #if res.RUN_LOCALLY: 29 | # host = "localhost" 30 | #else: 31 | # host = "" 32 | run(host="0.0.0.0", port=res.PORT, debug=res.DEBUG) 33 | 34 | if __name__ == "__main__": 35 | main() 36 | -------------------------------------------------------------------------------- /gitdownload.zsh: -------------------------------------------------------------------------------- 1 | #!/bin/zsh 2 | 3 | red=`tput setaf 1` 4 | green=`tput setaf 2` 5 | yellow=`tput setaf 3` 6 | blue=`tput setaf 4` 7 | magenta=`tput setaf 5` 8 | grey=`tput setaf 8` 9 | reset=`tput sgr0` 10 | bold=`tput bold` 11 | underline=`tput smul` 12 | 13 | 14 | print_good(){ 15 | echo "${green}[+]${reset}" $1 16 | } 17 | print_error(){ 18 | echo "${red}[x]${reset}" $1 19 | } 20 | print_info(){ 21 | echo "[*]" $1 22 | } 23 | 24 | if [[ "$@" =~ .*-h.* ]]; then 25 | echo "Usage:" 26 | echo "\tgitdownload USERNAME REPOSITORY FILE" 27 | echo "Description:" 28 | echo "\tDownload a single file from a Github repository" 29 | echo "Arguments:" 30 | echo "\tusername - user that owns the repository" 31 | echo "\trepository - name of the repository" 32 | echo "\tfile - file to download" 33 | return 34 | else 35 | if [ $# -eq 0 ]; then 36 | print_error "Specify the USER" 37 | elif [ $# -eq 1 ]; then 38 | print_error "Specify the REPO" 39 | elif [ $# -eq 2 ]; then 40 | print_error "Specify the FILE" 41 | else 42 | user=$1 43 | repo=$2 44 | file=$3 45 | curl -LJO https://github.com/$user/$repo/raw/master/$file 46 | print_good "Downloaded $file ($(wc -c < $file) bytes)" 47 | fi 48 | fi 49 | -------------------------------------------------------------------------------- /img/cardmon_screen.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/redcode-labs/Citadel/f1de464365127ae5de559aa0b5de7a895906baeb/img/cardmon_screen.png -------------------------------------------------------------------------------- /img/citadel.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/redcode-labs/Citadel/f1de464365127ae5de559aa0b5de7a895906baeb/img/citadel.png -------------------------------------------------------------------------------- /img/dnsdump_screen.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/redcode-labs/Citadel/f1de464365127ae5de559aa0b5de7a895906baeb/img/dnsdump_screen.png -------------------------------------------------------------------------------- /img/enum_forms_screen.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/redcode-labs/Citadel/f1de464365127ae5de559aa0b5de7a895906baeb/img/enum_forms_screen.png -------------------------------------------------------------------------------- /img/fileinfo_screen.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/redcode-labs/Citadel/f1de464365127ae5de559aa0b5de7a895906baeb/img/fileinfo_screen.png -------------------------------------------------------------------------------- /img/fileserver_screen.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/redcode-labs/Citadel/f1de464365127ae5de559aa0b5de7a895906baeb/img/fileserver_screen.png -------------------------------------------------------------------------------- /img/gitdownload_screen.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/redcode-labs/Citadel/f1de464365127ae5de559aa0b5de7a895906baeb/img/gitdownload_screen.png -------------------------------------------------------------------------------- /img/msfscripts_screen.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/redcode-labs/Citadel/f1de464365127ae5de559aa0b5de7a895906baeb/img/msfscripts_screen.png -------------------------------------------------------------------------------- /img/opcodes_screen.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/redcode-labs/Citadel/f1de464365127ae5de559aa0b5de7a895906baeb/img/opcodes_screen.png -------------------------------------------------------------------------------- /img/powershell_cmd_stager_screen.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/redcode-labs/Citadel/f1de464365127ae5de559aa0b5de7a895906baeb/img/powershell_cmd_stager_screen.png -------------------------------------------------------------------------------- /img/sf_parser_screen.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/redcode-labs/Citadel/f1de464365127ae5de559aa0b5de7a895906baeb/img/sf_parser_screen.png -------------------------------------------------------------------------------- /img/shellstorm_screen.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/redcode-labs/Citadel/f1de464365127ae5de559aa0b5de7a895906baeb/img/shellstorm_screen.png -------------------------------------------------------------------------------- /img/sslconvert_screen.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/redcode-labs/Citadel/f1de464365127ae5de559aa0b5de7a895906baeb/img/sslconvert_screen.png -------------------------------------------------------------------------------- /img/stackpush_screen.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/redcode-labs/Citadel/f1de464365127ae5de559aa0b5de7a895906baeb/img/stackpush_screen.png -------------------------------------------------------------------------------- /img/vars_screen.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/redcode-labs/Citadel/f1de464365127ae5de559aa0b5de7a895906baeb/img/vars_screen.png -------------------------------------------------------------------------------- /img/xml_to_json_screen.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/redcode-labs/Citadel/f1de464365127ae5de559aa0b5de7a895906baeb/img/xml_to_json_screen.png -------------------------------------------------------------------------------- /init_commit.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | sudo git init 3 | sudo git remote add origin $1 4 | sudo git add . 5 | sudo git commit -m "Initial commit" 6 | sudo git push origin master -------------------------------------------------------------------------------- /linker.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | dir=$1 3 | prefix="" 4 | if (( $# > 1 )); then 5 | prefix=$2 6 | fi 7 | for executable in $(find $dir/ -executable); do 8 | link_name=$(echo $executable|awk -F'/' '{print $NF}'|awk -F',' '{print $1}') 9 | ln -sf $executable $prefix$link_name 10 | done -------------------------------------------------------------------------------- /msf_resource_scripts/all_post.rc: -------------------------------------------------------------------------------- 1 | 2 | selected_sessions = framework.datastore["SESSIONS"].split(",") 3 | background_run = "" 4 | if framework.datastore["BG"] == "true" 5 | background_run = "-j" 6 | end 7 | selected_sessions.each do |num,session| 8 | run_single("set session #{num}") 9 | print_status("Running #{active_module.fullname} against session #{num}") 10 | run_single("run #{background_run}") 11 | end 12 | 13 | -------------------------------------------------------------------------------- /msf_resource_scripts/main.rc: -------------------------------------------------------------------------------- 1 | clear 2 | color true 3 | load alias 4 | load post 5 | alias -f x resource msf_rc/all_post.rc 6 | alias -f sg setg 7 | alias si sessions -i 8 | alias sk sessions -K 9 | alias sl sessions -v 10 | alias i resource msf_rc/show_all_info.rc 11 | alias c clear 12 | alias u use 13 | alias -f r run 14 | alias j jobs -v 15 | alias jk jobs -k 16 | alias rc resource 17 | alias adv advanced 18 | set PROMPT [%redsessions:%whi%S %grnjobs:%whi%J] %yel%L%whi 19 | -------------------------------------------------------------------------------- /msf_resource_scripts/show_all_info.rc: -------------------------------------------------------------------------------- 1 | show info 2 | show advanced 3 | show actions 4 | show targets 5 | -------------------------------------------------------------------------------- /opcodes.zsh: -------------------------------------------------------------------------------- 1 | #!/bin/zsh 2 | red=`tput setaf 1` 3 | green=`tput setaf 2` 4 | yellow=`tput setaf 3` 5 | blue=`tput setaf 4` 6 | magenta=`tput setaf 5` 7 | grey=`tput setaf 8` 8 | reset=`tput sgr0` 9 | bold=`tput bold` 10 | underline=`tput smul` 11 | 12 | print_good(){ 13 | echo "${green}[+]${reset}" $1 14 | } 15 | 16 | print_error(){ 17 | echo "${red}[x]${reset}" $1 18 | } 19 | 20 | print_info(){ 21 | echo "[*]" $1 22 | } 23 | 24 | print_warning(){ 25 | echo "${yellow}[!]${reset}" $1 26 | } 27 | if [[ "$@" =~ .*-h.* ]]; then 28 | echo "Usage:" 29 | echo "\topcodes []" 30 | echo "Description:" 31 | echo "\tExtract opcodes from an executable file using objdump" 32 | echo "Arguments:" 33 | echo "\tfile - file to extract opcodes from" 34 | echo "\tformat - output format [*hex|bytes]" 35 | return 36 | fi 37 | format="hex" 38 | file=$1 39 | if [ $# -eq 0 ]; then 40 | print_error "Specify file" 41 | return 42 | fi 43 | if [ $# -eq 2 ]; then 44 | format=$2 45 | fi 46 | if [ $? -eq 1 ]; then 47 | return 48 | fi 49 | if [ "$format" = "hex" ]; then 50 | objdump -d $file | grep -Po '\s\K[a-f0-9]{2}(?=\s)' | sed 's/^/\\x/g' | perl -pe 's/\r?\n//' | sed 's/$/\n/' 51 | else 52 | objdump -d $file | grep -Po '\s\K[a-f0-9]{2}(?=\s)' | sed 's/^//g' | perl -pe 's/\r?\n//' | sed 's/$/\n/' 53 | fi 54 | -------------------------------------------------------------------------------- /powershell_cmd_stager.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3.7 2 | import argparse 3 | import base64 4 | 5 | def arguments(): 6 | parser = argparse.ArgumentParser(prog="powershell_cmd_stager") 7 | parser.add_argument("POWERSHELL_SCRIPT", help="Name of the .ps1 script to generate stager for") 8 | return parser.parse_args() 9 | 10 | def main(): 11 | res = arguments() 12 | script_encoded = base64.b64encode(open(res.POWERSHELL_SCRIPT).encode("utf-8")) 13 | cmd_stager = f""" 14 | %comspec% /b /c start /b /min powershell -nop -ep bypass -w hidden -c "IEX ([System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String({script_encoded})))" 15 | """ 16 | print(cmd_stager) 17 | 18 | if __name__ == "__main__": 19 | main() 20 | -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | argparse 2 | requests 3 | huepy 4 | terminaltables 5 | zetanize 6 | bottle 7 | xmltodict -------------------------------------------------------------------------------- /sf_parser.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3.7 2 | import sys 3 | import argparse 4 | from huepy import * 5 | from terminaltables import SingleTable 6 | import json 7 | 8 | def arguments(): 9 | parser = argparse.ArgumentParser(prog="sf_parser") 10 | parser.add_argument("FILE", help="JSON file with SpiderFoor's output to parse") 11 | return parser.parse_args() 12 | 13 | def main(): 14 | res = arguments() 15 | json_content = json.load(open(res.FILE)) 16 | table_data = [["SOURCE", "TYPE", "DATA"]] 17 | for result in json_content: 18 | table_data.append([red(result["source"]), blue(result["type"]), result["data"]]) 19 | table_instance = SingleTable(table_data) 20 | table_instance.inner_heading_row_border = True 21 | table_instance.inner_row_border = False 22 | table_instance.justify_columns = {0: 'left', 1: 'left', 2: 'left'} 23 | print(f"\n[*] Entries found: {len(json_content)}") 24 | print(table_instance.table) 25 | print("") 26 | 27 | 28 | 29 | if __name__ == "__main__": 30 | main() 31 | 32 | -------------------------------------------------------------------------------- /shellstorm.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3.7 2 | import argparse 3 | import requests #HTTP library 4 | from terminaltables import SingleTable #Library for printing beautiful tables 5 | import subprocess 6 | from huepy import * #Coloring library, install it with pip3 install huepy 7 | import re #Regex library 8 | 9 | def arguments(): 10 | parser = argparse.ArgumentParser(prog="shellstorm") 11 | #Main argument - those are the keywords that you pass to the api 12 | #nargs="*" explicitly states that number of words passed can be >= 1 13 | #we can pass a single ID as a keyword to momentally download desired shellcode 14 | parser.add_argument('KEYWORDS', nargs="*", help="Specify the keywords for shellcode search") 15 | 16 | #results are written to file specified by that string flag 17 | parser.add_argument("-w", "--write", type=str, help="Write selected shellcode to the file") 18 | 19 | #boolean flag: returns true if specified, and false otherwise 20 | parser.add_argument("-x", "--extract", action="store_true", help="Extract raw shellcode bytes") 21 | return parser.parse_args() 22 | 23 | 24 | def extract(string, extract_flag): 25 | if extract_flag: 26 | string = "".join(re.findall(r"x[a-f0-9][a-f0-g]", string)) #Regex to find all "x" values 27 | string = string.replace("x", "") #Removes trailing hex 28 | return string 29 | else: 30 | return string #If no "--extract" was passed, returns original string 31 | 32 | def main(): 33 | res = arguments() 34 | if not res.KEYWORDS[0].isdigit():#This condition states that no ID was passed, but keywords 35 | r = requests.get('http://shell-storm.org/api/?s={}'.format('*'.join(res.KEYWORDS))) 36 | shellcodes = r.text.splitlines() 37 | found = len(shellcodes) 38 | table_data = [["--TITLE--", '--PLATFORM--', '--ID--', '--AUTHOR--', '--URL--']] 39 | for shellcode in shellcodes: 40 | sc = shellcode.split('::::') #Returned results are splitted with "::::" - this is how API returns them 41 | table_data.append([blue(sc[2]), sc[1], red(sc[3]), sc[0], sc[4]]) 42 | table = SingleTable(table_data) 43 | table_instance = SingleTable(table_data) #Table init sequence and formatting setup 44 | table_instance.inner_heading_row_border = True 45 | table_instance.inner_row_border = False 46 | table_instance.justify_columns = {0: 'left', 1: 'left', 2: 'left'} #Columns orientation setup 47 | print() 48 | print(green(f"[*] {found} results found")) 49 | print() 50 | print(table_instance.table) 51 | shellcode_id = input(green("[*] Select shellcode id: ")) #Asks for ID of the shellcode we want to download 52 | subprocess.call("clear", shell=True) #Clears terminal, so results look better 53 | shellcode = requests.get('http://shell-storm.org/shellcode/files/shellcode-{}.php'.format(shellcode_id)).text #Retrieves the shellcode using GET request 54 | shellcode = shellcode.replace(""", '"')#Here, non UTF-8 compliant quotation marks are removed, so the file looks clearer 55 | shellcode = extract(shellcode, res.extract) #If --extract was passed, only raw bytes are outputed later 56 | print(blue(shellcode)) #Prints obtained shellcode 57 | if res.write: #Checks if the shellcode should be written to file 58 | fil = open(res.write, "w+") #File is opened her with extended write permissions ("w+") 59 | fil.write(shellcode) 60 | print(f"[*] Wrote shellcode #{shellcode_id} to the file") 61 | else:#This gets executed if a single ID was passed 62 | #subprocess.call("clear", shell=True) 63 | shellcode = requests.get('http://shell-storm.org/shellcode/files/shellcode-{}.php'.format(res.KEYWORDS[0])).text 64 | shellcode = shellcode.replace(""", '"') 65 | shellcode = extract(shellcode, res.extract) 66 | print(blue(shellcode)) 67 | if res.write: 68 | fil = open(res.write, "w+") 69 | fil.write(shellcode) 70 | print(f"[*] Wrote shellcode #{shellcode_id} to the file") 71 | 72 | if __name__ == "__main__": 73 | main() 74 | 75 | -------------------------------------------------------------------------------- /ssl_convert.zsh: -------------------------------------------------------------------------------- 1 | #!/bin/zsh 2 | 3 | red=`tput setaf 1` 4 | green=`tput setaf 2` 5 | yellow=`tput setaf 3` 6 | blue=`tput setaf 4` 7 | magenta=`tput setaf 5` 8 | grey=`tput setaf 8` 9 | reset=`tput sgr0` 10 | bold=`tput bold` 11 | underline=`tput smul` 12 | 13 | print_good(){ 14 | echo "${green}[+]${reset}" $1 15 | } 16 | 17 | print_error(){ 18 | echo "${red}[x]${reset}" $1 19 | } 20 | 21 | print_info(){ 22 | echo "[*]" $1 23 | } 24 | 25 | print_warning(){ 26 | echo "${yellow}[!]${reset}" $1 27 | } 28 | 29 | if [[ "$@" =~ .*-h.* ]]; then 30 | echo "Usage:" 31 | echo "\tssl " 32 | echo "Description:" 33 | echo "\tPerform common OpenSSL conversions and operations" 34 | echo "Arguments:" 35 | echo "\tsubcommand - subcommand to run" 36 | echo "Available subcommands" 37 | echo "\t* pem-der - convert .pem to .der certificate" 38 | echo "\t* der-pem - convert .der to .pem certificate" 39 | echo "\t* pem-p7b - convert .pem to .p7b certificate" 40 | echo "\t* pem-pfx - convert .pem to .pfx certificate" 41 | return 42 | fi 43 | if [ $# -eq 0 ]; then 44 | print_error "Specify subcommand" 45 | return 46 | fi 47 | subcommand=$1 48 | if [ "$subcommand" = "pem-der" ]; then 49 | required_arguments=3 #The number of required arguments = subcommand + it's arguments 50 | if [ $# -lt $required_arguments ]; then 51 | print_error "Not enough arguments" 52 | return 53 | fi 54 | pem_file=$2 55 | der_file=$3 56 | openssl x509 -outform der -in $pem_file -out $der_file 57 | elif [ "$subcommand" = "der-pem" ]; then 58 | required_arguments=3 #The number of required arguments = subcommand + it's arguments 59 | if [ $# -lt $required_arguments ]; then 60 | print_error "Not enough arguments" 61 | return 62 | fi 63 | der_file=$2 64 | pem_file=$3 65 | openssl x509 -inform der -in $der\ -out $pem_file 66 | elif [ "$subcommand" = "pem-p7b" ]; then 67 | required_arguments=4 68 | if [ $# -lt $required_arguments ]; then 69 | print_error "Not enough arguments" 70 | return 71 | fi 72 | pem_file=$2 73 | p7b_file=$3 74 | ca_file=$4 75 | openssl crl2pkcs7 -nocrl -certfile $pem_file -out $p7b_file -certfile $ca_file 76 | elif [ "$subcommand" = "pem-pfx" ]; then 77 | required_arguments=5 78 | if [ $# -lt $required_arguments ]; then 79 | print_error "Not enough arguments" 80 | return 81 | fi 82 | pem_file=$2 83 | pfx_file=$3 84 | ca_file=$4 85 | key_file=$5 86 | openssl pkcs12 -export -out $pfx_file -inkey $key_file -in $pem_file -certfile $ca_file 87 | else 88 | print_error "No such subcommand" 89 | return 90 | fi 91 | -------------------------------------------------------------------------------- /stackpush.zsh: -------------------------------------------------------------------------------- 1 | #!/bin/zsh 2 | 3 | red=`tput setaf 1` 4 | green=`tput setaf 2` 5 | yellow=`tput setaf 3` 6 | blue=`tput setaf 4` 7 | magenta=`tput setaf 5` 8 | grey=`tput setaf 8` 9 | reset=`tput sgr0` 10 | bold=`tput bold` 11 | underline=`tput smul` 12 | 13 | print_good(){ 14 | echo "${green}[+]${reset}" $1 15 | } 16 | 17 | print_error(){ 18 | echo "${red}[x]${reset}" $1 19 | } 20 | 21 | print_info(){ 22 | echo "[*]" $1 23 | } 24 | 25 | print_warning(){ 26 | echo "${yellow}[!]${reset}" $1 27 | } 28 | 29 | if [[ "$@" =~ .*-h.* ]]; then 30 | echo "Usage:" 31 | echo "\tstackpush " 32 | echo "Description:" 33 | echo "\tFormat a string in assembly pish instructions" 34 | echo "Arguments:" 35 | echo "\tstring - string to push" 36 | fi 37 | 38 | string=$1 39 | if [ $# -eq 0 ]; then 40 | print_error "Specify string" 41 | return 42 | fi 43 | echo -en "$string" | hexdump -v -e '1/4 "push 0x%08x\n"' | tac 44 | 45 | 46 | -------------------------------------------------------------------------------- /vars.zsh: -------------------------------------------------------------------------------- 1 | #!/bin/zsh 2 | 3 | red=`tput setaf 1` 4 | green=`tput setaf 2` 5 | yellow=`tput setaf 3` 6 | blue=`tput setaf 4` 7 | magenta=`tput setaf 5` 8 | grey=`tput setaf 8` 9 | reset=`tput sgr0` 10 | bold=`tput bold` 11 | underline=`tput smul` 12 | 13 | 14 | #iface=`ip addr show | awk '/inet.*brd/{print $NF}'` 15 | iface=$(ip addr show|grep default|grep -i up|grep -vi loopback|tail -1|awk '{print $2}'|sed 's/:/'/) 16 | hostname=`cat /etc/hostname` 17 | ip_re="(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)" 18 | mac_re="\w\w:\w\w:\w\w:\w\w:\w\w:\w\w" 19 | ip_loopback="127.0.0.1" 20 | ip_local=`ip addr | grep 'state UP' -A2 | tail -n1 | awk '{print $2}' | cut -f1 -d'/'` 21 | ip_global=`curl -s http://whatismyip.akamai.com/` 22 | ip_gateway=`ip route show 0.0.0.0/0 dev $iface | cut -d\ -f3` 23 | network=`iwconfig wlp3s0 | grep ESSID | awk -F: '{print $2}' 2>/dev/null` 24 | network=`echo $network|tr -d \"` 25 | subnet=`ip -o -f inet addr show | awk '/scope global/ {print $4}'` 26 | 27 | if [[ "$@" =~ .*-h.* ]]; then 28 | echo "$red$bold#$reset Available variables:" 29 | echo "\t\$iface $bold$green-$reset Name of the curently active wireless network interface ($bold$iface$reset)" 30 | echo "\t\$hostname $bold$green-$reset Hostname of the machine ($bold$hostname$reset)" 31 | echo "\t\$ip_re $bold$green-$reset Regex for IP address " 32 | echo "\t\$mac_re $bold$green-$reset Regex for MAC address" 33 | echo "\t\$ip_loopback $bold$green-$reset Loopback IP address ($bold$ip_loopback$reset)" 34 | echo "\t\$ip_local $bold$green-$reset Local IP address on the current network ($bold$ip_local$reset)" 35 | echo "\t\$ip_global $bold$green-$reset Global IP address ($bold$ip_global$reset)" 36 | echo "\t\$ip_gateway $bold$green-$reset IP address of the gateway ($bold$ip_gateway$reset)" 37 | echo "\t\$network $bold$green-$reset Name of the currently used network ($bold$network$reset)" 38 | echo "\t\$subnet $bold$green-$reset Current network segment in CIDR notation ($bold$subnet$reset)" 39 | echo 40 | fi 41 | 42 | -------------------------------------------------------------------------------- /xml_to_json.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/python3.7 2 | import json 3 | import argparse 4 | import xmltodict 5 | 6 | def arguments(): 7 | parser = argparse.ArgumentParser() 8 | parser.add_argument("FILE", help="File in .xml format to convert") 9 | return parser.parse_args() 10 | 11 | def main(): 12 | res = arguments() 13 | f = open(res.FILE) 14 | xml_content = f.read() 15 | f.close() 16 | print(json.dumps(xmltodict.parse(xml_content), indent=4, sort_keys=True)) 17 | 18 | if __name__ == "__main__": 19 | main() 20 | --------------------------------------------------------------------------------