Second part with more scripts oriented to cybersecurity and networking, any feedback is welcome to improve. All this has to be used for ethical purposes and in controlled environments.
What this repository contains
I will gradually add more scripts, for now:
A DNS parser
A malware detector in bin files
A keylogger
Enhanced hashes cracker
File and directory permissions auditor
Dictionary generator
All scripts are accompanied by their dependencies and can be upgraded to a more powerful version at any time.
A DNS parser
This script analyzes DNS traffic in real time and detects suspicious patterns, such as unusual queries or possible DNS tunneling attacks. This script should work correctly if TShark is installed and configured correctly on your system. Make sure TShark is in your PATH so that pyshark can find it.
- Filters A-type packets, CNAME, and unusual queries
- It generates alerts if it detects:
- Queries with long or repeated names
- Queries to suspicious domains (blacklist).
A malware detector in bin files
Analyzes binary files for suspicious patterns, known hashes or strings common in malware.
- Basic scheme:
- Extract hashes (MD5, SHA256) from the file
- Compare with a malicious hashes database (such as VirusTotal API)
- Identify strings embedded in binaries
A keylogger
It records keystrokes for educational or forensic analysis purposes.
- Using a keyboard monitoring library
- Save keystrokes to a file or send them to a controlled server
Enhanced hashes cracker
Breaks hashes using dictionaries and supports various algorithms (MD5, SHA-256, bcrypt...)
- Load a target hash and a dictionary
- Compare hashes generated from the dictionary with the target
- Support for multiple algorithms
File and directory permissions auditor
Scans the system for insecure permission settings
- Uses os to browse directories and obtain permissions
- Detects permissions as 777 and alerts the user
Use of the script:
To use the script, save the code in a file, for example audit_permissions.py, and run the script from the command line with administrator permissions:
Windows: Open the command line as administrator and run the script.
Unix: Run the script with sudo:
sudo python audit_permissions.py /route/to/audit -l audit_log.txtFor example, to audit the critical path /etc on a Unix system:
sudo python audit_permissions.py /etc -l audit_log.txtDictionary generator
Creates customized dictionaries based on user patterns (dates, names, keywords)
- Request basic information (names, dates, related words...)
- Combine patterns to generate combinations
- Save the dictionary to a file
Use of the script:
To use the script, save the code in a file, for example generate_dictionary.py, and run the script from the command line:
python generate_dictionary.py <words> <max_length> <output_file> [options]For example, to generate a dictionary with the base words “admin”, “2023”, “password”, with a maximum length of 3, including special characters and numbers, and save it in dictionary.txt:
python generate_dictionary.py "admin2023password" 3 dictionary.txt -s -n