Graphically Plotting Wifi Traffic

This is going to be a down and dirty post about about using neo4j to graphically plot and analyze the relationships between Wi-fi nodes using the air around us. This is not anything new or novel. Sensepost released their Snoopy platform back in ~2012 that does largely the same thing using Patvera’s Maltego. This shows some of the powerful insights that you can create by using a few lines of code, and a graphing database.

[Read More]

Post-exploitation using Python Standard Libraries

Introduction

Mike LaRoe

Email: mlaroe.bitrot@gmail.com

Let’s go over some fundamental Python standard libraries and how, with those libraries alone, your toolbox during a CTF or red team (or blue!) situation will have many of the answers needed to point you on the path to success. These modules are important because they come naturally with Python installations and do not require any additional installations (which require privilege).

[Read More]

Python Flask NordVPN Map Interface

While exploring some additional VPN options for work, I decided to give NordVPN a try. They have a plethora of exit nodes, and have generally decent user feedback and claims that they do not log traffic. NordVPN’s Linux client is essentially a zip file full of OpenVPN configuration files. There are some other projects for managing NordVPN connections, but I decided to have a quick go at creating a graphical bare bones interface using Python and Flask.

[Read More]

Python Phone Push Notification Scheduler

Recently, I’ve been looking at solutions for pushing messages to my phone for work related activities. I work remotely, and often run jobs that take hours to run in the background. Simply having a notification that pushes to my phone to check a job’s results will suffice. I’m generally paranoid, so I’m particular about what information I trust to various providers. Part of this paranoia drives me to segregate my home and work traffic. Work (but non-corporate… think research) traffic takes place over a VPN, and often hits rate-limits with APIs due to other users. This project will setup a push notification system that will reschedule messages at a set time in the future if we hit an API limit.

[Read More]

PyCoin - Automated BitCoin Updates via SMS

There’s a lot of buzz around BitCoin right now. A lot of people frequent going to CoinBase or Google to find the price of BitCoin. I decided to make a automated script that would text you the price of BitCoin using Python. I used CoinBase API along with Twilio API to complete this task. There are ways to use python SMS without Twilio but I won’t be covering that here.

While this might not be Red Team related I feel it’s relevant in helping people with python, automation, and SMS. This same method could be used for automated texting to you if an engagement were successful. For example if a victim enters credentials to your C2, real time updating from implants, etc. You get the idea.

[Read More]