I added extra plaintexts for the modulus of Cobalt Strike’s public RSA key.
xor-kpa_V0_0_7.zip (http)MD5: FB8155E56234648CC3AFFD890BFE9043
SHA256: 069DCA2A1901D448DBF2CF202B5CE49846EFCBAACB73BF35B20AA085AAB31BA9
Tuesday 14 February 2023
Update: xor-kpa.py Version 0.0.7
MD5: FB8155E56234648CC3AFFD890BFE9043
SHA256: 069DCA2A1901D448DBF2CF202B5CE49846EFCBAACB73BF35B20AA085AAB31BA9
Monday 13 February 2023
Update: file-magic.py Version 0.0.6
This new version of file-magic.py adds a definition to identify OneNote .one files:
And adds support for pyzipper.
file-magic_V0_0_6.zip (http)MD5: 2C564E9B215672BA9352934C8B91B0EC
SHA256: 6102CE6788EB17B17AB3C0AB054FE9ECA2C557E9349A7ACF9612759CC5C6CA97
Sunday 12 February 2023
Update: pdf-parser.py Version 0.7.8
A small feature update for pdf-parser.py Statistics include unreferenced objects now:
MD5: 7BBEA9497666397CBBB88B012A710210
SHA256: FE393865861E00B48124B99CD5AEBBB5A632F1FBD883F4E4044DF8C8FA75BE9D
Sunday 22 January 2023
Update: process-binary-file Version 0.0.8
New functions and classes have been added to process-binary-file.py.
python-templates_V0_0_9.zip (http)MD5: 7C5E8602F225735015E9A431C5818762
SHA256: CAEEEBB1E402E5127A431446A01BBE607B22AA0EB1F6FA12B8E7703275BE6F15
Thursday 29 December 2022
Update: zipdump.py Version 0.0.24
A small update to option -W of zipdump.py.
Next to value vir, you can now also specify values hash and hashvir.
hash: write each file with name equal to the SHA256 of the content of the file.
hashvir: write each file with name equal to the SHA256 of the content of the file plus extension .vir.
zipdump_v0_0_24.zip (http)MD5: 33E7B7602263CB2C23D59C7EDEC8666C
SHA256: 1BEF40A9B567DAE84563FEA1B4DE8E0BD7F5926F7FCFF6D7086D2643133FBACE
Sunday 25 December 2022
Update: dnsresolver.py Version 0.0.2
This update to dnsresolver.py, my custom DNS server, adds a command to forward DNS request.
With this forward command, all requests that are not handled by other commands, are forwarded to the provided DNS server.
dnsresolver_V0_0_2.zip (http)MD5: D96EA9517E106C4C9E3668AB6799B150
SHA256: 611C1540FE7FA2016E38689A153681428BBF3EAFC927A62342310A93022B3EC4
Saturday 24 December 2022
Update: myjson-filter.py Version 0.0.3
This update of myjson-filter.py adds an option (-t) to filter on the magic field added by file-magic.py.
To be explained in an upcoming blog post.
myjson-filter_V0_0_3.zip (http)MD5: AB8AF505B120D02AD1A9846A72A340B5
SHA256: AB73314ACCD65EC765D6DDA629AF273FF882D293F11F6A2EA8FC633B019E5836
Friday 23 December 2022
Update: file-magic.py Version 0.0.5
This update of file-magic.py brings option –jsonoutput to augment json input data with a magic field.
To be explained in an upcoming blog post after myjson-filter.py update is released.
file-magic_V0_0_5.zip (http)MD5: 5B4CB4EE75E1CAC7705E33CCE4809E10
SHA256: 876F9AC31E1EC395EB93922AA2A7EFA027534F7343500648FE0A036021C7F1B9
Thursday 22 December 2022
Update: nsrl.py Version 0.0.4
This is a bug fix version for my nsrl.py script, a tool to check hashes with the NSRL list.
nsrl_V0_0_4.zip (http)MD5: 6F72B03493C73E88CB3771C860BC76D0
SHA256: D68039B8654C1D52CD1C12670C7E885E462B72BF23892E86BE86E6381C95B669
Wednesday 21 December 2022
Update: InteractiveSieve Version 0.9.2.0
New features:
- Loading files from command line arguments
- Column index to right click-menu
- “Hide (if equal to prev and next)” to right click-menu
- “Values separator…” to right click-menu
- “Hide duplicates” to right click-menu
- Added column filtering when loading files
MD5: 74A4019A36199C5057207184341FB639
SHA256: D9481C99F44FCEA0729F526B70E307881E2128FB1EB23DF135790EDB4392CB4A
Didier Stevens 