Tag: python

Burp, Python

Simple python script to make multiple raw requests from Burp

* Open your Burp. * Copy requests from Repeater. * Store them in txt files. One request per file. * Edit/Set auth cookies inside script. * Run python call_burp_requests.pypython call_burp_requests.py Download https://gist.github.com/maldevel/a19cc1a959023f40518c48a95448c3b9 import requests import os   proxies = { ‘http’: ‘’, ‘https’: ‘’, }   protocol = ‘https’ xsrf = ‘xsrf-token’ auth_cookie = ‘sessionid=blah-blah-blah’ …


A powerful DNS toolkit for python

nslookup is a network administration command-line tool available for many computer operating systems for querying the Domain Name System (DNS) to obtain domain name or IP address mapping or for any other specific DNS record. – Wikipedia DNS record types A,AAAA,AFSDB,APL,CAA,CDNSKEY,CDS,CERT,CNAME,DHCID,DLV, DNAME,DNSKEY,DS,HIP,IPSECKEY,KEY,KX,LOC,MX,NAPTR,NS, NSEC,NSEC3,NSEC3PARAM,PTR,RRSIG,RP,SIG,SOA,SRB,SSHFP, TA,TKEY,TLSA,TSIG,TXT,*,AXFR,IXFR,OPT – Wikipedia dnspython is a DNS toolkit for Python. It supports …

Debugging, Forensics

Debug processes using ptrace and python

python-ptrace is a debugger using ptrace (Linux, BSD and Darwin system call to trace processes) written in Python. Features * High level Python object API : PtraceDebugger and PtraceProcess * Able to control multiple processes: catch fork events on Linux * Read/write bytes to arbitrary address: take care of memory alignment and split bytes to …

Enumeration, Footprinting

Enumerate subdomains through a wordlist

Knockpy is a python tool designed to enumerate subdomains on a target domain through a wordlist. Usage knockpy [-h] [-v] [-w WORDLIST] [-r] [-z] domain   positional arguments: domain specific target domain, like domain.com   optional arguments: -h, –help show this help message and exit -v, –version show program’s version number and exit -w WORDLIST …


Intrusion Detection-Prevention System Testing Framework

Pytbull is a python based flexible Intrusion Detection/Prevention System (IDS/IPS) Testing Framework for Snort, Suricata and any IDS/IPS that generates an alert file. It can be used to test the detection and blocking capabilities of an IDS/IPS and to validate config. The only way to ensure your IDS/IPS detects and blocks unwanted traffic is to …

Hacking, Python

Manipulate Network Packets

Impacket is a collection of Python classes for working with network protocols. Impacket is focused on providing low-level programmatic access to the packets and for some protocols (for instance NMB, SMB1-3 and MS-DCERPC) the protocol implementation itself. Packets can be constructed from scratch, as well as parsed from raw data, and the object oriented API …


Gmail Windows backdoor

Gdog is a stealthy Python based Windows backdoor that uses Gmail as a command and control server. This project was inspired by the gcat(https://github.com/byt3bl33d3r/gcat) from @byt3bl33d3r. Requirements Python 2.x PyCrypto module WMI module Enum34 module Netifaces module Features Encrypted transportation messages (AES) + SHA256 hashing Generate computer unique id using system information/characteristics (SHA256 hash) Job …


How to install PyCrypto on Windows

Python Cryptography Toolkit (pycrypto) is a collection of both secure hash functions (such as SHA256 and RIPEMD160), and various encryption algorithms (AES, DES, RSA, ElGamal, etc.). The package is structured to make adding new modules easy. > Download Microsoft Visual C++ Compiler for Python 2.7 > Run command prompt as adminsitrator > Execute: msiexec /i …

Programming, Python

Install python3 packages with pip

Assuming that you have python2 also installed on the system. >> Install virtualenv sudo apt-get install virtualenvsudo apt-get install virtualenv >> Create shortcut virtualenv -p /usr/bin/python3 py3virtualenv -p /usr/bin/python3 py3 >> Activate shortcut source py3/bin/activatesource py3/bin/activate >> Install package pip install packagepip install package