Scott Piper 0xdabbad00
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Gist associated with http://0xdabbad00.com/2015/04/03/choosing_libraries_for_go_web_servers/ | |
| package main | |
| import ( | |
| "flag" | |
| "fmt" | |
| "net/http" | |
| log "github.com/Sirupsen/logrus" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Gist associated with http://0xdabbad00.com/2015/04/03/choosing_libraries_for_go_web_servers/ | |
| // ApplyProtectionFromCSRF makes all POST messages check for a csrf_token | |
| func (application *Application) ApplyProtectionFromCSRF(c *web.C, h http.Handler) http.Handler { | |
| fn := func(w http.ResponseWriter, r *http.Request) { | |
| protected := nosurf.New(h) | |
| failureHandler := func(w http.ResponseWriter, r *http.Request) { | |
| log.Errorf("Possible CSRF attack") | |
| w.Write([]byte("400: Request could not be handled")) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ USN file parse script for IceBuddha.com, based on http://shark5terforensics.blogspot.com/2015/03/manually-parsing-unallocated-usn.html | |
| """ | |
| import icebuddha | |
| __author__ = "0xdabbad00" | |
| __license__ = "Apache" | |
| class Parse: | |
| def run(self, data): | |
| filedata = data |
0xdabbad00
/ privileges.txt
Last active
April 20, 2021 18:28
AWS IAM privileges as found using the AWS Policy Generator described at https://summitroute.com/blog/2018/06/28/aws_iam_vs_api_vs_cloudtrail/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| a4b:AssociateDeviceWithRoom | |
| a4b:AssociateSkillGroupWithRoom | |
| a4b:CreateProfile | |
| a4b:CreateRoom | |
| a4b:CreateSkillGroup | |
| a4b:CreateUser | |
| a4b:DeleteProfile | |
| a4b:DeleteRoom | |
| a4b:DeleteRoomSkillParameter | |
| a4b:DeleteSkillGroup |
0xdabbad00
/ privilege_verbs.txt
Last active
October 6, 2019 22:13
AWS IAM privilege verbs, use https://gist.github.com/0xdabbad00/fa918ad85c0c3f0e0fa9a3f6b53696de and `cat privileges.txt | sed 's/.*://' | sed 's/\([A-Z][a-z]*\).*/\1/' | sort | uniq -c` and then removed the one letter apigateway results.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 5 Abort | |
| 9 Accept | |
| 3 Acknowledge | |
| 4 Activate | |
| 48 Add | |
| 23 Admin | |
| 6 Allocate | |
| 4 Apply | |
| 2 Approve | |
| 1 Archive |
0xdabbad00
/ SecurityAudit-expanded.txt
Created
July 24, 2018 17:04
SecurityAudit IAM privileges expanded
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| acm:ListCertificates | |
| application-autoscaling:DescribeScalableTargets | |
| application-autoscaling:DescribeScalingActivities | |
| application-autoscaling:DescribeScalingPolicies | |
| application-autoscaling:DescribeScheduledActions | |
| autoscaling:DescribeAccountLimits | |
| autoscaling:DescribeAdjustmentTypes | |
| autoscaling:DescribeAutoScalingGroups | |
| autoscaling:DescribeAutoScalingInstances | |
| autoscaling:DescribeAutoScalingNotificationTypes |
0xdabbad00
/ ViewOnlyAccess-expanded.txt
Created
July 24, 2018 17:05
ViewOnlyAccess IAM privileges expanded
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| acm:ListCertificates | |
| application-autoscaling:DescribeScalableTargets | |
| application-autoscaling:DescribeScalingActivities | |
| application-autoscaling:DescribeScalingPolicies | |
| application-autoscaling:DescribeScheduledActions | |
| athena:ListNamedQueries | |
| athena:ListQueryExecutions | |
| autoscaling:DescribeAccountLimits | |
| autoscaling:DescribeAdjustmentTypes | |
| autoscaling:DescribeAutoScalingGroups |
0xdabbad00
/ aws actions
Created
August 3, 2018 17:10
AWS API calls as extracted from boto using the technique on https://github.com/duo-labs/cloudtracker#aws_actionstxt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| a4b:AssociateContactWithAddressBook | |
| a4b:AssociateDeviceWithRoom | |
| a4b:AssociateSkillGroupWithRoom | |
| a4b:CreateAddressBook | |
| a4b:CreateContact | |
| a4b:CreateProfile | |
| a4b:CreateRoom | |
| a4b:CreateSkillGroup | |
| a4b:CreateUser | |
| a4b:DeleteAddressBook |
0xdabbad00
/ gist:e25cf5599881c13d3b644bc4109cf619
Created
August 9, 2018 14:40
trailblazer output (https://github.com/willbengtson/trailblazer-aws). Did have to comment out the call for s3 `upload_file` and `upload_fileobj`. Output sorted and the header line moved back to the top.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| EventSource, EventName, Recorded Name, Match | |
| a4b, AssociateDeviceWithRoom, associatedevicewithroom, True | |
| a4b, AssociateSkillGroupWithRoom, associateskillgroupwithroom, True | |
| a4b, CreateProfile, createprofile, True | |
| a4b, CreateRoom, createroom, True | |
| a4b, CreateSkillGroup, createskillgroup, True | |
| a4b, CreateUser, createuser, True | |
| a4b, DeleteProfile, deleteprofile, True | |
| a4b, DeleteRoom, deleteroom, True | |
| a4b, DeleteRoomSkillParameter, deleteroomskillparameter, True |
0xdabbad00
/ security_assessment_access.template
Created
August 15, 2018 22:30
CloudFormation template used for security assessments
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| AWSTemplateFormatVersion: '2010-09-09' | |
| Description: 'Provides Summit Route with the ability to perform a security assessment on this account. An IAM role is created to provide view-only access of the metadata in the account. Read and write access to the Athena and Glue services is also granted for CloudTrail log analysis, and if the S3 bucket for the CloudTrail logs is provided, then read access is granted to that bucket.' | |
| Parameters: | |
| S3Bucket: | |
| Description: 'S3 bucket for CloudTrail logs (optional). Example: For the bucket "s3://mycloudtrail", you would put "mycloudtrail" (without quotes) here.' | |
| Type: 'String' | |
| Conditions: | |
| HasS3Bucket: !Not [ !Equals ['', !Ref 'S3Bucket']] | |
| Resources: | |
| CFNSummitRouteRole: |
OlderNewer