Created this python script to look for an IP Address in one list and find it in a reputation IP list.
#!/usr/bin/python
import os
with open("tempIP.list", "r") as f1:
lines1 = f1.readlines()
with open("reputation.list", "r") as f2:
lines2 = f2.readlines()
for line in lines1:
for item in lines2:
if line.strip('\n') in item.strip('\n'):
print item
Twitter: @lokut
This blog is for educational purposes only. The opinions expressed in this blog are my own and do not reflect the views of my employers.
Monday, June 16, 2014
Friday, June 6, 2014
Which URL matches a Particular Regular Expression
I needed a quick tool to check and see which regular expression a particular URL matched. Below is what I came up with which is simple and elegant:
#!/usr/bin/python
# This script is to detect based on a given URL which Regular Expression that it matches
import re
#Get the URL
print
url = raw_input('URL: ')
#print url
ListRegEx = [["http:\/\/[^\x2f]+?\/([a-z0-9]{2}\/)?\??[0-9a-f]{5}[\x3b\d\x2c]*", "Malicious URL"],
["http:\/\/[^\x0a]+\/6?2p\/[a-z]{12}", "Malicious URL"]]
for itemRegEx in ListRegEx:
regexp = re.compile(itemRegEx[0])
if regexp.search(url) is not None:
print "Matched " + itemRegEx[1]
print
#!/usr/bin/python
# This script is to detect based on a given URL which Regular Expression that it matches
import re
#Get the URL
url = raw_input('URL: ')
#print url
ListRegEx = [["http:\/\/[^\x2f]+?\/([a-z0-9]{2}\/)?\??[0-9a-f]{5}[\x3b\d\x2c]*", "Malicious URL"],
["http:\/\/[^\x0a]+\/6?2p\/[a-z]{12}", "Malicious URL"]]
for itemRegEx in ListRegEx:
regexp = re.compile(itemRegEx[0])
if regexp.search(url) is not None:
print "Matched " + itemRegEx[1]
Subscribe to:
Posts (Atom)
Test Authentication from Linux Console using python3 pexpect
Working with the IT420 lab, you will discover that we need to discover a vulnerable user account. The following python3 script uses the pex...
-
Here is a quick walk through of GetBoo. The first item that I found was you can harvest the usernames of the existing users that are regist...
-
As I was glancing through the logs of my honeypots I spent some time to look at the following logs. In the past I have just overlooked them...
-
I thought I would work through a few of these web applications provided by OWASP on their broken web applications VM. The first one I th...
-
Today looking at the logs of the honeypots, I became curious based on the whois of the IP Addresses attempting to login to SSH which country...
-
Recently I was doing some scanning with a tool that is available on github called masscan. The tool allows you to configure a configuration...