This is a repository filled with scripts that were made with Python, and designed to exploit computer systems.

Related tags

Security related resourcesPYTHON-EXPLOITATION
Overview

PYTHON-EXPLOITATION

This is a repository filled with scripts that were made with Python, and designed to exploit computer systems.

Networking

tcp_clinet.py

The tcp_clinet.py script is used to push data to a server in the event that you are not able to use the typical networking tools. In the script we:

  • Create a socket object (line 8): the AF_INET parameter indicates we will use a standard IPv4 address or hostname, and SOCK_STREAM indicates that this will be a TCP client.
  • Connect to the client server (line 11): note that, since we are using a TCP client, we must first connect to our server (via the TCP handshake) to send data to it.
  • Send the server some data in bytes (line 14)
  • Recieve data back from the server and print out the response (line 17)

    Note that this script makes numerous assumptions about the server we are engaging with:

  • It assumes that our connection will always succeed as it does not have a fallback function in the event that the server rejects our connection.
  • It assumes that the server expects us to send data first. Sometimes, the server will want to send us data first - this is especially true if the server is being guarded by a firewall of some kind.
  • The script assumes that the server will always return data to us in a timely fashion.

    The assumptions are made for simplicity's sake. All things considered, sometimes less is more.

    udp_client.py

    Our udp_client.py script is much different from our tcp script, only that it it configured to send data via the user datagram protocol (but that much was obvious):

    • We change the socket type to SOCK_DGRAM to indicate that we will be using sending data via the UDP (line 6).
    • Also, notice that there is no connect() method beforehand, since we do not need to connect to a server beforehand using UDP. This is because UDP is a connectionaless protocol.
    • The last step is to call the recvfrom() method to receive UDP data back. This returns both the data and the details of the remote host and port (line 9).

    tcp_server.py

    The tcp_server.py is just that, a multi-threaded python TCP server that we can use in the event we want to write a command shell or craft a proxy.

    • Firstly, we pass in the IP address and port we want the server to listen on (line 9).
    • Next, we tell the server to simply start listening with a max backlog of connections set to 5 (line 10). Now ther server waits for a connection.
    • Once the clinet connects, we get the client socket in the client variable and the remote connection details in teh address variable.
    • We tehn start the thread to handle the client connection (line 17).
    • The handle_client function performs rec() and then sens a simple message back to the client.
    • Owner
    Nathan Galindo
    Hi, my name is Nathan Galindo and I am a cybersecurity student at Baylor University!
    Nathan Galindo
    GitHub Repository
    A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications

    This project is no longer maintained March 2020 Update: Please go see the amazing Pysa tutorial that should get you up to speed finding security vulne

    2.1k Dec 25, 2022
    Valeria stealer- - (4Feb 2022) program detects wifi saved passwords in your ROM

    Valeria_stealer- Requirements : python 3.9.2 and higher (4Feb 2022) program dete

    Mikhail Yolkin 3 May 05, 2022
    this keylogger is only for pc not for android but it will only work on those pc who have python installed it is made for all linux,windows and macos

    Keylogger this keylogger is only for pc not for android but it will only work on those pc who have python installed it is made for all linux,windows a

    Titan_Exodous 1 Nov 04, 2021
    MozDef: Mozilla Enterprise Defense Platform

    MozDef: Documentation: https://mozdef.readthedocs.org/en/latest/ Give MozDef a Try in AWS: The following button will launch the Mozilla Enterprise Def

    Mozilla 2.2k Jan 08, 2023
    A decompilation of the Nintendo Switch version of Captain Toad: Treasure Tracker

    cttt-decomp A decompilation of the Nintendo Switch version of Captain Toad: Trea

    shibbs 14 Aug 17, 2022
    domato but as a website

    ROFL-FUZZER Ths is Domato, a DOM Fuzzer from Google, but hosted as an website It generates a instance of a newtab on the template given by the user ,

    Swapnadeep Som 18 Nov 22, 2021
    This respository contains the source code of the printjack and phonejack attacks.

    Printjack-Phonejack This repository contains the source code of the printjack and phonejack attacks. The Printjack directory contains the script to ca

    pietrobiondi 2 Feb 12, 2022
    Official implementation of the paper "Backdoor Attacks on Self-Supervised Learning".

    SSL-Backdoor Abstract Large-scale unlabeled data has allowed recent progress in self-supervised learning methods that learn rich visual representation

    UMBC Vision 44 Nov 21, 2022
    Create a secure tunnel from a custom domain to localhost using Fly and WireGuard.

    Fly Dev Tunnel Developers commonly use apps like ngrok, localtunnel, or cloudflared to expose a local web service at a publicly-accessible URL. This i

    170 Dec 11, 2022
    AMC- Automatic Media Access Control [MAC] Address Spoofing Tool

    AMC (Automatic Media Access Control [MAC] Address Spoofing tool), helps you to protect your real network hardware identity. Each entered time interval your hardware address was changed automatically.

    Dipen Chavan 14 Dec 23, 2022
    A terminal based web shell controller

    shell-hack Tribute to Chinese ant sword; A Powerful terminal based webshell controller; Usage : Usage : python3 shell-hack.py --url [URL] --w

    s1mple 10 Dec 28, 2021
    Facebook Fast Cracking Tool With Python

    Pro-Crack Facebook Fast Cracking Tool This is a multi-password‌ cracking tool that can help you hack facebook accounts very quickly Installation On Te

    ReD H4CkeR 5 Feb 19, 2022
    An easy-to-use wrapper for NTFS-3G on macOS

    ezNTFS ezNTFS is an easy-to-use wrapper for NTFS-3G on macOS. ezNTFS can be used as a menu bar app, or via the CLI in the terminal. Installation To us

    Matthew Go 34 Dec 01, 2022
    Operational information regarding the vulnerability in the Log4j logging library.

    Log4j Vulnerability (CVE-2021-44228) This repo contains operational information regarding the vulnerability in the Log4j logging library (CVE-2021-442

    Nationaal Cyber Security Centrum (NCSC-NL) 1.9k Dec 26, 2022
    PKUAutoElective for 2021 spring semester

    PKUAutoElective 2021 Spring Version Update at Mar 7 15:28 (UTC+8): 修改了 get_supplement 的 API 参数,已经可以实现课程列表页面的正常跳转,请更新至最新 commit 版本 本项目基于 PKUAutoElectiv

    Zihan Mao 84 Sep 09, 2022
    Kriecher is a simple Web Scanner which will run it's own checks for the OWASP

    Kriecher is a simple Web Scanner which will run it's own checks for the OWASP top 10 https://owasp.org/www-project-top-ten/# as well as run a

    1 Nov 12, 2021
    Linus-png.github.io - Versionsverwaltung & Open Source Hausaufgabe

    Let's Git - Versionsverwaltung & Open Source Hausaufgabe Herzlich Willkommen zu

    1 Jan 24, 2022
    Python Password Generator

    This is a console-based version of a password generator written with Python. The program generates a password based on numbers of letters, numbers, and symbols specified by the user. This is a simple

    p.katekomol 1 Jan 24, 2022
    Fast and easy way to rollout on multiple GitLab project file a particular content.

    Volatile Fast and easy way to rollout on multiple GitLab project file a particular content. Why ? After looking for a tool to simply enforce a develop

    Lujeni 4 Jan 17, 2022
    A Tool to find subdomains from hackerone reports.

    Hactivity A Tool to find subdomains from Hackerone reports of a given company or a search term (xss, ssrf, etc). It can also print out URL and Title o

    Stinger 15 Jul 24, 2022