Andres Riancho andresriancho

## s3-query.sql
SELECT eventtime,
         eventname,
         requestparameters,
         awsregion,
         eventsource,
         resources
FROM cloudtrail_662651605507
WHERE year = '2019'
        AND month IN ('7', '8', '9', '10', '11')
        AND eventsource = 's3.amazonaws.com'

## query.sql
SELECT eventtime,
         eventname,
         requestparameters,
         awsregion,
         eventsource,
         resources
FROM cloudtrail_662651605507
WHERE year = '2019'
        AND month IN ('7', '8', '9', '10', '11')
        AND eventsource = 'lambda.amazonaws.com'

## README.md

      
              2 files
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                andresriancho
                / README.md
            
            
              Created
              October 17, 2019 17:58
            
              
                guardduty-event-target.tf
              
          
    GuardDuty events sent via CloudWatch rules and SNS emails are ugly.
It is possible to improve them using inputTransformer.
guardduty-event-target.tf shows an example usage.

  
## get-display-name.py
import boto3

session = boto3.Session(profile_name='ariancho')
s3_client = session.client('s3')

display_name = s3_client.list_buckets()['Owner']['DisplayName']
print(display_name)

for bucket in s3_client.list_buckets()['Buckets']:
    print(s3_client.get_bucket_acl(Bucket=bucket['Name'])['Owner']['DisplayName'])

## bruteforce-2fa.py
import os
import sys
import time
import random
import subprocess

FNULL = open(os.devnull, 'w')

env = {'HTTPS_PROXY': 'http://localhost:8080/'}
cmd = ('aws --region us-east-1 --no-verify-ssl --profile=andres-root s3api delete-object'

## test.py
import timeit
import lz4.frame
import lzf
import zlib
#import snappy
import os
from timeit import Timer

DATA = open("test.py", "rb").read()
DLEN = len(DATA)

## source-code-review-atom.md

      
              1 file
            
          
              0 forks
            
          
              1 comment
            
          
              2 stars
            
          
                andresriancho
                / source-code-review-atom.md
            
            
              Last active
              July 23, 2018 21:44
            
              
                Ideas for source code review plugin for Atom
              
          
    User story

As an application security expert I use Atom to read source code. I would like to be able to have a plugin with features
that will help me identify vulnerabilities.
Ideas


Add annotations to the source code: Select a few lines of code, right click, "Add annotation",
text box appears, user types comments on the source code, clicks "Save". All annotations can be seen in a tab.
If the code has annotations then it is highlighted differently (change background color)


The plugin implements methods for searching for XSS, SQL injection, etc. The plugin adds a menu


## smart-contract-research.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                andresriancho
                / smart-contract-research.md
            
            
              Last active
              November 8, 2017 11:34
            
              
                Smart contracts research
              
          
    Research areas

How does Oraclize work? How do they use crypto to guarantee that they are providing
unmodified results for the HTTP queries?
Blogs


http://martin.swende.se/
https://pdaian.com/blog/solidity-anti-patterns-fun-with-inheritance-dag-abuse/
https://blog.trailofbits.com/2017/11/06/hands-on-the-ethernaut-ctf/


## gist:0c9f6e812c0b00858842957aafa6f115
### Keybase proof

I hereby claim:

  * I am andresriancho on github.
  * I am andresriancho (https://keybase.io/andresriancho) on keybase.
  * I have a public key whose fingerprint is 0FA5 D462 EA05 CBBF EAEE  1F14 E0ED B201 A7B2 7B69

To claim this, I am signing this object:

## linq-example.cs
using System;
using System.Linq;
using System.Collections.Generic;

class app {
  static void Main() {
    string[] names = { "Burke", "Connor", "Frank",
                       "Everett", "Albert", "George",
                       "Harris", "David" };
	SELECT eventtime,
	eventname,
	requestparameters,
	awsregion,
	eventsource,
	resources
	FROM cloudtrail_662651605507
	WHERE year = '2019'
	AND month IN ('7', '8', '9', '10', '11')
	AND eventsource = 's3.amazonaws.com'
	import boto3

	session = boto3.Session(profile_name='ariancho')
	s3_client = session.client('s3')

	display_name = s3_client.list_buckets()['Owner']['DisplayName']
	print(display_name)

	for bucket in s3_client.list_buckets()['Buckets']:
	print(s3_client.get_bucket_acl(Bucket=bucket['Name'])['Owner']['DisplayName'])
	import os
	import sys
	import time
	import random
	import subprocess

	FNULL = open(os.devnull, 'w')

	env = {'HTTPS_PROXY': 'http://localhost:8080/'}
	cmd = ('aws --region us-east-1 --no-verify-ssl --profile=andres-root s3api delete-object'
	import timeit
	import lz4.frame
	import lzf
	import zlib
	#import snappy
	import os
	from timeit import Timer

	DATA = open("test.py", "rb").read()
	DLEN = len(DATA)
	### Keybase proof

	I hereby claim:

	* I am andresriancho on github.
	* I am andresriancho (https://keybase.io/andresriancho) on keybase.
	* I have a public key whose fingerprint is 0FA5 D462 EA05 CBBF EAEE 1F14 E0ED B201 A7B2 7B69

	To claim this, I am signing this object:
	using System;
	using System.Linq;
	using System.Collections.Generic;

	class app {
	static void Main() {
	string[] names = { "Burke", "Connor", "Frank",
	"Everett", "Albert", "George",
	"Harris", "David" };