LZ HackingLZ

This is not the git account you're looking for...mainly backing up public repos.

HackingLZ / emoji_lulz.py

Last active August 16, 2025 14:51

Detect Python code written by AI easily with science

HackingLZ / m365_osint_recon.py

Created August 7, 2025 16:28

	#!/usr/bin/env python3
	"""
	M365 OSINT Reconnaissance Tool
	Based on techniques from: https://dstreefkerk.github.io/2025-07-m365-email-osint-after-lockdown/

	This script performs modern M365/Azure AD reconnaissance after Microsoft's lockdown of traditional
	enumeration methods. It uses multiple validation techniques to discover organizational information
	and attempts to infer MOERA domains.
	"""

HackingLZ / trevor.rs

Created June 24, 2025 15:24

Trevor C2 Rust

	use aes::Aes256;
	use base64;
	use cbc::{Decryptor, Encryptor};
	use cbc::cipher::{block_padding::Pkcs7, BlockDecryptMut, BlockEncryptMut, KeyIvInit};
	use hostname;
	use rand::{Rng, RngCore};
	use sha2::{Digest, Sha256};
	use std::env;
	use std::io::Read;
	use std::process::{Command, Stdio};

HackingLZ / m4benchmark.txt

Last active November 13, 2024 12:23

M4 Max 64gb Hashcat Full Benchmark

	hashcat (v6.2.6) starting in benchmark mode

	Benchmarking uses hand-optimized kernel code by default.
	You can use it in your cracking session by setting the -O option.
	Note: Using optimized kernel code limits the maximum supported password length.
	To disable the optimized kernel code in benchmark mode, use the -w option.

	* Device #2: Apple's OpenCL drivers (GPU) are known to be unreliable.
	You have been warned.

HackingLZ / nicecurl.py

Created May 2, 2024 13:43

NICECURL Lnk Gen

	# https://cloud.google.com/blog/topics/threat-intelligence/untangling-iran-apt42-operations/
	import argparse
	import random
	import win32com.client

	def insert_digit(word, digit):
	pos = random.randint(1, len(word) - 1)
	return word[:pos] + digit + word[pos:]

	def generate_command(url, file_path):

HackingLZ / nessus_report_download.py

Created March 26, 2024 13:35

Download Nessus reports as CSV via API

	import requests
	import time
	import os

	# Nessus API credentials and host
	nessus_url = "https://123.123.123.123:8834"
	access_key = "x"
	secret_key = "x"
	headers = {
	'X-ApiKeys': f'accessKey={access_key}; secretKey={secret_key}',

HackingLZ / basic_azure.py

Created March 18, 2024 19:18

Basic Azure Enum

	import argparse
	import random
	import re
	import requests
	import string
	import socket
	import xml.etree.ElementTree as ET

	def generate_random_username(min_length=7, max_length=16):
	length = random.randint(min_length, max_length)

HackingLZ / patch_docx.py

Created March 5, 2024 00:21

Replace Canarytoken URL

	import argparse
	import zipfile
	import os
	import re

	def modify_all_files_in_zip(zip_path, search_pattern, replace_with):
	temp_dir = 'temp_unzip'
	os.makedirs(temp_dir, exist_ok=True)

	with zipfile.ZipFile(zip_path, 'r') as zip_ref:

HackingLZ / aws_convert.py

Last active February 22, 2024 20:12

Convert AWS Key ID to AWS Account ID single/output csv

	#!/usr/bin/python3
	# https://trufflesecurity.com/blog/canaries

	import argparse
	import base64
	import binascii
	import csv

	parser = argparse.ArgumentParser(description='Process AWS Key ID(s) to AWS Account ID(s)')
	parser.add_argument('-k', '--keyid', type=str, help='Single AWS Key ID to process')

HackingLZ / cs_parse_encodingrules.py

Created January 10, 2024 22:15

Parser for tweet https://twitter.com/banthisguy9349/status/1745039649750360459

	#https://twitter.com/banthisguy9349/status/1745039649750360459
	import argparse
	import base64
	import codecs
	from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
	from cryptography.hazmat.backends import default_backend
	from os import urandom
	import urllib.request
	import hashlib
	import re