clong

#! /bin/bash

sudo su
apt-get update && apt-get upgrade -y && apt-get install -y build-essential golang git jq auditd
cd /root

# Update Golang from 1.2 to 1.7 or compilation of go-audit will fail
wget https://storage.googleapis.com/golang/go1.7.linux-amd64.tar.gz
tar -xvf go1.7.linux-amd64.tar.gz
mv go /usr/local

wxsBSD

Disclaimer

Everything I'm talking about below is not new, but I thought it was an interesting idea and realized I already had the majority of pieces in place to play with it. I want to share what I learned. If you are at all interested in exploring this topic further a good paper on it is here. Also, a few years ago IOActive published a blog post on the technique which is also a good read. Finally, the last two paragraphs in section 6 of RFC5246 clearly document the problem the best I've been able to find:

Any protocol designed for use over TLS must be carefully designed to
deal with all possible attacks against it.  As a practical matter,
this means that the protocol designer must be aware of what security
properties TLS does and does not provide and cannot safely rely on
the latter.

complexsplit

#!/usr/bin/python
import netaddr
import json 
import DNS # dns-python in ubuntu http://sourceforge.net/projects/pydns/ 
import urllib

awstotal = 0
gcptotal = 0

AWSURL = 'https://ip-ranges.amazonaws.com/ip-ranges.json'

wxsBSD

SSL Profiling in Bro

I wrote profiling applications over SSL recently and this is my attempt at doing so in Bro. I haven't written a Bro script before this one so I'm betting I've got a bunch of things wrong here. The code comes in two parts. The first is the main script which has the core logic. The second part is the "local" script which defines the application profiles you are interested in.

The Main Script

@load base/protocols/conn
@load base/protocols/ssl
@load base/frameworks/notice

husobee

package main

import (
	"crypto/tls"
	"encoding/json"
	"fmt"
	"log"
	"net"
	"net/http"
)

x0rz

# Simulate fake processes of analysis sandbox/VM that some malware will try to evade
# This just spawn ping.exe with different names (wireshark.exe, vboxtray.exe, ...)
# It's just a PoC and it's ugly as f*ck but hey, if it works...

# Usage: .\fake_sandbox.ps1 -action {start,stop}

param([Parameter(Mandatory=$true)][string]$action)

$fakeProcesses = @("wireshark.exe", "vmacthlp.exe", "VBoxService.exe",
    "VBoxTray.exe", "procmon.exe", "ollydbg.exe", "vmware-tray.exe",

chanj

INTRO
I get asked regularly for good resources on AWS security. This gist collects some of these resources (docs, blogs, talks, open source tools, etc.). Feel free to suggest and contribute. 

Short Link: http://tiny.cc/awssecurity

Official AWS Security Resources
* Security Blog - http://blogs.aws.amazon.com/security/
* Security Advisories - http://aws.amazon.com/security/security-bulletins/
* Security Whitepaper (AWS Security Processes/Practices) - http://media.amazonwebservices.com/pdf/AWS_Security_Whitepaper.pdf
* Security Best Practices Whitepaper - http://media.amazonwebservices.com/AWS_Security_Best_Practices.pdf 

salrashid123

#!/usr/bin/python
# https://cloud.google.com/iam/docs/creating-short-lived-service-account-credentials

import logging
import os
import sys
import json
import time
import pprint

honkskillet

byte-size tuts

by alexander white ©

golang tutorials

• 0 - installation on a Mac
• 1 - packages
• 2 - remote packages
• 3 - variable syntax
• 4 - functions syntax
• 5 - loops syntax

omnidan

#!/usr/bin/env python
"""
Copyright (c) 2011, Daniel Bugl
All rights reserved.

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright
   notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright