Added some Tools

imphash    :  generates a Virustotal compatible IMPHASH for a binary
ltop       :  does 'sort|uniq -c' but with live update in ncurses
smtpbanner :  grabs smtp banner
uniq       :  like uniq but does not need sorting.
uniqrs     :  same as uniq but written in Rust

codegrab/imphash.py

@@ -0,0 +1,5 @@
+#!/usr/bin/env python3
+import pefile
+import sys
+pe=pefile.PE(sys.argv[1])
+print(pe.get_imphash())

codegrab/ltop.py

@@ -0,0 +1,65 @@
+#!/usr/bin/env python3
+import sys
+import curses
+from operator import itemgetter
+import time
+
+# Number of top items to be displayed
+N = 10
+
+
+def gen_output(item_dict, N=10):
+    """
+    Generate a formatted output string for the top N items in item_dict.
+    
+    :param item_dict: A dictionary containing items and their counts
+    :param N: The number of top items to be displayed
+    :return: A generator yielding formatted strings for each of the top N items
+    """
+    top_items = dict(sorted(item_dict.items(), key=itemgetter(1), reverse=True)[:N])
+    count_length = len(str(max(top_items.values())))
+
+    for i, key in enumerate(top_items):
+        yield i, f'{i + 1:3} : [{top_items[key]:{count_length}}] {key}'
+
+
+def main(screen):
+    """
+    Main function to read input lines, maintain a count of each unique line, and
+    periodically display the top N lines with the highest counts using curses.
+    
+    :param screen: A curses window object
+    """
+    if not sys.stdin.isatty():  # Check if the input comes from a pipe
+        # Initialize an empty dictionary to store unique input lines and their counts
+        toplist = {}
+
+        # Set the next screen update time
+        t_update = time.time() + 1
+
+        for line in sys.stdin:
+            line = line.strip()
+
+            # Increment the count for each unique input line
+            if line in toplist:
+                toplist[line] += 1
+            else:
+                toplist[line] = 1
+
+            # Periodically update the screen with the top N lines
+            if time.time() > t_update:
+                for idx, line in gen_output(toplist):
+                    screen.addstr(idx, 0, line)
+                screen.refresh()
+                t_update = time.time() + 1
+
+        # Clean up the curses environment and print the final top N lines
+        curses.endwin()
+        for idx, line in gen_output(toplist):
+            print(line)
+    else:
+        print("Usage: cat input_file.txt | ./top_lines.py")
+        print("Or: ./top_lines.py < input_file.txt")
+
+# Initialize the curses library, run the main function, and restore the terminal state
+curses.wrapper(main)

codegrab/smtpbanner.py

@@ -0,0 +1,35 @@
+#!/usr/bin/env python
+
+# banner.py
+
+import sys
+import socket
+import argparse
+
+def grab(ip, port):
+    """Connects to the specified IP and port, retrieves data and returns the decoded response."""
+    try:
+        sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)  # TCP
+        sock.settimeout(5)  # Set a timeout of 5 seconds
+        sock.connect((ip, port))
+        ret = sock.recv(1024)
+        return ret.strip().decode()
+    except socket.error as e:
+        return f"Connection error: {e}"
+    finally:
+        sock.close()
+
+def main():
+    parser = argparse.ArgumentParser(description="Retrieve banner information from the specified IP and port.")
+    parser.add_argument("ip", help="The target IP address")
+    parser.add_argument("-p", "--port", type=int, default=25, help="The target port (default: 25)")
+    
+    args = parser.parse_args()
+    
+    ip = args.ip
+    port = args.port
+    
+    print(grab(ip, port))
+
+if __name__ == "__main__":
+    main()

codegrab/uniq.py

@@ -0,0 +1,9 @@
+#!/usr/bin/env python3
+import sys
+
+hashes=set()
+for line in sys.stdin:
+    h = hash(line)
+    if not h in hashes:
+        hashes.add(h)
+        print(line,end="")