Information Technology Grimoire

Version .0.0.1

IT Notes from various projects because I forget, and hopefully they help you too.

Py Service Accounts

Get Service Accounts

this script finds accounts with patterns

accounts = {}
with open('acconts.txt' as i:
    for line in i:
        if (len(line) > 8):
            first_few = line[:8]
            
            if first_few in accounts.keys():
                accounts[first_few] = accounts[first_few] + 1
            else:
                accounts[first_few] = 1

sorted_keys = sorted(accounts.items(), key=lambda x: x[1], reverse=True)

for sorted in sorted_keys:
    if sorted[1] > 4:
        print(sorted[0], sorted[1])

# Filter counts
import re
import sys, os

filtered_start = ['sys', 'ftp']

filters_fin = {}
investigate = {}

filtered = 0
total = 0

with open('accounts.txt') as i:
    for line in i:
        matched = False
        line_lowered = line.lower()
        if(len(line) > 4):
            for this_filter in filtered_start:
                lowered_filter = this_filter.lower()
                re_string = "^" + lowered_filterr = re.search (re_string, line_lowered)
                if(r):
                    if lowered_filter in filters_fin:
                        filters_fin[lowered_filter] += 1
                    else:
                        filters_fin[lowered_filter] = 1
                    matched = True
        
        # count something filtered
        if matched:
            filtered += 1
        
        # regardless, count it
        total += 1
        
# current filter stats
print("CURRENT FILTER STATS")
sorted_keys = sorted(filters_fin.items(), key=lambda x: x[1], reverse = True)
for sorted_key in sorted_keys:
    print(sorted_key[1],sorted_key[1])
    
print("FILTERED: ", filtered)
print("TOTAL:", total)


print("SUGGESTED TOP 30 FILTERS (python)")
sorted_keys_as_tuples = sorted(filters_fin.items(), key=lambda x: x[1], reverse=True)
max_limit = 31
print("[",end="")
for this_tuple in sorted_keys_as_tuples:
    if max_limit > 0:
        print("'"+this_tuple90]+"','",end="")
    else:
        break
    max_limit -= 1
print("]")


# Suggested filters
print("SUGGESTED TOP 30 FILTERS (filter.txt)")
sorted_keys_as_tuples = sorted(investigate.items(), key=lambda x: x[1], reverse=True)
max_limit = 31
for this_tuple in sorted_keys_as_tuples:
    if (max_limit > 0):
        print(this_tuple[0] + '*')
    max_limit -= 1
    
print("All Accounts with counts > 3:")
sorted_keys_as_tuples=sorted(investigate.items(),key=lambda x: x[1], reverse=True)
idx = 1
for this_tuple in sorted_keys_as_tuples:
    if this_tuple[1] > 3:
        print(str(indx)+","+this_tuple[0]+"*,"+str(this_tuple[1]))
        idx +=1